Web site computer security using client hygiene scores
First Claim
1. A computer-implemented method of providing computer security, comprising:
- receiving, by one or more computer processors, from a plurality of clients, data describing client hygiene scores for the clients and describing a plurality of web sites visited by the clients, the client hygiene score for a client calculated responsive to an amount of malicious software detected at the client based on a scan of the client;
determining, by one or more computer processors, a secondary hygiene score for a web site of the plurality of web sites visited by the clients based at least in part on client hygiene scores of clients that visited the web site;
identifying, by one or more computer processors, a file hosted by the web site; and
calculating and storing, by one or more computer processors, a reputation score for the file responsive to the secondary hygiene score of the web site that hosts the file.
5 Assignments
0 Petitions
Accused Products
Abstract
A reputation server is coupled to multiple clients via a network. Each client has a security module that detects malware at the client. The security module computes a hygiene score based on detected malware. The security module provides the hygiene score and an identifier of a visited web site to a reputation server. The security module also provides identifiers of files encountered at specified web sites to the reputation server. The reputation server computes secondary hygiene scores for web sites based on the hygiene scores of the clients that visit the web sites. The reputation server further computes reputation scores for files based on the secondary hygiene scores of sites that host the files. The reputation server provides the reputation scores to the clients. A reputation score represents an assessment of whether the associated file is malicious.
76 Citations
20 Claims
-
1. A computer-implemented method of providing computer security, comprising:
-
receiving, by one or more computer processors, from a plurality of clients, data describing client hygiene scores for the clients and describing a plurality of web sites visited by the clients, the client hygiene score for a client calculated responsive to an amount of malicious software detected at the client based on a scan of the client; determining, by one or more computer processors, a secondary hygiene score for a web site of the plurality of web sites visited by the clients based at least in part on client hygiene scores of clients that visited the web site; identifying, by one or more computer processors, a file hosted by the web site; and calculating and storing, by one or more computer processors, a reputation score for the file responsive to the secondary hygiene score of the web site that hosts the file. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system for providing computer security, comprising:
-
a non-transitory computer-readable storage medium storing executable computer program modules comprising; a hygiene cache module for receiving from a plurality of clients data describing client hygiene scores for the clients and describing a plurality of web sites visited by the clients, and for storing the client hygiene scores associated with the plurality of clients, the client hygiene score for a client calculated responsive to an amount of malicious software detected at the client based on a scan of the client; a hygiene computation module for calculating a secondary hygiene score for a web site of the plurality of web sites visited by the clients based at least in part on client hygiene scores of clients that visited the web site; and a reputation computation module for calculating and storing a reputation score for a file hosted by the web site responsive to the secondary hygiene score of the web site; and a processor and a memory for executing the computer program modules. - View Dependent Claims (13, 14, 15, 16, 17)
-
-
18. A non-transitory computer-readable storage medium with executable computer program instructions embodied therein for providing security, the computer program instructions comprising:
-
a hygiene cache module for receiving from a plurality of clients data describing client hygiene scores for the clients and describing a plurality of web sites visited by the clients, and for storing the client hygiene scores associated with the plurality of clients, the client hygiene score for a client calculated responsive to an amount of malicious software detected at the client based on a scan of the client; a hygiene computation module for calculating a secondary hygiene score for a web site of the plurality of web sites visited by the clients based at least in part on client hygiene scores of clients that visited the web site; and a reputation computation module for calculating and storing a reputation score for a file hosted by the web site responsive to the secondary hygiene score of the web site. - View Dependent Claims (19, 20)
-
Specification