Attributes of captured objects in a capture system

US 8,683,035 B2
Filed: 04/18/2011
Issued: 03/25/2014
Est. Priority Date: 05/22/2006
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

generating, by a computing device, one or more signatures for a first document;

registering the first document by storing the one or more signatures in a signature database;

querying the signature database to compare one or more signatures of a captured object to the one or more signatures of the first document, wherein the captured object is included in a second document sought for transmission in a network;

normalizing at least a portion of the second document into normalized text content before identifying the captured object in the second document, wherein the normalizing includes comparing normalization patterns to one or more source strings in the second document, wherein the comparing is performed on a source string of the one or more source strings according to a sequenced order of the normalization patterns from a more restrictive normalization pattern to a less restrictive normalization pattern, wherein the source string is normalized into at least a portion of the normalized text content based on a first match found during the comparison of the source string to the normalization patterns, wherein the normalized text content is tokenized into a list of tokens, and wherein the one or more signatures of the captured object are generated from the list of tokens; and

detecting an unauthorized transfer of registered content based on matching at least one of the signatures of the captured object to at least one of the signatures of the first document.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for capturing objects and balancing systems resources in a capture system are described. An object is captured, metadata associated with the objected generated, and the object and metadata stored.

410 Citations

16 Claims

1. A method, comprising:
- generating, by a computing device, one or more signatures for a first document;
  
  registering the first document by storing the one or more signatures in a signature database;
  
  querying the signature database to compare one or more signatures of a captured object to the one or more signatures of the first document, wherein the captured object is included in a second document sought for transmission in a network;
  
  normalizing at least a portion of the second document into normalized text content before identifying the captured object in the second document, wherein the normalizing includes comparing normalization patterns to one or more source strings in the second document, wherein the comparing is performed on a source string of the one or more source strings according to a sequenced order of the normalization patterns from a more restrictive normalization pattern to a less restrictive normalization pattern, wherein the source string is normalized into at least a portion of the normalized text content based on a first match found during the comparison of the source string to the normalization patterns, wherein the normalized text content is tokenized into a list of tokens, and wherein the one or more signatures of the captured object are generated from the list of tokens; and
  
  detecting an unauthorized transfer of registered content based on matching at least one of the signatures of the captured object to at least one of the signatures of the first document.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, further comprising:
    - soliciting a consent from a user, wherein if the consent is provided, the second document is permitted to be sent to the intended destination.
  - 3. The method of claim 2, wherein if the consent is not provided, additional packets are communicated in the network in order to cause a connection, which is associated with the attempted transmission of the second document, to fail.
  - 4. The method of claim 1, further comprising:
    - identifying a second user associated with the transmission of the second document.
  - 5. The method of claim 1, wherein content of the second document is identified by removing encapsulation associated with the second document.
  - 6. The method of claim 1, wherein content of the second document is identified by decoding at least a portion of the second document.
  - 7. The method of claim 1, wherein a subset of the list of tokens is generated based on a type of token defined by a normalization pattern matched by a source string, wherein one of the one or more signatures of the captured object is generated from the subset of the list of tokens.
  - 8. The method of claim 7, wherein at least some of the list of tokens have an associated priority value, which can be used to select the subset of the list of tokens.

9. At least one non-transitory machine-readable medium having instructions stored therein and when executed, the instructions cause one or more processors to:
- generate one or more signatures for a first document;
  
  register the first document by storing the one or more signatures in a signature database;
  
  query the signature database to compare one or more signatures of a captured object to the one or more signatures of the first document, wherein the captured object is included in a second document sought for transmission in a network;
  
  normalize at least a portion of the second document into normalized text content before identifying the captured object in the second document, wherein the normalizing includes comparing normalization patterns to one or more source strings in the second document, wherein the comparing is performed on a source string of the one or more source strings according to a sequenced order of the normalization patterns from a more restrictive normalization pattern to a less restrictive normalization pattern, wherein the source string is normalized into at least a portion of the normalized text content based on a first match found during the comparison of the source string to the normalization patterns, wherein the normalized text content is tokenized into a list of tokens, and wherein the one or more signatures of the captured object are generated from the list of tokens; and
  
  detect an unauthorized transfer of registered content based on matching at least one of the signatures of the captured object to at least one of the signatures of the first document.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The at least one non-transitory machine-readable medium of claim 9, wherein a subset of the list of tokens is generated based on a type of token defined by a normalization pattern matched by a source string, wherein one of the one or more signatures of the captured object is generated from the subset of the list of tokens.
  - 11. The at least one non-transitory machine-readable medium of claim 10, wherein at least some of the list of tokens have an associated priority value, which can be used to select the subset of the list of tokens.
  - 12. The at least one non-transitory machine-readable medium of claim 9, wherein the instructions further cause the one or more processors to:
    - solicit a consent from a user, wherein if the consent is provided, the second document is permitted to be sent to the intended destination.
  - 13. The at least one non-transitory machine-readable medium of claim 12, wherein if the consent is not provided, additional packets are communicated in the network in order to cause a connection, which is associated with the attempted transmission of the second document, to fail.
  - 14. The at least one non-transitory machine-readable medium of claim 9, wherein the instructions further cause the one or more processors to:
    - identify a second user associated with the transmission of the second document.
  - 15. The at least one non-transitory machine-readable medium of claim 9, wherein content of the second document is identified by removing encapsulation associated with the second document.
  - 16. The at least one non-transitory machine-readable medium of claim 9, wherein content of the second document is identified by decoding at least a portion of the second document.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, LLC
Original Assignee
McAfee, Inc. (McAfee, LLC)
Inventors
Ahuja, Ratinder Paul Singh, Deninger, William, de la Iglesia, Erik, Lowe, Rick
Primary Examiner(s)
Etienne, Ario
Assistant Examiner(s)
Williams, Clayton R

Application Number

US13/089,158
Publication Number

US 20110197284A1
Time in Patent Office

1,072 Days
Field of Search

None
US Class Current

709/224
CPC Class Codes

H04L 43/106   using time related informat...

H04L 43/18   Protocol analysers

H04L 43/50   Testing arrangements

H04L 63/0209   Architectural arrangements,...

Attributes of captured objects in a capture system

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

410 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Attributes of captured objects in a capture system

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

410 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links