Hallucination Detection
US-2024394600-A1 · Nov 28, 2024 · US
Method and apparatus for detecting unauthorized bulk forwarding of sensitive data over a network
US8972510B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-8972510-B2 |
| Application number | US-201213604093-A |
| Country | US |
| Kind code | B2 |
| Filing date | Sep 5, 2012 |
| Priority date | Jun 12, 2012 |
| Publication date | Mar 3, 2015 |
| Grant date | Mar 3, 2015 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Methods and apparatus are provided for detecting unauthorized bulk forwarding of sensitive data over a network. A bulk forwarding of email from a first network environment is automatically detected by determining an arrival rate for internal emails received from within the first network environment into one or more user accounts; determining a sending rate for external emails sent from the one or more user accounts to a second network environment; and detecting the bulk forwarding of email from a given user account by comparing the arrival rate for internal emails and the sending rate for external emails. The bulk forwarding of email from a given user account can be detected by determining whether statistical models of the arrival rate for internal emails and of the sending rate for external emails are correlated in time.
First claim
Opening claim text (preview).
What is claimed is: 1. A method for automatically detecting bulk forwarding of email from a first network environment, comprising: determining an arrival rate for internal emails received from within said first network environment into one or more user accounts within said first network environment; determining a sending rate for external emails sent from said one or more user accounts to a second network environment; and detecting said bulk forwarding of email from a given one of said user accounts by comparing said arrival rate for said internal emails and said sending rate for said external emails. 2. The method of claim 1 , wherein said step of determining said arrival rate for said internal emails further comprises the step of obtaining a statistical model of said arriving internal emails. 3. The method of claim 1 , wherein said step of determining said sending rate for said external emails further comprises the step of obtaining a statistical model of said sent internal emails. 4. The method of claim 1 , wherein said step of determining said sending rate for said external emails sent from said one or more user accounts further comprises the steps of deriving a sending rate for said external emails sent from one or more computer systems connected to said first network environment and mapping said one or more user accounts to said one or more computer systems. 5. The method of claim 1 , wherein said step of detecting said bulk forwarding of email from said given one of said user accounts further comprises the step of determining whether a statistical model of said arrival rate for said internal emails and a statistical model of said sending rate for said external emails are correlated in time. 6. The method of claim 5 , wherein said step of determining whether said statistical models are correlated in time comprises an evaluation of one or more of timing, size, and content characteristics of said internal emails received from within said first network environment and said external emails sent from said one or more user accounts. 7. The method of claim 5 , wherein one or more of said statistical models comprise a discrete distribution of message sizes over a time window. 8. The method of claim 5 , wherein one or more of said statistical models measure similarity between a stream of said arriving internal emails and a stream of said sent external emails. 9. The method of claim 1 , further comprising the step of generating an alert for review.
Assignees
Inventors
Classifications
- G06Q10/107Primary
Computer-aided management of electronic mailing [e-mailing] · CPC title
using filtering or selective blocking · CPC title
- H04L51/52Primary
for supporting social networking services · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US8972510B2 cover?
- Methods and apparatus are provided for detecting unauthorized bulk forwarding of sensitive data over a network. A bulk forwarding of email from a first network environment is automatically detected by determining an arrival rate for internal emails received from within the first network environment into one or more user accounts; determining a sending rate for external emails sent from the one …
- Who is the assignee on this patent?
- Christodorescu Mihai, Rao Josyula R, Sailer Reiner, and 2 more
- What technology area does this patent fall under?
- Primary CPC classification G06Q10/107. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Mar 03 2015 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).