Enhancing container security by performing container vulnerability reduction based on static analysis of dynamically loaded symbols and system call blocking
US-2024220632-A1 · Jul 4, 2024 · US
Method and system for protecting against unknown malicious activities by determining a reputation of a link
US9317680B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9317680-B2 |
| Application number | US-90847710-A |
| Country | US |
| Kind code | B2 |
| Filing date | Oct 20, 2010 |
| Priority date | Oct 20, 2010 |
| Publication date | Apr 19, 2016 |
| Grant date | Apr 19, 2016 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A method and system for protecting against unknown malicious activities by determining a reputation of a link are disclosed. A reputation server queries a database including reputation information associated with a plurality of links to retrieve a reputation of a redirected link. The reputation information may indicate whether the links are associated with a malicious activity. The reputation of the redirected link may be associated with the original link to create a reputation of the original link.
First claim
Opening claim text (preview).
What is claimed is: 1. A method for determining a reputation for a link, comprising: receiving an original link and a redirected link at a reputation server from a client; receiving a protection policy from the client, the protection policy including rules indicating whether the client should be prevented from navigating to the original link; querying a database including reputation information associated with a plurality of links by a reputation server to retrieve a reputation of the redirected link, the reputation information indicating whether the links are associated with a malicious activity; associating the reputation of the redirected link with the original link to create a reputation of the original link; causing the reputation of the original link to be stored in the database, the reputation of the original link created from the reputation of the redirected link; querying the database to retrieve the reputation of the original link upon a subsequent action by a client; utilizing the reputation of the original link for the subsequent action; calculating a policy intersection based on the reputation of the original link and the protection policy, the policy intersection indicating whether the original link is associated with the malicious activity; and sending a notification to the client including the policy intersection for the original link indicating whether the original link is associated with the malicious activity. 2. The method of claim 1 , further comprising: receiving a notification from the reputation server at a client including the reputation of the original link; and calculating a policy intersection based on the reputation of the original link and a protection policy including rules indicating whether the client should be prevented from navigating to the original link; and providing an indication to block access to the original link if the policy intersection indicates that the original link is associated with the malicious activity. 3. The method of claim 1 , further comprising updating the database with the reputation of the original link. 4. The method of claim 1 , further comprising: querying the database to retrieve the reputation of the original link; determining whether the reputation of the original link matches the reputation of the redirected link; and updating the reputation of the original link to include the reputation of the redirected link if the reputations of the link and the redirected destination do not match. 5. The method of claim 1 , further comprising providing an indication to block access to the original link at the client if the reputation of the original link indicates that the original link is associated with the malicious activity. 6. The method of claim 1 , further comprising navigating to a final destination associated with the original link at the client if the notification indicates that the original link is not associated with the malicious activity. 7. The method of claim 1 , further comprising receiving the original link at the reputation server from a partner site hosted by a partner server based on a script operable to redirect the original link to point to the reputation server. 8. The method of claim 1 , wherein the redirected link is a final destination associated with the original link. 9. The method of claim 1 , wherein the redirected link is an intermediate destination associated with the original link. 10. The method of claim 1 , wherein the reputation information associated with the links comprises at least one of a rating, a reputation score and a content type. 11. A system for determining a reputation of a link, comprising: a database including reputation information associated with a plurality of links, the reputation information indicating whether the links are associated with a malicious activity; a processor; a computer readable memory; and processing instructions encoded in the computer readable memory, the processing instructions, when executed by the processor, operable to perform operations comprising: querying the database to retrieve a reputation of a redirected link; receiving an original link and the redirected link at the reputation server from a client; receiving a protection policy from the client, the protection policy including rules indicating whether the client should be prevented from navigating to the original link; associating the reputation of the redirected link with the original link to create a reputation of the original link; storing the reputation of the original link to be stored in the database, the reputation of the original link created from the reputation of the redirected link; querying the database to retrieve the reputation of the original link upon a subsequent action by a client; utilizing the reputation of the original link for the subsequent action; calculating a policy intersection based on the reputation of the original link and the protection policy, the policy intersection indicating whether the original link is associated with the malicious activity; and sending a notification to the client including the policy intersection for the original link indicating whether the original link is associated with the malicious activity. 12. The system of claim 11 , wherein the processing instructions are further operable to perform operations comprising updating the database with the reputation of the original link. 13. The system of claim 11 , wherein the processing instructions are further operable to perform operations comprising: querying the database to retrieve the reputation of the original link; determining whether the reputation of the original link matches the reputation of the redirected link; and updating the reputation of the original link to include the reputation of the redirected link if the reputations of the link and the redirected destination do not match. 14. The system of claim 11 , wherein the processing instructions are further operable to perform operations comprising receiving the original link at the reputation server from a partner site hosted by a partner server based on a script operable to redirect the original link to point to the reputation server. 15. The system of claim 11 , wherein the redirected link is a final destination associated with the original link. 16. The system of claim 11 , wherein the redirected link is an intermediate destination associated with the original link. 17. The system of claim 11 , wherein the reputation information associated with the links comprises at least one of a rating, a reputation score and a content type. 18. A non-transitory computer readable medium storing instructions for determining a reputation of a link, the instructions, when executed by a processor, configured to: determine an original link and a redirected link associated with the original link encountered at a client; retrieve a protection policy from a protection policy database associated with the client; query a database including reputation information with the original link and the redirected link to determine whether the links are associated with a malicious activity; associate the reputation of the redirected link with the original link to create a reputation of the original link; cause the reputation of the original link to be stored in the database, the reputation of the original link created from the reputation of the redirected link; query the database to retrieve the reputation of the original link upon a subsequent action by the client; utilize the reputation of th
Assignees
Inventors
Classifications
Authenticating web pages, e.g. with suspicious links · CPC title
service impersonation, e.g. phishing, pharming or web spoofing (detection of rogue wireless access points H04W12/12) · CPC title
Physics · mapped topic
Traffic logging, e.g. anomaly detection · CPC title
- G06F21/51Primary
at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9317680B2 cover?
- A method and system for protecting against unknown malicious activities by determining a reputation of a link are disclosed. A reputation server queries a database including reputation information associated with a plurality of links to retrieve a reputation of a redirected link. The reputation information may indicate whether the links are associated with a malicious activity. The reputation o…
- Who is the assignee on this patent?
- Carter Iii Russell Bertrand, Lall Pravat Kumar, Oitment Geoff, and 3 more
- What technology area does this patent fall under?
- Primary CPC classification G06F21/51. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Apr 19 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).