| 发明名称 |
Disambiguating conflicting content filter rules |
| 摘要 |
A content filtering mechanism is enhanced to resolve conflicts in filtering rules (e.g., those created by a whitelist, on the one hand, and a blacklist, on the other hand). Preferably, a conflict between or among content filtering rules is resolved by selecting among conflicting rules based on a notion of “risk” associated with the rules. According to this risk-based approach, when two or more rules conflict with one another, the particular rule whose risk value has a predetermined relationship (e.g., aligns most closely) with a risk level associated with the application (applying the rules) then takes precedence. By selecting among conflicting rules based on risk, the potential or actual conflicts are disambiguated, with the result being that the content is filtered appropriately. |
| 申请公布号 |
US9356937(B2) |
申请公布日期 |
2016.05.31 |
| 申请号 |
US201314078685 |
申请日期 |
2013.11.13 |
| 申请人 |
International Business Machines Corporation |
发明人 |
Hoy Jeffrey Robert;Albouyeh Shadi Eskamaei;Carter Bernadette Alexia;Trunzo Stephanie Lynn |
| 分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
Woycechowsky David B.;Judson David H. |
| 主权项 |
1. A method of protecting a computing device against exploitation by active content downloaded over a network, comprising:
instantiating an active content filter (ACF) application in association with the computing device; associating a risk value to each of a set of content filtering rules implemented by the ACF application; associating a risk level to the ACF application that implements the content filtering rules; upon receipt of active content, determining whether applying first and second rules of the set of content filtering rules to the active content results in a content filtering ambiguity; when applying the first and second rules to the active content results in a content filtering ambiguity, comparing risk values of each of the first and second rules with the risk level of the ACF application and, in response to the comparison, selecting one of the first and second rules whose risk value has a predetermined relationship to the risk level of the ACF application to thereby provide an improved ACF application; and applying the selected one of the first and second rules to filter the active content to enhance protection of the computing device against exploitation by the active content. |
| 地址 |
Armonk NY US |
