| 发明名称 | Time zero detection of infectious messages | ||
| 摘要 | Detecting infectious messages comprises performing an individual characteristic analysis of a message to determine whether the message is suspicious, determining whether a similar message has been noted previously in the event that the message is determined to be suspicious, classifying the message according to its individual characteristics and its similarity to the noted message in the event that a similar message has been noted previously. | ||
| 申请公布号 | US9154511(B1) | 申请公布日期 | 2015.10.06 |
| 申请号 | US200511156372 | 申请日期 | 2005.06.16 |
| 申请人 | Dell Software Inc. | 发明人 | Rihn Jennifer;Oliver Jonathan J. |
| 分类号 | G06F21/56;H04L29/06 | 主分类号 | G06F21/56 |
| 代理机构 | Lewis Roca Rothgerber LLP | 代理人 | Lewis Roca Rothgerber LLP |
| 主权项 | 1. A method for detecting infectious messages, comprising: receiving an individual message at a message forwarding device in a local network, the local network in communication with a global network, wherein the individual message has not yet been delivered to one or more recipients in the local network; executing instructions stored in memory, wherein execution of the instructions by a processor: performs an analysis of the individual message to determine similarity to known viruses, wherein the message is classified suspicious, wherein the individual message is not yet classified as either legitimate or infectious, anddetermines that a message previously received at the local network has been classified as suspicious; receiving information related to monitoring of electronic mail traffic in the global network, the information identifying increases in global messages corresponding to the message previously received and classified as suspicious at the local network; and executing further instructions stored in memory, wherein execution of the instructions by the processor: reclassifies the individual message according to: the analysis of the individual message resulting in classification of the individual message as suspicious,the similarity of the individual message to the message previously received and classified as suspicious at the local network, andthe presence of an increase in the global network of messages corresponding to the message previously received and classified as suspicious at the local network; andprocesses the individual message based on the reclassification whereby individual messages reclassified as infectious messages are quarantined from a delivery queue and not allowed to be redistributed by the message forwarding device in the local network. | ||
| 地址 | Round Rock TX US | ||