WO2004053621A3 - System and method for providing exploit protection with message tracking - Google Patents

System and method for providing exploit protection with message tracking Download PDF

Info

Publication number
WO2004053621A3
WO2004053621A3 PCT/IB2003/005714 IB0305714W WO2004053621A3 WO 2004053621 A3 WO2004053621 A3 WO 2004053621A3 IB 0305714 W IB0305714 W IB 0305714W WO 2004053621 A3 WO2004053621 A3 WO 2004053621A3
Authority
WO
WIPO (PCT)
Prior art keywords
attachment
message
component
protection
message tracking
Prior art date
Application number
PCT/IB2003/005714
Other languages
French (fr)
Other versions
WO2004053621A2 (en
Inventor
Gregory J Smith
James Card
Original Assignee
Nokia Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nokia Inc filed Critical Nokia Inc
Priority to AU2003302790A priority Critical patent/AU2003302790A1/en
Publication of WO2004053621A2 publication Critical patent/WO2004053621A2/en
Publication of WO2004053621A3 publication Critical patent/WO2004053621A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0245Filtering by information in the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/21Monitoring or handling of messages
    • H04L51/212Monitoring or handling of messages using filtering or selective blocking
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0263Rule management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/04Protocols for data compression, e.g. ROHC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/21Monitoring or handling of messages
    • H04L51/234Monitoring or handling of messages for tracking messages
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates

Abstract

A method and system for providing protection from exploits to devices coriected to a network. The system and method include a component for determining whether an encapsulation has been applied to an attachment associated with a message and unencapsulating such encapsulated attachment, and a component that performs at least one decompression of the attachment when the attachment is compressed. If it is determined that the message, including the attachment, is to be scanned, a component is included that determines whether a header, body, and/or attachment of the message includes exploits. A device that receives messages that are directed to the network employs the components above to provide exploit protection for at least one of the messages.
PCT/IB2003/005714 2002-12-11 2003-12-05 System and method for providing exploit protection with message tracking WO2004053621A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2003302790A AU2003302790A1 (en) 2002-12-11 2003-12-05 System and method for providing exploit protection with message tracking

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/317,296 2002-12-11
US10/317,296 US6941478B2 (en) 2001-04-13 2002-12-11 System and method for providing exploit protection with message tracking

Publications (2)

Publication Number Publication Date
WO2004053621A2 WO2004053621A2 (en) 2004-06-24
WO2004053621A3 true WO2004053621A3 (en) 2005-05-12

Family

ID=32506083

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2003/005714 WO2004053621A2 (en) 2002-12-11 2003-12-05 System and method for providing exploit protection with message tracking

Country Status (3)

Country Link
US (1) US6941478B2 (en)
AU (1) AU2003302790A1 (en)
WO (1) WO2004053621A2 (en)

Families Citing this family (54)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040073617A1 (en) 2000-06-19 2004-04-15 Milliken Walter Clark Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail
US7231606B2 (en) 2000-10-31 2007-06-12 Software Research, Inc. Method and system for testing websites
US7917585B2 (en) * 2001-06-21 2011-03-29 Cybersoft, Inc. Apparatus, methods and articles of manufacture for intercepting, examining and controlling code, data and files and their transfer
JP2003216448A (en) * 2002-01-17 2003-07-31 Ntt Docomo Inc Mobile communication terminal and data transmitting method
US8561167B2 (en) 2002-03-08 2013-10-15 Mcafee, Inc. Web reputation scoring
US7694128B2 (en) * 2002-03-08 2010-04-06 Mcafee, Inc. Systems and methods for secure communication delivery
US7903549B2 (en) 2002-03-08 2011-03-08 Secure Computing Corporation Content-based policy compliance systems and methods
US7693947B2 (en) 2002-03-08 2010-04-06 Mcafee, Inc. Systems and methods for graphically displaying messaging traffic
US8132250B2 (en) 2002-03-08 2012-03-06 Mcafee, Inc. Message profiling systems and methods
US7870203B2 (en) * 2002-03-08 2011-01-11 Mcafee, Inc. Methods and systems for exposing messaging reputation to an end user
US20030172291A1 (en) 2002-03-08 2003-09-11 Paul Judge Systems and methods for automated whitelisting in monitored communications
US8578480B2 (en) 2002-03-08 2013-11-05 Mcafee, Inc. Systems and methods for identifying potentially malicious messages
US7124438B2 (en) 2002-03-08 2006-10-17 Ciphertrust, Inc. Systems and methods for anomaly detection in patterns of monitored communications
US20060015942A1 (en) 2002-03-08 2006-01-19 Ciphertrust, Inc. Systems and methods for classification of messaging entities
US6941467B2 (en) * 2002-03-08 2005-09-06 Ciphertrust, Inc. Systems and methods for adaptive message interrogation through multiple queues
JP2004005436A (en) * 2002-03-28 2004-01-08 Seiko Epson Corp Information collecting system using e-mail
US20050081057A1 (en) * 2003-10-10 2005-04-14 Oded Cohen Method and system for preventing exploiting an email message
DE202004007324U1 (en) * 2003-12-01 2004-08-12 Weckemann, Andreas Brush with bristle protection
US7971254B1 (en) * 2004-01-28 2011-06-28 Netgear, Inc. Method and system for low-latency detection of viruses transmitted over a network
US7669059B2 (en) * 2004-03-23 2010-02-23 Network Equipment Technologies, Inc. Method and apparatus for detection of hostile software
US8134575B2 (en) 2004-09-30 2012-03-13 Microsoft Corporation Maintaining graphical presentations based on user customizations
US8510657B2 (en) 2004-09-30 2013-08-13 Microsoft Corporation Editing the text of an arbitrary graphic via a hierarchical list
US7348982B2 (en) 2004-09-30 2008-03-25 Microsoft Corporation Method, system, and computer-readable medium for creating and laying out a graphic within an application program
US8635690B2 (en) * 2004-11-05 2014-01-21 Mcafee, Inc. Reputation based message processing
US20060098623A1 (en) * 2004-11-08 2006-05-11 Christian Andrew D Voice data security method and apparatus
US8131804B2 (en) 2004-11-19 2012-03-06 J Michael Greata Method and apparatus for immunizing data in computer systems from corruption
US20060177014A1 (en) * 2005-02-07 2006-08-10 Jens Skakkebaek System and method for providing data on voicemail appliance
US7937480B2 (en) 2005-06-02 2011-05-03 Mcafee, Inc. Aggregation of reputation data
US9122643B2 (en) * 2005-12-08 2015-09-01 Nvidia Corporation Event trigger based data backup services
US8402322B2 (en) * 2005-12-08 2013-03-19 Nvidia Corporation Emergency data preservation services
US8438486B2 (en) 2006-02-09 2013-05-07 Microsoft Corporation Automatically converting text to business graphics
US7774459B2 (en) 2006-03-01 2010-08-10 Microsoft Corporation Honey monkey network exploration
GB0605117D0 (en) * 2006-03-14 2006-04-26 Streamshield Networks Ltd A method and apparatus for providing network security
US8151352B1 (en) * 2006-07-14 2012-04-03 Bitdefender IPR Managament Ltd. Anti-malware emulation systems and methods
US8763114B2 (en) 2007-01-24 2014-06-24 Mcafee, Inc. Detecting image spam
US8214497B2 (en) 2007-01-24 2012-07-03 Mcafee, Inc. Multi-dimensional reputation scoring
US7779156B2 (en) 2007-01-24 2010-08-17 Mcafee, Inc. Reputation based load balancing
US7949716B2 (en) 2007-01-24 2011-05-24 Mcafee, Inc. Correlation and analysis of entity attributes
US8179798B2 (en) 2007-01-24 2012-05-15 Mcafee, Inc. Reputation based connection throttling
US8601067B2 (en) 2007-04-30 2013-12-03 Mcafee, Inc. Electronic message manager system, method, and computer scanning an electronic message for unwanted content and associated unwanted sites
US8918864B2 (en) * 2007-06-05 2014-12-23 Mcafee, Inc. System, method, and computer program product for making a scan decision during communication of data over a network
US8185930B2 (en) 2007-11-06 2012-05-22 Mcafee, Inc. Adjusting filter or classification control settings
US8045458B2 (en) 2007-11-08 2011-10-25 Mcafee, Inc. Prioritizing network traffic
US8160975B2 (en) 2008-01-25 2012-04-17 Mcafee, Inc. Granular support vector machine with random granularity
US8589503B2 (en) 2008-04-04 2013-11-19 Mcafee, Inc. Prioritizing network traffic
US8095987B2 (en) * 2008-09-04 2012-01-10 Microsoft Corporation Software anti-piracy protection
US9053464B2 (en) * 2009-09-30 2015-06-09 Alcatel Lucent Information security method and appparatus
US8621638B2 (en) 2010-05-14 2013-12-31 Mcafee, Inc. Systems and methods for classification of messaging entities
US20120303728A1 (en) * 2011-05-26 2012-11-29 Fitzsimmons Andrew P Report generation system with reliable transfer
US9432489B2 (en) * 2012-06-05 2016-08-30 Intel Corporation Systems and methods for processing encoded data streams
US11665195B2 (en) 2017-08-31 2023-05-30 Barracuda Networks, Inc. System and method for email account takeover detection and remediation utilizing anonymized datasets
US11563757B2 (en) 2017-08-31 2023-01-24 Barracuda Networks, Inc. System and method for email account takeover detection and remediation utilizing AI models
US10778717B2 (en) 2017-08-31 2020-09-15 Barracuda Networks, Inc. System and method for email account takeover detection and remediation
US11588848B2 (en) 2021-01-05 2023-02-21 Bank Of America Corporation System and method for suspending a computing device suspected of being infected by a malicious code using a kill switch button

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6701440B1 (en) * 2000-01-06 2004-03-02 Networks Associates Technology, Inc. Method and system for protecting a computer using a remote e-mail scanning device

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5870610A (en) 1996-06-28 1999-02-09 Siemens Business Communication Systems, Inc. Autoconfigurable method and system having automated downloading
US5832228A (en) * 1996-07-30 1998-11-03 Itt Industries, Inc. System and method for providing multi-level security in computer devices utilized with non-secure networks
US5832208A (en) * 1996-09-05 1998-11-03 Cheyenne Software International Sales Corp. Anti-virus agent for use with databases and mail servers
US5815571A (en) * 1996-10-28 1998-09-29 Finley; Phillip Scott Computer system with secured data paths and method of protection
ATE444614T1 (en) * 1997-07-24 2009-10-15 Axway Inc EMAIL FIREWALL
US6205551B1 (en) * 1998-01-29 2001-03-20 Lucent Technologies Inc. Computer security using virus probing
US5987610A (en) * 1998-02-12 1999-11-16 Ameritech Corporation Computer virus screening methods and systems

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6701440B1 (en) * 2000-01-06 2004-03-02 Networks Associates Technology, Inc. Method and system for protecting a computer using a remote e-mail scanning device

Also Published As

Publication number Publication date
AU2003302790A8 (en) 2004-06-30
AU2003302790A1 (en) 2004-06-30
US20030088792A1 (en) 2003-05-08
US6941478B2 (en) 2005-09-06
WO2004053621A2 (en) 2004-06-24

Similar Documents

Publication Publication Date Title
WO2004053621A3 (en) System and method for providing exploit protection with message tracking
SG107595A1 (en) Semiconductor devices and semiconductor device components with peripherally located, castellated contacts, assembles and packages including such semiconductor devices or packages and associated methods
GB2357939B (en) Electronic mail message anti-virus system and method
WO2004027561A3 (en) Client-based message protocol translation
AU2003262041A8 (en) Authentication system, authentication device, terminal device, and authentication method
AU2002332279A1 (en) Communication method, communication device, and communication system
CA2413100A1 (en) Improved method for upgrading firmware in an electronic device
AU2002360584A1 (en) Systems and methods for monitoring network-based voice messaging systems
AU2002244577A1 (en) System and method for establishing call connections using electronic text messages
WO2004014049A3 (en) System for content communication and method therefor
AU2003227252A1 (en) Electronic locking system, locking management device, locking device management method, and program
WO2001075651A3 (en) Replacing an email attachment with an address specifying where the attachment is stored
AU2003252639A1 (en) Communicating method, transmitting device using the same, and receiving device using the same
AU2003242085A1 (en) Communication method, communication system, and communication device
ZA200407396B (en) Communication system and method.
HK1048848A1 (en) Battery state monitoring circuit and battery device.
AU2003263979A1 (en) Semiconductor quantum cryptographic device and method
MXPA03007003A (en) Multimedia messaging method and system.
EP1513262A4 (en) Communication method, communication system, and communication device
EP1566736A4 (en) Download system, communication terminal, server, and download method
WO2004082454A3 (en) Endovascular implant with an at least sectional active coating made of radjadone and/or a ratjadone derivative
AU6000699A (en) Semiconductor device, method of manufacture thereof, and electronic device
AU2002345653A1 (en) Diagnostic device, system and method
WO2006068756A3 (en) Recipient based scoping of location information
AU1034000A (en) Location sensitive multimedia messaging (mms)

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): BW GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP

DPE2 Request for preliminary examination filed before expiration of 19th month from priority date (pct application filed from 20040101)