WO2005036892A3 - A method and system for preventing exploiting an email message - Google Patents

A method and system for preventing exploiting an email message Download PDF

Info

Publication number
WO2005036892A3
WO2005036892A3 PCT/IL2004/000861 IL2004000861W WO2005036892A3 WO 2005036892 A3 WO2005036892 A3 WO 2005036892A3 IL 2004000861 W IL2004000861 W IL 2004000861W WO 2005036892 A3 WO2005036892 A3 WO 2005036892A3
Authority
WO
WIPO (PCT)
Prior art keywords
email message
preventing
exploiting
component
components
Prior art date
Application number
PCT/IL2004/000861
Other languages
French (fr)
Other versions
WO2005036892A2 (en
Inventor
Oded Cohen
Yanki Margalit
Dany Margalit
Original Assignee
Aladdin Knowledge Systems Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Aladdin Knowledge Systems Ltd filed Critical Aladdin Knowledge Systems Ltd
Priority to EP04770532.2A priority Critical patent/EP1671232A4/en
Priority to JP2006531009A priority patent/JP2007512585A/en
Publication of WO2005036892A2 publication Critical patent/WO2005036892A2/en
Publication of WO2005036892A3 publication Critical patent/WO2005036892A3/en
Priority to IL174901A priority patent/IL174901A0/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail

Abstract

The present invention relates to a method for preventing exploiting an email message and a system thereof. The method comprising: decomposing the email message to its components; for each of the components, correcting the structural form (e.g. structure, format, and content) of the component to comply with common rules thereof whenever the structural form of the component deviates from the rules; and recomposing the email message from its components (in their recent state). The rules relate to email messages structure, for preventing malformed structure of email messages, for preventing exploiting an email message, etc. In case where the structural form of the component cannot be identified, the component may not be included within the recomposed email message, or included as is to the recomposed email message.
PCT/IL2004/000861 2003-10-10 2004-09-19 A method and system for preventing exploiting an email message WO2005036892A2 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
EP04770532.2A EP1671232A4 (en) 2003-10-10 2004-09-19 A method and system for preventing exploiting an email message
JP2006531009A JP2007512585A (en) 2003-10-10 2004-09-19 Method and system for preventing abuse of email messages
IL174901A IL174901A0 (en) 2003-10-10 2006-04-10 A method and system for preventing exploiting an email message

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/681,904 US20050081057A1 (en) 2003-10-10 2003-10-10 Method and system for preventing exploiting an email message
US10/681,904 2003-10-10

Publications (2)

Publication Number Publication Date
WO2005036892A2 WO2005036892A2 (en) 2005-04-21
WO2005036892A3 true WO2005036892A3 (en) 2005-07-14

Family

ID=34422382

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IL2004/000861 WO2005036892A2 (en) 2003-10-10 2004-09-19 A method and system for preventing exploiting an email message

Country Status (6)

Country Link
US (2) US20050081057A1 (en)
EP (1) EP1671232A4 (en)
JP (1) JP2007512585A (en)
CN (1) CN1882921A (en)
RU (1) RU2351003C2 (en)
WO (1) WO2005036892A2 (en)

Families Citing this family (33)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7926113B1 (en) 2003-06-09 2011-04-12 Tenable Network Security, Inc. System and method for managing network vulnerability analysis systems
US20050198305A1 (en) * 2004-03-04 2005-09-08 Peter Pezaris Method and system for associating a thread with content in a social networking environment
US7761918B2 (en) * 2004-04-13 2010-07-20 Tenable Network Security, Inc. System and method for scanning a network
US8832200B2 (en) 2004-07-19 2014-09-09 International Business Machines Corporation Logging external events in a persistent human-to-human conversational space
US20060069734A1 (en) * 2004-09-01 2006-03-30 Michael Gersh Method and system for organizing and displaying message threads
US20060265383A1 (en) * 2005-05-18 2006-11-23 Pezaris Design, Inc. Method and system for performing and sorting a content search
AU2012258355B9 (en) * 2005-06-09 2015-06-11 Glasswall (Ip) Limited Resisting the Spread of Unwanted Code and Data
GB2427048A (en) 2005-06-09 2006-12-13 Avecho Group Ltd Detection of unwanted code or data in electronic mail
US8522347B2 (en) * 2009-03-16 2013-08-27 Sonicwall, Inc. Real-time network updates for malicious content
US9729513B2 (en) 2007-11-08 2017-08-08 Glasswall (Ip) Limited Using multiple layers of policy management to manage risk
GB2444514A (en) * 2006-12-04 2008-06-11 Glasswall Electronic file re-generation
US8024801B2 (en) * 2007-08-22 2011-09-20 Agere Systems Inc. Networked computer system with reduced vulnerability to directed attacks
US7428702B1 (en) 2008-01-27 2008-09-23 International Business Machines Corporation Method and system for dynamic message correction
US8954725B2 (en) * 2009-05-08 2015-02-10 Microsoft Technology Licensing, Llc Sanitization of packets
US8438270B2 (en) * 2010-01-26 2013-05-07 Tenable Network Security, Inc. System and method for correlating network identities and addresses
US8302198B2 (en) 2010-01-28 2012-10-30 Tenable Network Security, Inc. System and method for enabling remote registry service security audits
CN101800680A (en) * 2010-03-05 2010-08-11 中兴通讯股份有限公司 Test device and test method of telecommunication system
US8707440B2 (en) * 2010-03-22 2014-04-22 Tenable Network Security, Inc. System and method for passively identifying encrypted and interactive network sessions
US8412786B2 (en) 2010-04-20 2013-04-02 Sprint Communications Company L.P. Decomposition and delivery of message objects based on user instructions
US8549650B2 (en) 2010-05-06 2013-10-01 Tenable Network Security, Inc. System and method for three-dimensional visualization of vulnerability and asset data
GB201008868D0 (en) * 2010-05-27 2010-07-14 Qinetiq Ltd Computer security
US9367707B2 (en) 2012-02-23 2016-06-14 Tenable Network Security, Inc. System and method for using file hashes to track data leakage and document propagation in a network
US9043920B2 (en) 2012-06-27 2015-05-26 Tenable Network Security, Inc. System and method for identifying exploitable weak points in a network
US9088606B2 (en) 2012-07-05 2015-07-21 Tenable Network Security, Inc. System and method for strategic anti-malware monitoring
US9467464B2 (en) 2013-03-15 2016-10-11 Tenable Network Security, Inc. System and method for correlating log data to discover network vulnerabilities and assets
GB2518880A (en) 2013-10-04 2015-04-08 Glasswall Ip Ltd Anti-Malware mobile content data management apparatus and method
US9330264B1 (en) 2014-11-26 2016-05-03 Glasswall (Ip) Limited Statistical analytic method for the determination of the risk posed by file based content
US10057237B2 (en) * 2015-02-17 2018-08-21 Ca, Inc. Provide insensitive summary for an encrypted document
US20180262457A1 (en) * 2017-03-09 2018-09-13 Microsoft Technology Licensing, Llc Self-debugging of electronic message bugs
CN108322543A (en) * 2018-02-13 2018-07-24 南京达沙信息科技有限公司 A kind of refrigeration mode meteorology software management system and its method
US10397272B1 (en) 2018-05-10 2019-08-27 Capital One Services, Llc Systems and methods of detecting email-based attacks through machine learning
CN109039863B (en) * 2018-08-01 2021-06-22 北京明朝万达科技股份有限公司 Self-learning-based mail security detection method and device and storage medium
CN111092902B (en) * 2019-12-26 2020-12-25 中国科学院信息工程研究所 Attachment camouflage-oriented fishfork attack mail discovery method and device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5832208A (en) * 1996-09-05 1998-11-03 Cheyenne Software International Sales Corp. Anti-virus agent for use with databases and mail servers
US5841982A (en) * 1996-06-17 1998-11-24 Brouwer; Derek J. Method and system for testing the operation of an electronic mail switch
US6757830B1 (en) * 2000-10-03 2004-06-29 Networks Associates Technology, Inc. Detecting unwanted properties in received email messages

Family Cites Families (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
ATE347200T1 (en) * 1997-07-24 2006-12-15 Tumbleweed Comm Corp ELECTRONIC MAIL FIREWALL WITH ENCRYPTION/DECRYPTION USING STORED KEYS
US6868498B1 (en) * 1999-09-01 2005-03-15 Peter L. Katsikas System for eliminating unauthorized electronic mail
US6701440B1 (en) * 2000-01-06 2004-03-02 Networks Associates Technology, Inc. Method and system for protecting a computer using a remote e-mail scanning device
GB2357939B (en) * 2000-07-05 2002-05-15 Gfi Fax & Voice Ltd Electronic mail message anti-virus system and method
EP1388068B1 (en) * 2001-04-13 2015-08-12 Nokia Technologies Oy System and method for providing exploit protection for networks
US6941478B2 (en) * 2001-04-13 2005-09-06 Nokia, Inc. System and method for providing exploit protection with message tracking
US20030097409A1 (en) * 2001-10-05 2003-05-22 Hungchou Tsai Systems and methods for securing computers
US7363506B2 (en) * 2002-01-30 2008-04-22 Cybersoft, Inc. Software virus detection methods, apparatus and articles of manufacture
TWI220715B (en) * 2002-02-22 2004-09-01 Taiwan Knowledge Bank Co Ltd Video/audio multimedia web mail system, editing and processing method
US20030172291A1 (en) * 2002-03-08 2003-09-11 Paul Judge Systems and methods for automated whitelisting in monitored communications
GB2383444B (en) * 2002-05-08 2003-12-03 Gfi Software Ltd System and method for detecting a potentially malicious executable file
US9338026B2 (en) * 2003-09-22 2016-05-10 Axway Inc. Delay technique in e-mail filtering system
GB2427048A (en) * 2005-06-09 2006-12-13 Avecho Group Ltd Detection of unwanted code or data in electronic mail

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5841982A (en) * 1996-06-17 1998-11-24 Brouwer; Derek J. Method and system for testing the operation of an electronic mail switch
US5832208A (en) * 1996-09-05 1998-11-03 Cheyenne Software International Sales Corp. Anti-virus agent for use with databases and mail servers
US6757830B1 (en) * 2000-10-03 2004-06-29 Networks Associates Technology, Inc. Detecting unwanted properties in received email messages

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
KROTZ L.: "Hello! You've got spam", NATIONAL POST, May 2003 (2003-05-01), pages SP6 *
YOO ET AL.: "How to predict email viruses under uncertainty", IEEE, 2004, pages 675 - 679, XP010725666 *

Also Published As

Publication number Publication date
WO2005036892A2 (en) 2005-04-21
EP1671232A4 (en) 2013-04-10
RU2351003C2 (en) 2009-03-27
US20070277238A1 (en) 2007-11-29
RU2006115595A (en) 2007-11-27
JP2007512585A (en) 2007-05-17
EP1671232A2 (en) 2006-06-21
CN1882921A (en) 2006-12-20
US20050081057A1 (en) 2005-04-14

Similar Documents

Publication Publication Date Title
WO2005036892A3 (en) A method and system for preventing exploiting an email message
WO2003093946A3 (en) Systems and methods for collaborative business plug-ins
WO2008061171A3 (en) Process for abuse mitigation
WO2005010707A3 (en) Electronic mail control system
WO2006130259A3 (en) Efficient processing of time-bounded messages
DK1680900T3 (en) CONFIGURABLE PROTOCOL MACHINE
WO2007079419A3 (en) Vehicle email notification using templates
WO2002021316A3 (en) Mechanism and method for continuous operation of a rule server
WO2000078005A3 (en) Apparatus and method for internet advertising
WO2007064878A3 (en) System and method for exchanging information among exchange applications
WO2002050748A3 (en) System and method for controlling inclusion of email content
AU2002357029A1 (en) Method and system for contextual prioritization of unified messages
WO2005070090A3 (en) Regulatory t cells suppress autoimmunity
WO2007023494A3 (en) Messaging system and method
WO2005104415A3 (en) Method for dynamic application of rights management policy
WO2006081024A3 (en) Method and system of determining a hierarchical structure
WO2002088893A3 (en) Application-specific information-processing method, system, and apparatus
CA2337699A1 (en) Message forwarding of multiple types of messages based upon a criteria
WO2008060227A3 (en) Method and arrangement for delivering electronic state message information
WO2008057206A3 (en) Methods, systems, and computer program products for providing an enriched messaging service in a communications network
WO2007139662A3 (en) Method and system for content similarity-based message routing and subscription matching
WO2008014122A3 (en) Method and system for setting paging indication sequences in paging messages
AU2002366933A1 (en) System and method for preventing spam mail
WO2007067433A3 (en) Poly(trimethylene terephthalate)/poly(alpha-hydroxy acid) films
WO2006047201A3 (en) Deferred email message system, service and client

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 200480032525.8

Country of ref document: CN

AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 2004770532

Country of ref document: EP

Ref document number: 2006531009

Country of ref document: JP

WWE Wipo information: entry into national phase

Ref document number: 174901

Country of ref document: IL

Ref document number: 1240/CHENP/2006

Country of ref document: IN

WWE Wipo information: entry into national phase

Ref document number: 2006115595

Country of ref document: RU

WWP Wipo information: published in national office

Ref document number: 2004770532

Country of ref document: EP