Information security – Monitoring or scanning of software or data including attack...
Reexamination Certificate
2002-08-16
2010-02-02
Moazzami, Nasser G (Department: 2436)
Information security
Monitoring or scanning of software or data including attack...
C726S023000, C726S025000, C726S024000, C709S206000, C709S223000, C709S225000
Reexamination Certificate
active
07657935
ABSTRACT:
A system and methods of detecting an occurrence of a violation of an email security policy of a computer system. A model relating to the transmission of prior emails through the computer system is defined which is derived from statistics relating to the prior emails. For selected emails to be analyzed, statistics concerning the selected email are gathered. Such statistics may refer to the behavior or other features of the selected emails, attachments to emails, or email accounts. The determination of whether a violation of an email security policy has occurred is performed by applying the model of prior email transmission to the statistics relating to the selected email. The model may be statistical or probabilistic. A model of prior email transmission may include grouping email recipients into cliques. A determination of a violation of a security policy may occur if email recipients for a particular email are in more than one clique.
REFERENCES:
patent: 6161130 (2000-12-01), Horvitz et al.
patent: 6434745 (2002-08-01), Conley et al.
patent: 6708212 (2004-03-01), Porras et al.
patent: 6769067 (2004-07-01), Soong
patent: 6778995 (2004-08-01), Gallivan
patent: 6820081 (2004-11-01), Kawai et al.
patent: 6888548 (2005-05-01), Gallivan
patent: 6901398 (2005-05-01), Horvitz et al.
patent: 6904168 (2005-06-01), Steinberg et al.
patent: 6931433 (2005-08-01), Ralston et al.
patent: 6978274 (2005-12-01), Gallivan et al.
patent: 7035876 (2006-04-01), Kawai et al.
patent: 7080076 (2006-07-01), Williamson et al.
patent: 7092992 (2006-08-01), Yu
patent: 2002/0059418 (2002-05-01), Bird et al.
patent: 2003/0097409 (2003-05-01), Tsai
Probabilistic Techniques for Intrusion Detection Based on Computer Audit Data, Nong et al, vol. 31,No. 4,Jul. 2001 pp. 266-274, IEEE.
An Application of Machine Learning to Anomaly Detection, Terran et al, Feb. 14, 1997.
An Intelligent Decision Support System for Intrusion Detection and Response, Dipankar et al, Publisher Springer-Verlag, May 21-23, 2001,St.Petersburg,Russia.
Nong et al(Probablistic Techniques for Intrusion Detection Based on Computer Audit data Published Jul. 2001).
Kin C. Bron and J. Kerbosch. “Algorithm 457: Finding All Cliques of an Undirected Graph,”Communications of ACM, 16:575-577, 1973.
Kephart, Chess, and White. “Computers and Epidemiology,” IBM Watson Research Center, 1993, pp. 1-20 (as available on-line).
Eleazar Eskin et al. “System and Method for Intrusion Detection with Dynamic Window Sizes,” filed Jul. 30, 2000, U.S. Appl. No. 10/208,402.
Matthew Schulz et al. “System and Method For Detection Of New Malicious Executables,” filed Jul. 30, 2000, U.S. Appl. No. 10/208,432.
Bhattacharyya M et al., 2002, “MET: An Experimental System for Malicious Email Tracking”Proceedings 2002 New Security Paradigms Workshop.
Schultz MG et al., Jun. 2001, “Mef: Malicious email filter—a unix mail filter that detects malicious windows executables” http://www.cs.columbia.edu/ids/mef/rel—papers.html,USENIX Annual Technical Conference.
Schultz MG et al., May 2001, “Data mining methods for detection of new malicious executables”Proceedings of the IEEE Symposium on Security and Privacy.
Wang C et al., 2000, “On computer viral infection and the effect of immunization”Proceedings of the 16th ACM Annual Computer Applications Conference.
White SR et al., 1999, “Anatomy of a Commercial-Grade Immune System”IBM Research White paper, http://www.av.ibm.com/ScientificPapers/White/Anatomy/anatomy.html, pp. 1-28.
White SR, Oct. 1998, “Open problems in computer virus research”Online publication, http://www.research.ibm.com/antivirus/SciPapers/White/Problems,Virus Bulletin Conference, pp. 1-11.
Kohavi R, 1995, “A study of cross-validation and bootstrap for accuracy estimation and model selection”International Joint Conference on Artificial Intelligence (IJCAI).
Feng C et al., 1994, “Machine Learning of Rules and Trees”Machine Learning, Neutral and Statistical Classification, pp. 50-83.
W.O. International, 1993-2003, “PC Viruses in the Wild” http://www.bocklabs.wisc.edu/janda/wildlist.html, pp. 1-15.
Kephart JO, 1994, “A biologically inspired immune system for computers”Artificial Life IV, R. Brooks and P. Maes, eds., pp. 1-10.
Rivest RL, 1992, “The MD5 message digest algorithm”MIT Laboratory for Computer Science and RSA Data Security, Inc.,http://www.ietf.organization/rfc/rfc1321.txt, pp. 1-20.
Bhattacharyya Manasi
Eskin Eleazar
Herskop Shlomo
Stolfo Salvatore J.
Baker & Botts LLP
Moazzami Nasser G
The Trustees of Columbia University in the City of New York
Yalew Fikremariam
LandOfFree
System and methods for detecting malicious email transmission does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System and methods for detecting malicious email transmission, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System and methods for detecting malicious email transmission will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4165349