[특허]Method and apparatus for identifying and characterizing errant electronic files

Method and apparatus for identifying and characterizing errant electronic files 원문보기

IPC분류정보
국가/구분	United States(US) Patent 등록
국제특허분류(IPC7판)	G06F-012/14
출원번호	US-0561751 (2000-04-29)
발명자 / 주소	Shuster, Gary Stephen
출원인 / 주소	Ideaflood, Inc.
대리인 / 주소	O'Melveny &
인용정보	피인용 횟수 : 33 인용 특허 : 7

초록 ▼

A computer system includes a server having a memory connected thereto. The server is adapted to be connected to a network to permit remote storage and retrieval of data files from the memory. A file identification application is operative with the server to identify errant files stored in the memory. The file identification application provides the functions of: (1) selecting a file stored in said memory; (2) generating a unique checksum corresponding to the stored file; (3) comparing said unique checksum to each of a plurality of previously generated checksums, wherein the plurality of previously generated checksums correspond to known errant files; and (4) marking the file for deletion from the memory if the unique checksum matches one of the plurality of previously generated checksums.

대표청구항 ▼

1. A method for identifying and characterizing stored electronic files, said method comprising:selecting a file stored in a memory, said selecting step comprising identifying suspect files from a plurality of files stored in said memory, wherein said identifying step further comprises identifying sequential files from a directory of said memory; generating a unique checksum corresponding to said stored file; comparing said unique checksum to each of a plurality of previously generated checksums, said plurality of previously generated checksums corresponding to known errant files; and marking said file for deletion from said memory if said unique checksum matches one of said plurality of previously generated checksums. 2. The method according to claim 1, further comprising obtaining a source of known errant files to generate said plurality of previously generated checksums therefrom.3. The method according to claim 1, further comprising presenting said file marked for deletion for human review prior to deleting said file.4. The method according to claim 1, further comprising automatically notifying a third party that said file has been marked for deletion.5. A method for identifying and characterizing stored electronic files, said method comprising:selecting a file stored in a memory, said selecting step comprising identifying suspect files from a plurality of files stored in said memory, wherein said identifying step further comprises identifying identically sized files from a directory of said memory; generating a unique checksum corresponding to said stored file; comparing said unique checksum to each of a plurality of previously generated checksums, said plurality of previously generated checksums corresponding to known errant files; and marking said file for deletion from said memory if said unique checksum matches one of said plurality of previously generated checksums. 6. The method according to claim 5, wherein said identifying step further comprises determining whether an aggregate size of plural identically sized files exceeds a predetermined threshold.7. The method according to claim 5, further comprising obtaining a source of known errant files to generate said plurality of previously generated checksums therefrom.8. The method according to claim 5, further comprising presenting said file marked for deletion for human review prior to deleting said file.9. The method according to claim 5, further comprising automatically notifying a third party that said file has been marked for deletion.10. A method for identifying and characterizing stored electronic files, said method comprising:selecting a file stored in a memory, said selecting step comprising identifying suspect files from a plurality of files stored in said memory, wherein said identifying step further comprises identifying files having content that fail to match their associated file type; generating a unique checksum corresponding to said stored file; comparing said unique checksum to each of a plurality of previously generated checksums, said plurality of previously generated checksums corresponding to known errant files; and marking said file for deletion from said memory if said unique checksum matches one of said plurality of previously generated checksums. 11. The method according to claim 10, further comprising obtaining a source of known errant files to generate said plurality of previously generated checksums therefrom.12. The method according to claim 10, further comprising presenting said file marked for deletion for human review prior to deleting said file.13. The method according to claim 10, further comprising automatically notifying a third party that said file has been marked for deletion.14. A method for identifying and characterizing stored electronic files, said method comprising:selecting a file stored in a memory, said selecting step comprising identifying suspect files from a plurality of files stored in said memory, wherein said identifying step further comprises identifying files containing data that extends beyond an end of data marker; generating a unique checksum corresponding to said stored file; comparing said unique checksum to each of a plurality of previously generated checksums, said plurality of previously generated checksums corresponding to known errant files; and marking said file for deletion from said memory if said unique checksum matches one of said plurality of previously generated checksums. 15. The method according to claim 14, further comprising truncating said identified files after said end of data marker.16. The method according to claim 14, further comprising obtaining a source of known errant files to generate said plurality of previously generated checksums therefrom.17. The method according to claim 14, further comprising presenting said file marked for deletion for human review prior to deleting said file.18. The method according to claim 14, further comprising automatically notifying a third party that said file has been marked for deletion.19. A method for identifying and characterizing stored electronic files, said method comprising:selecting a file stored in a memory; generating a unique checksum corresponding to said stored file, comprising generating a first checksum corresponding to a first one-thousand bytes of said stored file and a second checksum corresponding to a second portion of said stored file; comparing said unique checksum to each of a plurality of previously generated checksums, said plurality of previously generated checksums corresponding to known errant files; and marking said file for deletion from said memory if said unique checksum matches one of said plurality of previously generated checksums. 20. The method according to claim 19, further comprising obtaining a source of known errant files to generate said plurality of previously generated checksums therefrom.21. The method according to claim 19, further comprising presenting said file marked for deletion for human review prior to deleting said file.22. The method according to claim 19, further comprising automatically notifying a third party that said file has been marked for deletion.23. A method for identifying and characterizing stored electronic files, said method comprising:selecting a file stored in a memory; generating a unique checksum corresponding to said stored file, comprising generating a first checksum corresponding to a first portion of said stored file and a second checksum corresponding to a first ten-thousand bytes of said stored file; comparing said unique checksum to each of a plurality of previously generated checksums, said plurality of previously generated checksums corresponding to known errant files; and marking said file for deletion from said memory if said unique checksum matches one of said plurality of previously generated checksums. 24. The method according to claim 23, further comprising obtaining a source of known errant files to generate said plurality of previously generated checksums therefrom.25. The method according to claim 23, further comprising presenting said file marked for deletion for human review prior to deleting said file.26. The method according to claim 23, further comprising automatically notifying a third party that said file has been marked for deletion.27. A method for identifying and characterizing stored electronic files, said method comprising:selecting a file stored in a memory; generating a unique checksum corresponding to said stored file, comprising generating a unique checksum for graphics files based on vector graphics analysis; comparing said unique checksum to each of a plurality of previously generated checksums, said plurality of previously generated checksums corresponding to known errant files; and marking said file for deletion from said memory if said unique checksum matches one of said plurality of previously generated checksums. 28. The method according to claim 27, further comprising obtaining a source of known errant files to generate said plurality of previously generated checksums therefrom.29. The method according to claim 27, further comprising presenting said file marked for deletion for human review prior to deleting said file.30. The method according to claim 27, further comprising automatically notifying a third party that said file has been marked for deletion.31. A method for identifying and characterizing stored electronic files, said method comprising:selecting a file stored in a memory; generating a unique checksum corresponding to said stored file, comprising dividing a graphical image file into blocks and comparing relationships between said blocks; comparing said unique checksum to each of a plurality of previously generated checksums, said plurality of previously generated checksums corresponding to known errant files; and marking said file for deletion from said memory if said unique checksum matches one of said plurality of previously generated checksums. 32. The method according to claim 31, further comprising obtaining a source of known errant files to generate said plurality of previously generated checksums therefrom.33. The method according to claim 31, further comprising presenting said file marked for deletion for human review prior to deleting said file.34. The method according to claim 31, further comprising automatically notifying a third party that said file has been marked for deletion.35. A computer system, comprising:a server having a memory connected thereto, said server being adapted to be connected to a network to permit remote storage and retrieval of data files from said memory; and a file identification application operative with said server to identify errant files stored in said memory, said file identification application providing the functions of: selecting a file stored in said memory, said selecting function comprising identifying suspect files from a plurality of files stored in said memory, wherein said identifying function further comprises identifying sequential files from a directory of said memory; generating a unique checksum corresponding to said stored file; comparing said unique checksum to each of a plurality of previously generated checksums, said plurality of previously generated checksums corresponding to known errant files; and marking said file for deletion from said memory if said unique checksum matches one of said plurality of previously generated checksums. 36. The computer system according to claim 35, wherein said file identification application further provides the function of obtaining a source of known errant files to generate said plurality of previously generated checksums therefrom.37. The computer system according to claim 35, wherein said file identification application further provides the function of presenting said file marked for deletion for human review prior to deleting said file.38. The computer system according to claim 35, wherein said file identification application further provides the function of automatically notifying a third party that said file has been marked for deletion.39. A computer system, comprising:a server having a memory connected thereto, said server being adapted to be connected to a network to permit remote storage and retrieval of data files from said memory; and a file identification application operative with said server to identify errant files stored in said memory, said file identification application providing the functions of: selecting a file stored in said memory, said selecting function comprising identifying suspect files from a plurality of files stored in said memory, wherein said identifying function further comprises identifying identically sized files from a directory of said memory; generating a unique checksum corresponding to said stored file; comparing said unique checksum to each of a plurality of previously generated checksums, said plurality of previously generated checksums corresponding to known errant files; and marking said file for deletion from said memory if said unique checksum matches one of said plurality of previously generated checksums. 40. The computer system according to claim 39, wherein said identifying function further comprises determining whether an aggregate size of plural identically sized files exceeds a predetermined threshold.41. The computer system according to claim 39, wherein said file identification application further provides the function of obtaining a source of known errant files to generate said plurality of previously generated checksums therefrom.42. The computer system according to claim 39, wherein said file identification application further provides the function of presenting said file marked for deletion for human review prior to deleting said file.43. The computer system according to claim 39, wherein said file identification application further provides the function of automatically notifying a third party that said file has been marked for deletion.44. A computer system, comprising:a server having a memory connected thereto, said server being adapted to be connected to a network to permit remote storage and retrieval of data files from said memory; and a file identification application operative with said server to identify errant files stored in said memory, said file identification application providing the functions of: selecting a file stored in said memory, said selecting function comprising identifying suspect files from a plurality of files stored in said memory, wherein said identifying function further comprises identifying files having content that fails to match their associated file type; generating a unique checksum corresponding to said stored file; comparing said unique checksum to each of a plurality of previously generated checksums, said plurality of previously generated checksums corresponding to known errant files; and marking said file for deletion from said memory if said unique checksum matches one of said plurality of previously generated checksums. 45. The computer system according to claim 44, wherein said file identification application further provides the function of obtaining a source of known errant files to generate said plurality of previously generated checksums therefrom.46. The computer system according to claim 44, wherein said file identification application further provides the function of presenting said file marked for deletion for human review prior to deleting said file.47. The computer system according to claim 44, wherein said file identification application further provides the function of automatically notifying a third party that said file has been marked for deletion.48. A computer system, comprising:a server having a memory connected thereto, said server being adapted to be connected to a network to permit remote storage and retrieval of data files from said memory; and a file identification application operative with said server to identify errant files stored in said memory, said file identification application providing the functions of: selecting a file stored in said memory, said selecting function comprising identifying suspect files from a plurality of files stored in said memory, wherein said identifying function further comprises identifying files containing data that extends beyond an end of data marker; generating a unique checksum corresponding to said stored file; comparing said unique checksum to each of a plurality of previously generated checksums, said plurality of previously generated checksums corresponding to known errant files; and marking said file for deletion from said memory if said unique checksum matches one of said plurality of previously generated checksums. 49. The computer system according to claim 48, wherein said identifying function further comprises truncating said identified files after said end of data marker.50. The computer system according to claim 48, wherein said file identification application further provides the function of obtaining a source of known errant files to generate said plurality of previously generated checksums therefrom.51. The computer system according to claim 48, wherein said file identification application further provides the function of presenting said file marked for deletion for human review prior to deleting said file.52. The computer system according to claim 48, wherein said file identification application further provides the function of automatically notifying a third party that said file has been marked for deletion.53. A computer system, comprising:a server having a memory connected thereto, said server being adapted to be connected to a network to permit remote storage and retrieval of data files from said memory; and a file identification application operative with said server to identify errant files stored in said memory, said file identification application providing the functions of: selecting a file stored in said memory; generating a unique checksum corresponding to said stored file, comprising generating a first checksum corresponding to a first one-thousand bytes of said stored file and a second checksum corresponding to a second portion of said stored file; comparing said unique checksum to each of a plurality of previously generated checksums, said plurality of previously generated checksums corresponding to known errant files; and marking said file for deletion from said memory if said unique checksum matches one of said plurality of previously generated checksums. 54. The computer system according to claim 53, wherein said file identification application further provides the function of obtaining a source of known errant files to generate said plurality of previously generated checksums therefrom.55. The computer system according to claim 53, wherein said file identification application further provides the function of presenting said file marked for deletion for human review prior to deleting said file.56. The computer system according to claim 53, wherein said file identification application further provides the function of automatically notifying a third party that said file has been marked for deletion.57. A computer system, comprising:a server having a memory connected thereto, said server being adapted to be connected to a network to permit remote storage and retrieval of data files from said memory; and a file identification application operative with said server to identify errant files stored in said memory, said file identification application providing the functions of: selecting a file stored in said memory; generating a unique checksum corresponding to said stored file, comprising generating a first checksum corresponding to a first portion of said stored file and a second checksum corresponding to a first ten-thousand bytes of said stored file; comparing said unique checksum to each of a plurality of previously generated checksums, said plurality of previously generated checksums corresponding to known errant files; and marking said file for deletion from said memory if said unique checksum matches one of said plurality of previously generated checksums. 58. The computer system according to claim 57, wherein said file identification application further provides the function of obtaining a source of known errant files to generate said plurality of previously generated checksums therefrom.59. The computer system according to claim 57, wherein said file identification application further provides the function of presenting said file marked for deletion for human review prior to deleting said file.60. The computer system according to claim 57, wherein said file identification application further provides the function of automatically notifying a third party that said file has been marked for deletion.61. A computer system, comprising:a server having a memory connected thereto, said server being adapted to be connected to a network to permit remote storage and retrieval of data files from said memory; and a file identification application operative with said server to identify errant files stored in said memory, said file identification application providing the functions of: selecting a file stored in-said memory; generating a unique checksum corresponding to said stored file, wherein said generating function further comprises generating a unique checksum for graphics files based on vector graphics analysis; comparing said unique checksum to each of a plurality of previously generated checksums, said plurality of previously generated checksums corresponding to known errant files; and marking said file for deletion from said memory if said unique checksum matches one of said plurality of previously generated checksums. 62. The computer system according to claim 61, wherein said file identification application further provides the function of obtaining a source of known errant files to generate said plurality of previously generated checksums therefrom.63. The computer system according to claim 61, wherein said file identification application further provides the function of presenting said file marked for deletion for human review prior to deleting said file.64. The computer system according to claim 61, wherein said file identification application further provides the function of automatically notifying a third party that said file has been marked for deletion.65. A computer system, comprising:a server having a memory connected thereto, said server being adapted to be connected to a network to permit remote storage and retrieval of data files from said memory; and a file identification application operative with said server to identify errant files stored in said memory, said file identification application providing the functions of: selecting a file stored in said memory; generating a unique checksum corresponding to said stored file, wherein said generating function further comprises dividing a graphical image file into blocks and comparing relationships between said blocks; comparing said unique checksum to each of a plurality of previously generated checksums, said plurality of previously generated checksums corresponding to known errant files; and marking said file for deletion from said memory if said unique checksum matches one of said plurality of previously generated checksums. 66. The computer system according to claim 65, wherein said file identification application further provides the function of obtaining a source of known errant files to generate said plurality of previously generated checksums therefrom.67. The computer system according to claim 65, wherein said file identification application further provides the function of presenting said file marked for deletion for human review prior to deleting said file.68. The computer system according to claim 65, wherein said file identification application further provides the function of automatically notifying a third party that said file has been marked for deletion.

이 특허에 인용된 특허 (7)

Chen Chia-Hwang ; Luo Chih-Ken, Anti-virus agent for use with databases and mail servers.
상세보기
Hypponen, Mikko; Hypponen, Ari; Kuisha, Mikko; Rahu, Urmas; Siilasmaa, Risto, Computer virus screening.
상세보기
Farber David A. ; Lachman Ronald D., Data processing system using substantially unique identifiers to identify data items, whereby identical data items hav.
상세보기
Korn Rodney A. ; Pashupathy Anand, Method and apparatus for generating digital checksum signatures for alteration detection and version confirmation.
상세보기
Davis, Owen; Jain, Vidyut, Method and apparatus for tracking client interaction with a network resource and creating client profiles and resource database.
상세보기
Moskowitz Scott A. ; Cooperman Marc, Method and system for digital watermarking.
상세보기
Netiv Zvi,ILX, Method for protecting storage media against computer virus infection.
상세보기

이 특허를 인용한 특허 (33)

Kacker,Dhiraj; Muzzolini,Russell Ennio, Automated copyright detection in digital images.
상세보기
Kusko, Mary P.; Levine, Frank E.; Taylor, Stella L.; Topol, Anna W., Automated file relocation.
상세보기
Kusko, Mary P.; Levine, Frank E.; Taylor, Stella L.; Topol, Anna W., Automated file relocation.
상세보기
Kacker,Dhiraj; Muzzolini,Russell Ennio, Automated verification of copyrighted digital images.
상세보기
Hursey, Neil John; McEwan, William Alexander, Detecting e-mail propagated malware.
상세보기
Shuster, Brian; Burch, Aaron; Zarry, Zachary; Herling, Dirk; Shuster, Gary, Dynamic serving of multidimensional content.
상세보기
Kyler, Daniel B., Filter driver for identifying disk files by analysis of content.
상세보기
Nachenberg,Carey, Heuristic detection of computer viruses.
상세보기
Shuster, Gary Stephen, Identifying and characterizing electronic files using a two-stage calculation.
상세보기
Levi, Ronald M.; Shprung, Shai, Image processing and identification system, method and apparatus.
상세보기
Borden, Bruce; Brand, Russell, Information source agent systems and methods for backing up files to a repository using file identicality.
상세보기
Borden, Bruce; Brand, Russell, Information source agent systems and methods for distributed data storage and management using content signatures.
상세보기
Borden, Bruce; Brand, Russell, Information source agent systems and methods for distributed data storage and management using content signatures.
상세보기
Shuster, Gary Stephen, Method and apparatus for identifying and characterizing errant electronic files.
상세보기
Shuster, Gary Stephen, Method and apparatus for identifying and characterizing errant electronic files.
상세보기
Shuster, Gary Stephen, Method and apparatus for identifying and characterizing errant electronic files.
상세보기
Ling,Christopher John, Method for preventing parasitic usage of web page embedded files.
상세보기
Liang, Wei-Kuo, Methods for accessing data in cloud storage space and apparatuses using the same.
상세보기
Borden, Bruce; Brand, Russell, Notifying users of file updates on computing devices using content signatures.
상세보기
Goodman, Joshua T.; Kadie, Carl M.; Meek, Christopher A., Storage abuse prevention.
상세보기
Carmona, Itshak; Malivanchuk, Taras, System and method for detecting malicious code.
상세보기
Safa, John, System and method to secure a computer system by selective control of write access to a data storage medium.
상세보기
Shuster, Brian; Burch, Aaron; Herling, Dirk; Shuster, Gary, Systems and methods of assessing permissions in virtual worlds.
상세보기
Shuster, Brian; Burch, Aaron; Herling, Dirk; Shuster, Gary, Systems and methods of assessing permissions in virtual worlds.
상세보기
Burch, Aaron; Neufeld, Ian; Herling, Dirk; Shuster, Gary, Systems and methods of managed script execution.
상세보기
Burch, Aaron; Neufeld, Ian; Herling, Dirk; Shuster, Gary, Systems and methods of managed script execution.
상세보기
Shuster, Brian; Burch, Aaron; Shuster, Gary; Neufeld, Ian; Herling, Dirk, Systems and methods of managing virtual world avatars.
상세보기
Shuster, Brian; Burch, Aaron; Shuster, Gary; Neufeld, Ian; Herling, Dirk, Systems and methods of managing virtual world avatars.
상세보기
Shuster, Brian; Shuster, Gary, Systems and methods of object processing in virtual worlds.
상세보기
Shuster, Brian; Burch, Aaron; Herling, Dick; Zarry, Zachary; Shuster, Gary, Systems and methods of virtual worlds access.
상세보기
Shuster, Brian; Burch, Aaron; Herling, Dick; Zarry, Zachary; Shuster, Gary, Systems and methods of virtual worlds access.
상세보기
Shuster, Gary Stephen; Shuster, Brian Mark, Translating user interfaces of applications.
상세보기
Kleinschnitz, Jr., Donald; Arbon, Val A.; Whatcott, Roland D., Using disassociated images for computer and storage resource management.
상세보기

IPC	Description
A	생활필수품
A62	인명구조; 소방(사다리 E06C)
A62B	인명구조용의 기구, 장치 또는 방법(특히 의료용에 사용되는 밸브 A61M 39/00; 특히 물에서 쓰이는 인명구조 장치 또는 방법 B63C 9/00; 잠수장비 B63C 11/00; 특히 항공기에 쓰는 것, 예. 낙하산, 투출좌석 B64D; 특히 광산에서 쓰이는 구조장치 E21F 11/00)
A62B-1/08	.. 윈치 또는 풀리에 제동기구가 있는 것

내보내기 구분	파일저장 인쇄 메일전송
구성항목	기본정보 상세정보 관리번호, 국가코드, 자료구분, 상태, 출원번호, 출원일자, 공개번호, 공개일자, 등록번호, 등록일자, 발명명칭(한글), 발명명칭(영문), 출원인(한글), 출원인(영문), 출원인코드, 대표IPC 관리번호, 국가코드, 자료구분, 상태, 출원번호, 출원일자, 공개번호, 공개일자, 공고번호, 공고일자, 등록번호, 등록일자, 발명명칭(한글), 발명명칭(영문), 출원인(한글), 출원인(영문), 출원인코드, 대표출원인, 출원인국적, 출원인주소, 발명자, 발명자E, 발명자코드, 발명자주소, 발명자 우편번호, 발명자국적, 대표IPC, IPC코드, 요약, 미국특허분류, 대리인주소, 대리인코드, 대리인(한글), 대리인(영문), 국제공개일자, 국제공개번호, 국제출원일자, 국제출원번호, 우선권, 우선권주장일, 우선권국가, 우선권출원번호, 원출원일자, 원출원번호, 지정국, Citing Patents, Cited Patents
저장형식	Text(ASCII format) Excel format PIAS분석(.xls)
메일정보	받는사람 (필수) @ 보내는사람 (선택) @ 제목 내용 KISTI 검색결과 이메일 서비스
안내	총 건의 자료가 검색되었습니다. 다운받으실 자료의 인덱스를 입력하세요. (1-10,000) 검색결과의 순서대로 최대 10,000건 까지 다운로드가 가능합니다. 데이타가 많을 경우 속도가 느려질 수 있습니다.(최대 2~3분 소요) 다운로드 파일은 UTF-8 형태로 저장됩니다. 파일의 내용이 제대로 보이지 않을실 때는 웹브라우저 상단의 보기 -> 인코딩 -> 자동선택 여부를 확인하십시오. ~ Text(ASCII format) Excel format

연합인증

Method and apparatus for identifying and characterizing errant electronic files 원문보기

초록 ▼

대표청구항 ▼

연구과제 타임라인

이 특허에 인용된 특허 (7)

이 특허를 인용한 특허 (33)

관련 콘텐츠

특허 원문 보기

IPC 상위 출원인

AI-Helper ※ AI-Helper는 오픈소스 모델을 사용합니다.

선택된 텍스트

연합인증

Method and apparatus for identifying and characterizing errant electronic files 원문보기

초록 ▼

대표청구항 ▼

연구과제 타임라인

전체(0) 논문(0) 특허(0) 보고서(0)

전체(0) 논문(0) 특허(0) 보고서(0)

이 특허에 인용된 특허 (7)

이 특허를 인용한 특허 (33)

관련 콘텐츠

특허 원문 보기

IPC 상위 출원인

AI-Helper ※ AI-Helper는 오픈소스 모델을 사용합니다.

선택된 텍스트