IPC분류정보
국가/구분 |
United States(US) Patent
등록
|
국제특허분류(IPC7판) |
|
출원번호 |
US-0880581
(2010-09-13)
|
등록번호 |
US-8627463
(2014-01-07)
|
발명자
/ 주소 |
- Glick, Adam
- Graf, Nicholas
- Smith, Spencer
|
출원인 / 주소 |
|
대리인 / 주소 |
ALG Intellectual Property, LLC
|
인용정보 |
피인용 횟수 :
2 인용 특허 :
2 |
초록
▼
A computer-implemented method for using reputation information to evaluate the trustworthiness of files obtained via torrent transactions may include (1) identifying a torrent file that includes metadata for facilitating a torrent transaction for obtaining a target file via a peer-to-peer file-shari
A computer-implemented method for using reputation information to evaluate the trustworthiness of files obtained via torrent transactions may include (1) identifying a torrent file that includes metadata for facilitating a torrent transaction for obtaining a target file via a peer-to-peer file-sharing protocol, (2) identifying at least one entity involved in the torrent transaction, (3) obtaining reputation information associated with the entity involved in the torrent transaction, wherein the reputation information identifies a community's opinion on the trustworthiness of the entity, (4) determining, based at least in part on the reputation information associated with the entity involved in the torrent transaction, that the target file represents a potential security risk, and then (5) performing a security action on the target file. Various other methods, systems, and computer-readable media are also disclosed.
대표청구항
▼
1. A computer-implemented method for using reputation information to evaluate the trustworthiness of files obtained via torrent transactions, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising: identifying, by the computing
1. A computer-implemented method for using reputation information to evaluate the trustworthiness of files obtained via torrent transactions, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising: identifying, by the computing device, a torrent file that comprises metadata for facilitating a torrent transaction for obtaining a target file via a peer-to-peer file-sharing protocol;identifying, by the computing device, a plurality of computing systems involved in the torrent transaction, the plurality of computing systems comprising at least one of: an original seeder that uploaded the torrent file to a torrent hosting site;a peer capable of providing at least a portion of the target file;a peer attempting to download at least a portion of the target file;obtaining, by the computing device, reputation information for the plurality of computing systems involved in the torrent transaction, wherein the reputation information identifies a community's opinion on the trustworthiness of the plurality of computing systems involved in the torrent transaction based at least in part on results of at least one previous torrent transaction in which the plurality of computing systems were involved;calculating an average peer reputation based at least in part on the reputation information for the plurality of computing systems;determining, by the computing device, that the target file represents a potential security risk based at least in part on the calculated average peer reputation;performing, by the computing device, a security action on the target file. 2. The method of claim 1, wherein identifying the computing system involved in the torrent transaction further comprises identifying a torrent-tracking server capable of coordinating the torrent transaction. 3. The method of claim 2, wherein identifying the torrent-tracking server capable of coordinating the torrent transaction comprises analyzing the metadata within the torrent file to identify a uniform resource locator associated with the torrent-tracking server. 4. The method of claim 1, wherein identifying the original seeder that uploaded the torrent file to the torrent hosting site comprises at least one of: communicating with the torrent hosting site to identify a relationship between the original seeder and the torrent file;accessing authentication information associated with a torrent hosting site that identifies the relationship between the original seeder and the torrent file;analyzing the metadata within the torrent file to identify the relationship between the original seeder and the torrent file. 5. The method of claim 1, wherein identifying the plurality of computing systems involved in the torrent transaction comprises: monitoring network traffic;parsing the network traffic to identify an IP address of at least one of the plurality of computing systems involved in the torrent transaction. 6. The method of claim 1, wherein obtaining the reputation information for the plurality of computing systems involved in the torrent transaction comprises obtaining the reputation information from a reputation service. 7. The method of claim 1, wherein performing the security action on the target file comprises at least one of: alerting a user of the computing device of the potential security risk;blocking access to the target file until overridden by the user;blocking network traffic associated with the torrent transaction;quarantining the target file;deleting the target file. 8. The method of claim 1, wherein determining that the target file represents the potential security risk further comprises: obtaining at least a portion of the target file;determining that the target file negatively impacts the health of the computing device. 9. The method of claim 8, further comprising providing reporting information to a reputation service that identifies at least one of: the target file obtained via the torrent transaction;at least one of the plurality of computing systems involved in the torrent transaction;the negative impact of the target file on the health of the computing device. 10. The method of claim 1, wherein the community comprises at least one additional computing device that: previously obtained at least a portion of the target file via the peer-to-peer file-sharing protocol;previously reported the impact of the target file on the health of the additional computing device. 11. The method of claim 1, wherein obtaining the reputation information for the plurality of computing systems involved in the torrent transaction comprises obtaining reputation information for a new peer that joined the community during the torrent transaction. 12. The method of claim 1, wherein the target file comprises a non-executable file. 13. The method of claim 1, wherein determining that the target file represents the potential security risk further comprises: identifying, by the computing device, a torrent hosting site that hosts the torrent file;obtaining, by the computing device, reputation information that identifies the community's opinion on the trustworthiness of the torrent hosting site that hosts the torrent file;determining, by the computing device, that the target file represents the potential security risk based at least in part on both the community's opinion of the torrent hosting site and the community's opinion on the plurality of computing systems involved in the torrent transaction. 14. A computer-implemented method for assigning reputation scores to entities involved in torrent transactions, at least a portion of the method being performed by a server comprising at least one processor, the method comprising: receiving, by the server, reporting information from at least one computing device that identifies, for each computing device: a target file obtained via a torrent transaction;a plurality of computing systems that were involved in at least one torrent transaction, the plurality of computing systems comprising at least one of: an original seeder that uploaded a torrent file to a torrent hosting site;a peer capable of providing at least a portion of the target file;a peer attempting to download at least a portion of the target file;the impact of the target file on the health of the computing device;assigning, by the server, a plurality of reputation scores to the plurality of computing systems involved in the torrent transaction based at least in part on the reporting information received from the computing device, wherein each reputation score identifies the trustworthiness of the a computing system within the plurality of computing systems involved in the torrent transaction;providing, by the server, the plurality of reputation scores assigned to the plurality of computing systems involved in the torrent transaction to at least one additional computing device participating in an additional torrent transaction that involves the plurality of computing system, wherein the plurality of reputation scores enable the additional computing device to determine whether the additional torrent transaction represents a potential security risk. 15. The method of claim 14, wherein assigning the plurality of reputation scores to the plurality of computing systems involved in the torrent transaction comprises using the reporting information received from the computing device to update a prior reputation score that was previously assigned to at least one computing system within the plurality of computing systems involved in the torrent transaction. 16. The method of claim 15, further comprising providing the updated reputation score to the additional computing device during the additional torrent transaction that involves the plurality of computing systems. 17. The method of claim 14, wherein the plurality of computing systems involved in the torrent transaction further comprises a torrent-tracking server that coordinated the torrent transaction. 18. The method of claim 14, wherein providing the plurality reputation scores to the additional computing device participating in the additional torrent transaction comprises: receiving a request for the plurality of reputation scores from the additional computing device;providing the plurality of reputation scores to the additional computing device in response to the request. 19. A system for using reputation information to evaluate the trustworthiness of files obtained via torrent transactions, the system comprising: an identification module programmed to: identify a torrent file that comprises metadata for facilitating a torrent transaction for obtaining a target file via a peer-to-peer file-sharing protocol;identify a plurality of computing devices involved in the torrent transaction, the plurality of computing devices comprising at least one of: an original seeder that uploaded the torrent file to a torrent hosting site;a peer capable of providing at least a portion of the target file;a peer attempting to download at least a portion of the target file;a reputation module programmed to: obtain reputation information for the plurality of computing devices involved in the torrent transaction, wherein the reputation information identifies a community's opinion on the trustworthiness of the plurality of computing devices involved in the torrent transaction based at least in part on results of a previous torrent transaction in which the plurality of computing devices were involved;calculate an average peer reputation based at least in part on the reputation information for the plurality of computing devices;a security module programmed to: determine, based at least in part on the calculated average reputation, that the target file represents a potential security risk;perform a security action on the target file;at least one processor configured to execute the identification module, the reputation module, and the security module.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.