Claims:We Claim:
1. A method, comprising:
a) automatically creating a third-party evaluation of a website's repute;
b) storing an indicia evaluation in a format
c) location available by a client computing facility attempting to interact with the website.
2. The method of claim 1, wherein the format is further adjusted to provide the indicia at a time resembled with the attempted website interaction.
3. The method of claim 1, wherein the location is related with a server and a client
4. The method of claim 1, wherein the format is adapted to provide accessibility at the time the client facility is attempting to interact with the website.
5. The method of claim 1, wherein the automatic testing is to measure the number of annoying pop ups received after interacting with the website and the website is attempting to change a web browser setting.
6. The method of claim 5, wherein the web browser setting is a browser's home page setting and a browser's security setting.
7. The method of claim 5, wherein the automatic testing is to assess if the website is an End User License Agreement and the End User License Agreement is assessed for the handling of personal information.
8. The method of claim 7, wherein the automatic testing is to assess the website use of spam.
9. The method of claim 1, wherein the repute is at least in part based on associated with the website and a corporate repute of a business associated with the website.
10. The method of claim 9, wherein the corporate repute is based at least in part on at least one of the corporate address, how long the company has been in existence, how long the website has been in existence, if they have an IP address in a range of addresses with a poor repute, existence of a trademark, if they are a spammer, popularity rank, better business bureau, ranking of the corporation, based on existence within Fortune 1000, Fortune 500, Fortune 100, Fortune 50, and Fortune 10.
, Description:Technical Field of the Invention
This invention relates to the field of reliability services, and, more particularly to real-time, repute-based Web services.
Background of the Invention
As the World Wide Web grows, so do the dangers exposed to computer users and computing devices. These dangers come in many forms from viruses and malware adapted to disable computers; to spyware, adware, and programs adapted to track and steal personal information; to spam, junk mail, and programs designed to invade the user experience for commercial purposes. There are several solutions provided to detect and remove such software from a computer device, and there are firewalls and browser settings meant to prevent certain interactions. However, there exists a need to provide enhanced security for users of computer devices.
Object of the Invention
The primary object of the present invention is to provide a system & method for determining website repute by automatic testing.
Another object of the invention is to provide web repute service for web content such as website.
Summary of the Invention
Systems and methods for providing a Web repute service are disclosed. The Web repute service may comprise a real time database query interface for looking up the repute of Web content, such as a Web site, a script, an executable application, a Web form, and so forth. A database may contain the repute, which may be based upon a link structure analysis; a white list; a black list; a heuristic; an automatic test; a dynamic analysis of an executable application, or script; a static analysis of an executable application or script; an analysis of an end user license agreement; a determination of a distinguishing characteristic of a Web site, such as a business model or a genre; the result of a Web crawl; the output of a machine learning facility; user contributed feedback; and so forth. The systems and methods may intervene to prevent or allow certain features associated with Web content, such as adware, spyware, spam, phishing, pop ups, cookies, ActiveX components, client-side scripting, uploading files, downloading files, providing personal information, providing personal or financial information to a Website that intends to commit fraud, purchasing products from an e- commerce Website that is deemed high risk, and so forth. The Web repute service may be embodied as a service providing information about the safety or trustworthiness of a Web site; a filter applied to Web search results; a ranking of Web search results; an advertising network that checks the repute before placing an ad on the Web site; an advertising network that checks the repute before accepting an ad that would direct a user to the destination Web site; a desktop proxy facility that uses the repute to filter requests; a network proxy facility that uses the repute to filter requests; a Web navigation guide that directs a user to "the best" Web destinations and away from "the worst" Web destinations, where what is considered "the best" and "the worst" may be determined solely by the repute of, or by a combination of the repute and data associated with, the user; an analysis presentment facility that shows a user how a repute was determined; an alternate- Web-content presentment facility that provides a user with a reference to alternate Web content with a good repute when the user requests Web content with a bad repute; and so forth.
The several objects and features of the systems disclosed may include the provision of a Web repute service; the provision of a real time database query interface for lookup up the repute of Web content, such as a Web site, an executable application, a script, a Web form, and so forth; the caching of the results of this real time database locally on client computers to improve performance; the provision of a database containing the repute; the provision of various Web content analysis facilities for determining the repute of Web content; and the provision of applications of the Web repute service.
Briefly stated, the repute of Web content is determined primarily by a Web content analysis facility. This facility, in conducting Web content analysis, may inspect the Web content directly or may make deductions about the Web content, especially deductions that relate to a link structure associated with the Web content. The validity determination may, from time to time, be updated by the analysis facility. In any case, the determination is stored in a database that is accessible via a real time database query interface. In embodiments, users may have the ability to "vote" about sites/content as well, and a repute facility according to the principles of the present invention may use this as another source of input. In embodiments, a user may provide information relating to the performance of his or her computer or other related system following interaction with a certain site and thus provide performance information relating to the site. This performance information may then be used to generate repute information about the site.
A Web repute service may comprise the Web content analysis facility, the database, and the real time database query interface. In embodiments, the Web repute service may comprise, without limitation, a service providing information about the safety or trustworthiness of a Web site; a filter applied to Web search results; a ranking of Web search results; an advertising network that checks the repute before placing an ad on the Web site; an advertising network that checks the repute before accepting an ad that would direct a user to the destination Web site; a desktop proxy facility that uses the repute to filter requests; a network proxy facility that uses the repute to filter requests; or a Web navigation guide that directs a user to "the best" Web destinations and away from "the worst" Web destinations, where what is considered "the best" and "the worst" may be determined solely by the repute of, or by a combination of the repute and data associated with, the user; an analysis presentment facility that shows a user how a repute was determined; or an alternate-Web-content presentment facility that provides a user with a reference to alternate Web content with a good repute when the user requests Web content with a bad repute.
In embodiments, systems and methods involve a real time database query interface for looking up the repute of Web content.
In embodiments, systems and methods involve providing a link structure analysis for the purpose of determining the repute of Web content. In embodiments, systems and methods involve using a white list in conjunction with the repute of Web content. In embodiments, systems and methods involve automatically finding and test Web content, with the result of the test being a measure of the repute of the Web content. In embodiments, systems and methods involve providing a reference to alternative Web content with a good repute when requested Web content has a bad repute. In embodiments, systems and methods involve automatically extracting information from an end user license agreement, where the information pertains to how personal information is treated. In embodiments, systems and methods involve utilizing Web crawling to detect a business model of a Web site. In embodiments, systems and methods involve presenting inventions to utilize Web crawling to detect the genre of a Web site. In embodiments, systems and methods involve utilizing Web crawling to determine the repute of a Web advertisement network or the repute of an individual advertisement, group of advertisements, publisher of advertisements, originator of advertisements, and the like. For example, Google may be a highly reputable advertising network, but one in a million advertisements they accept may be an advertisement that claims to be Citi group, and which directs users to a Website in China that intends to steal their bank account information. Information pertaining to this type of advertisement may be used to generate advertisement repute according to the principles of the present invention.
In embodiments, systems and methods involve utilizing a machine- learning algorithm in the process of determining the repute of Web content. In embodiments, systems and methods involve providing a Web repute service.
In embodiments, systems and methods involve providing a Web search associated with the quality of Web content. In embodiments, systems and methods involve providing an advertising network that declines to advertise Web content of ill repute. In embodiments, systems and methods involve providing an advertising network that declines to associate an advertisement with Web content of ill repute.
In embodiments, systems and methods involve providing a desktop proxy facility that uses the repute of Web content to filter requests. In embodiments, systems and methods involve providing a network proxy facility that uses the repute of Web content to filter requests. In embodiments, systems and methods involve providing a Web navigation guide that directs a user to "the best" Web destinations and away from "the worst" Web destinations, where what is considered "the best" and "the worst" may be determined solely by the repute of, or by a combination of the repute and data associated with, the user.
In embodiments, systems and methods involve providing an analysis presentment facility that shows a user how repute was determined. In embodiments, systems and methods involve providing an alternate- Web-content presentment facility that provides a user with a reference to alternate Web content with a good repute when the user requests Web content with a bad repute.
An embodiment of the present invention is a system and method for interacting with a network. The system and method may involve providing a Web repute service to alert a user of a Web site repute during the attempted interaction with the Web site, wherein the user uses a cell phone to interact with the Web site. An embodiment of the present invention is a system and method for interacting with a network. The system and method may involve providing a Web repute service to alert a user about Web site repute during the attempted interaction with the Web site, wherein the Website repute service may be provided in conjunction with software adapted to scan the user's local hard drives for a virus.
In one aspect, a method and system disclosed herein may include automatically generating a third-party assessment of a website's repute and storing an indicium of the assessment in a format and location accessible by a client computing facility attempting to interact with the website.
In embodiments, the format of the stored indicia of the repute assessment may be adapted to provide the indicia at a time corresponding with an attempt to interact with a website, adapted to provide accessibility at the time the client facility may be attempting to interact with the website, and the like.
In embodiments, in methods and systems the location in which the indicia of the assessment may be stored may be associated with a server or with a client. In embodiments, in methods and systems automatic testing may be used to measure the number of pop ups received after interacting with the website, to measure if the website may be attempting to change a web browser setting, such as a browser's home page or security setting, to assess if the website may be an End User License Agreement (EULA) and if the EULA involves the handling of personal information, to assess the website's use of spam, to assess the website's installation of software, to provide automatic website feedback.
In embodiments, in methods and systems the repute of a website may be at least in part based on practices associated with the website, such as the treatment of personal information (current and past), the website's policy on the handling of personal information, and the like. In embodiments, in methods and systems the practices of the website that at least in part comprise the repute of the website may be related to unwanted content associated with the website including, but not limited to spyware, harmful software, malware, unexpected content, a downloadable file, a program, HTML, ActiveX, an executable file, and the like.
In embodiments, in methods and systems the practices of the website that at least in part comprise the repute of the website may be related to website actions misdirecting its users, such as, where the misdirection may be at least in part based on a trade dress, trademark, service mark, a service, or a product.
In embodiments, in methods and systems the practices of the website that at least in part comprise the repute of the website may be related to the corporate repute of a business that is associated with a website. The corporate repute may be based at least in part on at least one of the corporate address, how long the company has been in existence, how long the website has been in existence, if they have an IP address in a range of addresses with a poor repute, existence of a trademark, if they are a spammer, popularity rank, better business bureau, ranking of the corporation, based on existence within Fortune 1000, Fortune 500, Fortune 100, Fortune 50, and Fortune 10.
In embodiments, the corporate repute may be based at least in part on at least two of the corporate address, how long the company has been in existence, how long the website has been in existence, if they have an IP address in a range of addresses with a poor repute, existence of a trademark, if they are a spammer, popularity rank, better business bureau, ranking of the corporation, based on existence within Fortune 1000, Fortune 500, Fortune 100, Fortune 50, and Fortune 10.
In embodiments, the corporate repute may be based at least in part on a plurality of factors including at least one of the corporate address, how long the company has been in existence, how long the website has been in existence, if they have an IP address in a range of addresses with a poor repute, existence of a trademark, if they are a spammer, popularity rank, better business bureau, ranking of the corporation, based on existence within Fortune 1000, Fortune 500, Fortune 100, Fortune 50, and Fortune 10. In embodiments, in methods and systems the practices of the website that at least in part comprise the repute of the website may be related to website actions providing misleading information on the website, such as, a false phone number or address, false corporate ownership, or the like.
In embodiments, in methods and systems the practices of the website that at least in part comprise the repute of the website may be related to the corporate establishment date associated with the website. In embodiments, in methods and systems the repute of a website may be at least in part based on a link structure associated with the website.
These and other systems, methods, objects, features, and advantages of the present invention will be apparent to those skilled in the art from the following detailed description of the preferred embodiment and the drawings.
Brief Description of Drawings:
Fig 1: Illustrates a high-level schematic of various components that can support an interactive Repute-based platform for providing Repute-based methods and systems.
Detailed Descriptions of Inventions:
An aspect of the present invention relates to improving computer and user security and protection through repute services. Information relating to Websites may be used before, during, or after certain Website interactions as a way of predicting the reliability, safety, security, nuisance value, or other parameters of the interactions. In embodiments, systems and methods disclosed herein relate to assessing the repute of a site, page, or portion thereof, and alerting a user of the repute prior to or simultaneously with an interaction with the site, page, or portion. For example, a site, or content from the site, may carry unwanted or unintended content as a general practice or in certain instances. A system according to the principles of the present invention may alert the user of such repute prior to a user interaction with the site or content. In other situations, Websites request information from users for a purchase, to log in, to gain information, as part of a survey, or the like, and a system according to the principles of the present invention may alert the user about the site's repute for using such information before the user provides such information through the site. There are many safety precautions, parental control features, protection systems, and the like that may be implemented through a repute-based interactive system according to the principles of the present invention.
Fig. 1 illustrates a high-level schematic of an interactive repute- based platform 100 according to the principles of the present invention. The interactive repute platform 100 may include several client devices 102 that interact with server applications 104 through the Internet 108 or other internetworking facility. The client’s 102 may include computers (e.g. desktops, laptops, palmtops) 102A, televisions or other audio visual equipment 102B, mobile communication facilities (e.g. cell phones, PDAs, email devices, IM devices, pagers, messaging devices) 102C, set top boxes, gaming consoles, networked consumer electronics device, or any other facility capable of interacting a site, link, or similar networked computing facility. The client’s 102 may also interact with a repute server 110 for various reasons. For example, the client’s 102 may download client software, software updates, browser plug-ins, and the like from the repute server 110. In embodiments, the clients may interact with servers 104 through or in coordination with the repute server 110.
The interactive repute platform 100 may also include a repute service host 112. The repute service host 112 may be associated with the repute server 110 and or a client 102 and or be associated, in full or in part, with both the repute server 110 and the client 102. In embodiments, a portion of the repute service host 112 may reside on the client 102, and a portion may reside on the repute server 110. In embodiments the repute service host 112 may perform several functions related to repute-based protection of clients 102. For example, the repute service host may perform services associated with gathering, storing, and or providing repute information relating to certain Websites, activities, categories, types of interactions, content types, and the like 114. The repute service host 112 may provide warnings, cautions, alerts, indications of acceptable repute, indications of poor reputes, indications of reputes, indications of types of expected behaviours, and the like 118. The repute service host 112 may analyze behaviours (e.g. user behavior, site behavior, corporate behavior, page behavior, advertising behavior, communications behavior, or other behavior) 122 associated with the repute information 114. The repute service host 112 may monitor performance (e.g. client system performance before and or after a Web interaction) 124. In embodiments, the repute service host 112 may include a recommendation facility (e.g. making recommendations to a user of the client based on a site repute the user is attempting to interact with) 130. The repute service host 112 may be embodied in hardware, software, firmware, middleware, or a combination of any of the foregoing. In embodiments, the repute service host 112 may comprise a server, such as an HTTP server, Web server, or the like; as well as one or more other computing facilities, such as a processor, operating system, database, or communications facility; and one or more modules, such as modules for processing or executing algorithms or services. In embodiments, the repute service host 112 may comprise a single computer.
In other embodiments, the repute service host 112 may comprise more than one computer, such as in a distributed or parallel-processing system. In embodiments, the repute service host 112 may comprise a cluster of services, such as those that are registered in the registry of a services-oriented architecture. In embodiments a client 102, for example, may attempt to interact with an application associated with a server 104. The repute service host 112 may have previously collected repute information relating to the application, and the repute service host 112 may alert the user of the client to the repute before connecting the client 102 to the application. The repute service host may, for example, monitor an address or URL entered into an address bar of a browser application associated with the client 102, and, after the user has entered the address, the repute service host 112 may provide an alert to the user that the Website that the user is about to interact with has a repute for downloading spyware, malware, or other unwanted content. By way of another example, the client may be interacting with a site, and the site may present a page requesting information, such as a user email address, credit card information, and the like. The repute service host 112, having previously collected information relating to how this provider treats such information, may provide the user with a warning of how the provider treats such information prior to submitting any such information. The client may be presented with a warning when presented with the opportunity to enter such information, or the user may be provided a warning after entering the information but before the information is sent to the provider, for example. In embodiments, when indicia of a repute are' presented, they may be presented along with evidence of the repute at the time the user is making the interaction. For example, the presentation may include information relating to the number of pop-ups, type of virus, type of malware, type of spyware, type of identity theft, frequency of identity theft, site category (e.g. adult, travel, loan, children, teen, or retirement), and the like associated with the interaction. In embodiments, the evidence may have been produced through testing or developed through secondary sources, for example. In embodiments, the repute information may be provided through visual indications, aural indications, multi-media indications, video indications, or otherwise.
An internetwork of computing facilities 108 may involve any number of different networking systems. For example, the internetwork 108 may involve client — server topologies involving wired, wireless, optical, satellite, or other connection types. The internetwork 108 may involve P2P, mobile client-cell phone network-server, mobile client-satellite network-server, mobile client-server relationships or types of relationships. For example, a mobile communication facility 102C may connect to the Internet 108 through a wireless service provider 132 (e.g. Sprint, Verizon, AT&T, or T-Mobile).
In embodiments, a client 102 may be a desktop computer, laptop computer, palmtop computer, phone, cell phone, satellite phone, personal digital assistant (PDA), combination PDA/phone, walkie-talkie, television, video appliance, audio appliance, radio, satellite radio, picture appliance, Web appliance, home appliance (e.g. as part of home automation), information appliance, mobile communication platform, in- vehicle communication facility, location facility, GPS facility, wireless device, wired device, optical device, or other such device. In embodiments, a repute service host 112 may recognize the type of client 102 and customize the interaction based on the type of client 102. [0097] In embodiments, a repute server 110 may be duplicated and distributed throughout a region to provide faster access by clients in the region. In embodiments, the repute server 110 may provide services, content, applications, updates, and the like to clients 102. In embodiments, the repute server 110 may be used by a client 102 in the interaction process with other servers 104.
In embodiments, a repute service host 112 may be adapted to collect, store, organize, and/or provide repute information 118 relating to Websites and the like. Examples of such information may include a wide range of indicia, which in turn may relate to the quality of content of a site, page, or portion thereof; to behaviour or other actions engaged in by a site or the host thereof; to attributes of the site or the host; or other attributes of the site.
Such information 118 may include information relating to spam, adware, spyware, cookies, viruses, phishing, spoofing, worms, illegal activities, immoral activities, illicit activities, improper business practices, age inappropriate material, gambling, location of provider, corporate information, post office box, false phone number, misleading phone number, phone number location, duration of registration, location of registration, better business bureau information, Website reference information, Website quality listing, VeriSign listing, analysis of links to the site, analysis of links from the site, treatment of information, treatment of personal information, names, addresses, phone numbers, social security numbers, portion of social security number, credit card number, bank number, pin, mother's maiden name, spouse's name, license number, immigration information, purchase information, username, password, password for the site, mortgage amount, car loan amounts, loan information, loan application information, income, downloading of content, downloading of unwanted content, downloading of spyware, downloading of malware, downloading of viruses, downloading of worms, downloading of programs, downloading of executable files, downloading of ActiveX, downloading of unexpected content, downloading of Java, downloading of JavaScript, downloading of VB script, downloading of Flash, downloading of a media player, downloading of a player, downloading of a Webpage containing Web browser "exploits," misdirection, misleading information, trademarks, trade dress, service marks, trade names, brand name confusion, false information, metadata patterns, corporate addresses, how long the company has been in existence, how long the Website has been in existence, whether a company has an IP address in a range of addresses with a poor repute, existence of a trademark, whether a company is a spammer, popularity ranks, ranking of the corporation (such as based on existence within Fortune 1000, Fortune 500, Fortune 100, Fortune 50, and Fortune 10), false corporate ownership information, misleading call information (e.g. whom or what a call will reach), higher ranked similar sites, famous trademarks, whether the site owns a registered trademark (e.g. federal, local, or international), whether the site has certificates, whether the site is similar to one with a famous trademark, decoy sites, valid addresses (e.g. corporate and or site reference), valid phone numbers (e.g. corporate and or site reference), valid email addresses (e.g. corporate and or site reference), valid contact information, addresses that correspond with a phone number and or the phone number presented, how long the site has existed, where the site is hosted, what IP ranges the site IP address is in, whether the site asks for personal information, whether it requests personal information, where on the site a site asks for personal information, whether the site sends email related to the content on the Website (e.g. it may be acceptable for an adult site to send adult content emails, but it may not be acceptable for a lottery Website to send adult content emails), whether the site adheres to common security practices (e.g. uses SSL, etc) or the like. Each one of these factors, or any combination of any two or more of them, may be used as a basis for assessing the repute of a site, a page, or a portion thereof, such as in association with a user's interaction with the same.
While certain preferred embodiments have been identified, the information 118 may encompass any type of information that can be used to derive an indicator of repute or to serve as such an indicator, including any type of information referenced herein or in the documents incorporated by reference herein. A repute service host 112 may also operate in coordination with another protection program, such as a virus protection program 134, a spam filter 138, a content filter, a parental control program, a spyware removal program 140, and/or a firewall 142, or any combination thereof. While the virus protection program 134, spam filter 138, spyware removal program 140, and firewall 142 are illustrated as being alternatively associated with the repute service host 112, such facilities may be associated with remote devices and or servers. The repute service host 112 may be associated with a spam protection facility (e.g. spam filter software residing on the client 102 or spam filter software residing on an associated server). The repute service host 112 may detect a client 102 server 104 interaction indicative of a spam attack, so the repute service host 112 may send an indication of such to the spam protection facility 138. The spam protection facility 138 may then target spam from the interacted source or generally increase an activity associated with spam reviews. For example, any email identified as coming from the interacted source may be loaded into a folder for review and the user may be alerted to the fact that the email has been tagged as spam. In embodiments, the spam protection facility may filter spam, prevent address harvesting by keeping users from entering information on a Website, identify spam, report spam, provide content based filtering (e.g. looking for email that contains links to low repute Websites as an indicator that this is unwanted email), provide statistical filtering, provide check-sum filtering, provide authentication, provide or verify keys, perform Heuristic filtering, set honey pots, or perform other such activities. The use of a white list may allow precise tuning of a heuristic of which the phishing detection process may be comprised. For another example, a process for allowing or denying features associated with Web content (such as adware, spyware, spam, phishing, pop ups, cookies, ActiveX components, client-side scripting, uploading files, downloading files, providing personal information, and so forth) may allow a user to add Web content to a white list to indicate that features associated with the Web content should always be allowed.