WO2010065991A1 - System and method for adapting an internet and intranet filtering system - Google Patents

System and method for adapting an internet and intranet filtering system Download PDF

Info

Publication number
WO2010065991A1
WO2010065991A1 PCT/AU2009/001590 AU2009001590W WO2010065991A1 WO 2010065991 A1 WO2010065991 A1 WO 2010065991A1 AU 2009001590 W AU2009001590 W AU 2009001590W WO 2010065991 A1 WO2010065991 A1 WO 2010065991A1
Authority
WO
WIPO (PCT)
Prior art keywords
computer
information
hypertext
threatening
messages
Prior art date
Application number
PCT/AU2009/001590
Other languages
French (fr)
Inventor
Janet Surasathian
Original Assignee
Janet Surasathian
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from AU2008906320A external-priority patent/AU2008906320A0/en
Application filed by Janet Surasathian filed Critical Janet Surasathian
Priority to EP09831305.9A priority Critical patent/EP2389629A4/en
Priority to AU2009326848A priority patent/AU2009326848B2/en
Priority to US13/132,607 priority patent/US9049227B2/en
Priority to CN2009801559763A priority patent/CN102369516A/en
Publication of WO2010065991A1 publication Critical patent/WO2010065991A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2149Restricted operating environment
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/04Processing captured monitoring data, e.g. for logfile generation

Definitions

  • the present invention relates to a system and method for improved value utilisation and communication of Internet or Intranet page content using an Internet or Intranet browser or user interface with a domain name entry, Uniform Resource Locator (URL) and Internet or Intranet page content filtering system or other event monitoring system.
  • the invention takes advantage of the interface to a content filtering system or other event monitoring system that filters prohibited domain name entries, URLs and Internet or Intranet page content or other events and diverts a user when they have deliberately or inadvertently caused a Internet or Intranet browser or other security threat or breach to provide to an improved viewing and reading experience for the user and a more effective, targeted and measurable delivery of communication for authorised authors.
  • the Internet is a global system of computers that are linked together so that the various computers can communicate seamlessly with one another.
  • Internet users access server computers to download and display informational or hypertext pages typically through an Internet browser. Once a server has been connected to the Internet, informational or hypertext pages can be displayed to virtually anyone having access to the Internet.
  • an Intranet is a private computer network that uses the protocols of the Internet but host informational or hypertext pages that can only be seen by a select number of network connected computers using an Intranet browser and hence a limited number of users.
  • hypertext documents available on the Internet are usually represented in the format of "hypertext.”
  • Each hypertext "page” can be arbitrarily long, and may or may not fit within one computer monitor screen.
  • Pages of hypertext maybe linked to each other by "hyperlinks" on each page of a hypertext, and there might be one or more "links” in the form of static or animates pictures, video, words or embedded documents which, when selected and clicked on (with, say, an input device such as a computer mouse) will cause the hypertext document to which the hyperlink is linked to appear on the computer monitor screen.
  • the text of the new page replaces the earlier hypertext page.
  • Domain name entry, Uniform Resource Locator (URL) and Internet or Intranet page content filtering systems interfaced with Internet or Intranet browsers are used to provide security and reduce threats such as prohibited domain names or URLs, undesirable emails, pop-ups, downloads and prohibited Internet or Intranet page content that may be categorised by the amount and type of language, nudity, sex or violence contained within a page.
  • Other event monitoring systems that also detect undesirable or prohibited activities such as virus scanning software may be installed on a computer to provide additional security and reduce threats such as computer viruses, malware, spam, and phishing.
  • content filtering systems or other 'watch dog' monitoring systems such as virus scanning software installed on a computer are event based, so when their predefined criteria or rules for detecting a potential security threat or breach are met, they are triggered to perform a series of procedures so as to protect a computer, network or user.
  • a filtering system would trigger a procedure that stops the request from linking to the prohibited domain name, URL or prohibited Internet or Intranet page content and hence stop the Internet or Intranet browser from displaying the prohibited domain name, URL or Internet or Intranet page content and instead display a Internet or Intranet page with a static default standard hypertext security message within the browser for the user to view and read detailing that a potential threat had been detected and thwarted, for example a security message may say "Access Denied".
  • This standard security notification message typically remains displayed until the user decides to visit another domain name, URL, hyperlink to another Internet or Intranet page or close the browser.
  • the default standard hypertext security message provides basic and minimal information, and hence minimal usefulness and experience for the user.
  • conventional filtering systems or other event monitoring systems such as virus scanning software do not provide a function to enable authorised authors to edit in a live environment the typical default standard hypertext security message to communicate more effective and targeted value-adding information to the browser user that may be classified as useful, entertaining, educational, interesting or instructional at a unique point in time.
  • a filtering system or other event monitoring system such as virus scanning software displays its default standard hypertext security message within a browser or user interface it has completed its procedure and provides no further use or value to a user.
  • the system and method has several features, no single one of which is solely responsible for its desirable attributes. Without limiting the scope as expressed by what follows, its more prominent features will now be discussed briefly. After considering this discussion, and particularly after reading the section entitled “Detailed Description of the Invention" one will understand how the features of the system and method provide several advantages over conventional filtering systems and other event monitoring systems such as virus scanning software.
  • the present invention addresses the limitations in the conventional Internet or Intranet browser with a domain name entry, Uniform Resource Locator (URL) and Internet or Intranet page content filtering system and or other event monitoring systems such as virus scanning software by providing an interface system and method that enables authorised authors to communicate targeted and value- adding information to the user through a browser or user interface at the unique point in time when they have deliberately or inadvertently caused an Internet or Intranet browser security threat or breach or when their computer's virus scanning software has detected a security threat or breach, and improves utilisation of Internet or Intranet page content at this point in time which may be measured for its effectiveness as communicated information.
  • this invention allows the communication of value-adding information to also be displayed to a user in the event that their computer has timed-out as an alternative to a standard computer monitor screen-saver.
  • the invention is installed on a standalone or networked computer and may comprise an events list which is either a local or centrally stored file on the computer that may contain a listing of possible non-threats such as a computer timing out, security threats such as computer viruses, malware and spam and or Internet or Intranet page identifiers, which typically are Uniform Resource Locators (URLs) and a content category related to allow-block lists used in a filtering system and the content category for each such Internet or Intranet page.
  • a content settings function is further provided containing settings for the user as determined by the computer administrator. Such content settings may include an age group map that cross-references age groups to the categories of landing page permissibly and suggestibly viewable by the respective age group or their personal interests.
  • Content settings may also include the user's interest-matching list, the user's age group and other demographic based grouping as determined and customised by the administrator.
  • authorised authors may access the events list and content settings by unique and secure password to classify and compile a plurality of different types of non-threatening and security threatening events that may occur within a computer, an Internet or Intranet filtering system or other area of a computer, for example a detectable threat or breach found by an installed virus scanning software, or a non-threatening event such as when a computer has timed-out, or a prohibited content is requested and is programmed to automatically display a standard notification or computer monitor screen- saver.
  • the invention continually interfaces with a plurality of computer based event monitoring systems such as filtering systems and or virus scanning software to determine whether these systems have detected a non-threatening event and or security threat or breach that corresponds with those detailed within the events list and content settings.
  • a corresponding tailored and targeted hypertext message and information is instantly displayed to the computer user through a browser or user interface by the invention.
  • an editing function shall be provided that enables the login of authorised authors including computer administrator/s by unique and secure password to edit and publish tailored and targeted hypertext messages and information that may be classified as useful, entertaining, educational, interesting or instructional to a computer user through a browser or user interface in the instant their computer's event monitoring systems detect an event corresponding to that recorded on the events list.
  • a measuring function shall be provided that enables the login of authorised authors including computer administrator/s by unique and secure password to define and set up a plurality of metrics that may enable them to measure the effectiveness of the published and communicated messages and information recorded within the editing function in terms of being useful, entertaining, educational, interesting or instructional to a computer user. Additional advantages and the novel features of the invention will be set forth in the description which follows, and in part will be apparent to those skilled in the art upon examination of the following, or may be learned by practice of the invention.
  • FIG. 1 is an illustration detailing an overview of the present invention.
  • the invention provides a system and method for continuously interfacing with a plurality of computer based event monitoring systems 1 such as Internet and Intranet filtering systems 2 and or virus scanning software 3 to determine whether these systems have detected a non-threatening and or security threatening event that corresponds with an event pre-determined and recorded within the events list 4 which contains a plurality of non-threatening and security threatening events that may occur within a computer 5 which in turn triggers a classified, targeted and value-adding hypertext message or information 6 to be instantly displayed to the computer user through a browser or user interface 7 instead of an event monitoring system 1 default hypertext security message, and preferably an editing function 8 shall be provided that enables the login of authorised authors 9 including computer administrator/s 10 to edit and publish targeted and value-adding hypertext messages and information 6, and preferably a measuring function 11 shall be provided that enables the login of authorised authors 9 including computer administrator/s 10 to define and set up a plurality of metrics 12 that may enable them to measure the effectiveness of the displayed targeted and value-adding hypertext messages and information 6 in
  • the events list 4 is preferably a listing of a plurality of non-threatening and security threatening events that may occur and be detected by computer base monitoring systems 1 such as Internet and Intranet filtering systems 2 and or virus scanning software 3 within a computer which is preferably accessible by unique and secure password to enable the login of authorised authors 9 including computer administrator/s 10 to edit and group these events by type such that hypertext messages and information 6 recorded on the hypertext message list 14 can be subsequently classified and subsequently displayed in the instant a particular event occurs.
  • the present embodiment may operate with a pre-populated events list 4 to provide an authorised author 9 or administrator/s 10 a listing of typical events to choose from to save time.
  • this system and method continuously interfaces and communicates with a predetermined group of computer based event monitoring systems 1 such as Internet and Intranet filtering systems 2, virus scanning software 3 and standard computer alerts until it determines that a system/s or alert has detected a non-threatening and or security threatening event that corresponds with a predetermined event recorded within the events list 4.
  • computer based event monitoring systems 1 such as Internet and Intranet filtering systems 2, virus scanning software 3 and standard computer alerts until it determines that a system/s or alert has detected a non-threatening and or security threatening event that corresponds with a predetermined event recorded within the events list 4.
  • the installer shall be provided the option to search, select and pre-determine which computer based event monitoring systems 1 are to be continuously interfaced with.
  • this system and method interfaces directly with that function of an event monitoring system 1 that stops or produces an event which subsequently displays a related default hypertext message, such as "Access Denied” or similar, and replaces this default message with a classified hypertext messages or information 6 from the hypertext message list 14 which is instead displayed to the user through a browser or user interface 7.
  • a related default hypertext message such as "Access Denied” or similar
  • the system and method shall be provided an editing function 8 accessible by unique and secure password to enable the login of authorised authors 9 including computer administrator/s 10 to edit in a live environment hypertext messages and information 6 that may be defined as useful, entertaining, educational, interesting or instructional to a user through a browser or user interface 7, and classify such messages and information 6 according to a plurality of predefined events and or content categories maintained on the events list 4 such that the hypertext messages and information 6 is targeted and displayed to the computer user through a browser or user interface 7 in the instant their computer's event monitoring systems 1 detect an event corresponding to that recorded on the events list 4, and maintain these hypertext messages and information 6 on the hypertext message list 14.
  • an editing function 8 accessible by unique and secure password to enable the login of authorised authors 9 including computer administrator/s 10 to edit in a live environment hypertext messages and information 6 that may be defined as useful, entertaining, educational, interesting or instructional to a user through a browser or user interface 7, and classify such messages and information 6 according to a plurality of predefined events and or content categories maintained on
  • the age group for a primary school and the school's prohibited content categories may include pornography and gambling so that when a primary school child user attempts to access Internet or Intranet pages that may contain these prohibited categories the computer's filtering system's 2 detects the security threat and instead of this filtering system simultaneously displaying its standard default hypertext message of "Access Denied" or similar the invention by referencing the pre-determined events and content categories recorded within the events list 4 determines what type of event has occurred and selects a corresponding value-adding hypertext message 6 that may be entertaining, educational, interesting or instructional and displays this to the child user through a browser or user interface 7 to provide them an improved viewing and reading experience.
  • the system and method shall be provided a measuring function 11 which enables the login of authors 9 and computer administrator 10 who are authorised by unique and secure password to define and set up a plurality of metrics 12 that may enable them to measure the effectiveness of their displayed and communicated tailored, targeted and value-adding hypertext message and information 6 in achieving a desired level of effectiveness in terms of being useful, entertaining, educational, interesting or instructional to a computer user in the instant their computer's event monitoring system/s 1 detect an event corresponding to that recorded on the events list 4.
  • a measuring function 11 which enables the login of authors 9 and computer administrator 10 who are authorised by unique and secure password to define and set up a plurality of metrics 12 that may enable them to measure the effectiveness of their displayed and communicated tailored, targeted and value-adding hypertext message and information 6 in achieving a desired level of effectiveness in terms of being useful, entertaining, educational, interesting or instructional to a computer user in the instant their computer's event monitoring system/s 1 detect an event corresponding to that recorded on the events list 4.
  • a metric may be a static and or dynamic statistic that is set up, calculated via an algorithm and recorded within the measuring function 11 with the measured results collected and saved within the measuring function 11 every time a targeted and value-adding hypertext message and information 6 is displayed to a computer user, which may preferably be presented in a report 15 format within the measuring function 11 or extracted out of the measuring function 11 into another format to enable the authorised author 9 or administrator 10 to easily assess whether their hypertext message and information 6 has been viewed and or interacted with by the computer user the way they intended.
  • an author 9 of a targeted hypertext message 6 may be interested to measure whether a computer user is interacting with this message's hyperlinks and or in measuring how long in time the user stays interacting within the displayed message 6 and or may survey users online on a number of specific questions to gauge their opinion on a particular subject/s. If the measured metric indicates that a displayed hypertext message or information 6 was effective in interacting with a computer user in the way they intended, then the authorised author 9 or administrator 10 may leave this information unchanged, or if the report 15 for a metric 12 indicates that a displayed hypertext message or information 6 was ineffective, then the authorised author 9 or administrator 10 may modify or delete the targeted hypertext information 6.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Virology (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • General Physics & Mathematics (AREA)
  • Information Transfer Between Computers (AREA)
  • Computer And Data Communications (AREA)
  • Storage Device Security (AREA)

Abstract

According to the present invention, there is provided a system and method for continuously interfacing with a plurality of computer based event monitoring systems such as Internet and Intranet filtering systems and or virus scanning software to determine whether these systems have detected a non-threatening and or security threatening event that corresponds with an event pre-determined and recorded within the events list which contains a plurality of non-threatening and security threatening events that may occur within a computer which in turn triggers a classified, targeted and value-adding hypertext message or information to be instantly displayed to the computer user through a browser or user interface instead of an event monitoring system default hypertext security message, and preferably an editing function shall be provided that enables the login of authorised authors including computer administrator/s to edit and publish targeted and value-adding hypertext messages and information, and preferably a measuring function shall be provided that enables the login of authorised authors including computer administrator/s to define and set up a plurality of metrics that may enable them to measure the effectiveness of the displayed targeted and value-adding hypertext messages and information in terms of being useful, entertaining, educational, interesting or instructional to a computer user through an alternate browser or user interface at the unique point in time when their computer has detected an event.

Description

System and Method for Adapting an Internet and Intranet Filtering System
Field of the Invention
The present invention relates to a system and method for improved value utilisation and communication of Internet or Intranet page content using an Internet or Intranet browser or user interface with a domain name entry, Uniform Resource Locator (URL) and Internet or Intranet page content filtering system or other event monitoring system. In particular, the invention takes advantage of the interface to a content filtering system or other event monitoring system that filters prohibited domain name entries, URLs and Internet or Intranet page content or other events and diverts a user when they have deliberately or inadvertently caused a Internet or Intranet browser or other security threat or breach to provide to an improved viewing and reading experience for the user and a more effective, targeted and measurable delivery of communication for authorised authors.
Background to the Invention
The Internet is a global system of computers that are linked together so that the various computers can communicate seamlessly with one another. Internet users access server computers to download and display informational or hypertext pages typically through an Internet browser. Once a server has been connected to the Internet, informational or hypertext pages can be displayed to virtually anyone having access to the Internet. Alternatively, an Intranet is a private computer network that uses the protocols of the Internet but host informational or hypertext pages that can only be seen by a select number of network connected computers using an Intranet browser and hence a limited number of users.
Currently, documents available on the Internet are usually represented in the format of "hypertext." Each hypertext "page" can be arbitrarily long, and may or may not fit within one computer monitor screen. Pages of hypertext maybe linked to each other by "hyperlinks" on each page of a hypertext, and there might be one or more "links" in the form of static or animates pictures, video, words or embedded documents which, when selected and clicked on (with, say, an input device such as a computer mouse) will cause the hypertext document to which the hyperlink is linked to appear on the computer monitor screen. In other words, the text of the new page replaces the earlier hypertext page.
Domain name entry, Uniform Resource Locator (URL) and Internet or Intranet page content filtering systems interfaced with Internet or Intranet browsers are used to provide security and reduce threats such as prohibited domain names or URLs, undesirable emails, pop-ups, downloads and prohibited Internet or Intranet page content that may be categorised by the amount and type of language, nudity, sex or violence contained within a page. Other event monitoring systems that also detect undesirable or prohibited activities such as virus scanning software may be installed on a computer to provide additional security and reduce threats such as computer viruses, malware, spam, and phishing.
Typically content filtering systems or other 'watch dog' monitoring systems such as virus scanning software installed on a computer are event based, so when their predefined criteria or rules for detecting a potential security threat or breach are met, they are triggered to perform a series of procedures so as to protect a computer, network or user. For example, if a prohibited domain name, URL or prohibited Internet or Intranet page content is searched, selected or requested using a browser or hyperlink, then typically a filtering system would trigger a procedure that stops the request from linking to the prohibited domain name, URL or prohibited Internet or Intranet page content and hence stop the Internet or Intranet browser from displaying the prohibited domain name, URL or Internet or Intranet page content and instead display a Internet or Intranet page with a static default standard hypertext security message within the browser for the user to view and read detailing that a potential threat had been detected and thwarted, for example a security message may say "Access Denied". This standard security notification message typically remains displayed until the user decides to visit another domain name, URL, hyperlink to another Internet or Intranet page or close the browser. Once all triggered procedures are completed and the computer or network is no longer under security threat or breach, these filtering systems or other event monitoring systems such as virus scanning software continue to operate in the background of a computer and or network waiting to detect the next security threat or breach. While the current function of Internet or Intranet browser filtering systems or other event monitoring systems such as virus scanning software affords users protection from threats, their static standard security notification message displayed on a hypertext page through a browser typically only detail in a few words that security has been breached and little else, which under-utilises the opportunity and potential to provide and communicate value-adding information back to the user at a point in time when they have deliberately or inadvertently caused an Internet or Intranet browser security threat or breach. The default standard hypertext security message provides basic and minimal information, and hence minimal usefulness and experience for the user. Further, conventional filtering systems or other event monitoring systems such as virus scanning software do not provide a function to enable authorised authors to edit in a live environment the typical default standard hypertext security message to communicate more effective and targeted value-adding information to the browser user that may be classified as useful, entertaining, educational, interesting or instructional at a unique point in time. Typically, once a filtering system or other event monitoring system such as virus scanning software displays its default standard hypertext security message within a browser or user interface it has completed its procedure and provides no further use or value to a user.
It is an object of this invention to overcome or substantially ameliorate the disadvantages of the prior art by providing a system and method that interfaces with a domain name, URL, Internet or Intranet page content filtering system and or other event monitoring systems such as virus scanning software which requires secure login by authorised authors at all times and enables users to edit and publish a hypertext security message/s in a live environment to communicate more effective, targeted and measurable information that may be classified as useful, entertaining, educational, interesting or instructional to a user through a browser or user interface at a point in time when they have deliberately or inadvertently caused a Internet or Intranet browser security threat or breach or when their computer's virus scanning software has detected a security threat to provide them an improved viewing and reading experience. Summary of Invention
The system and method has several features, no single one of which is solely responsible for its desirable attributes. Without limiting the scope as expressed by what follows, its more prominent features will now be discussed briefly. After considering this discussion, and particularly after reading the section entitled "Detailed Description of the Invention" one will understand how the features of the system and method provide several advantages over conventional filtering systems and other event monitoring systems such as virus scanning software.
The present invention addresses the limitations in the conventional Internet or Intranet browser with a domain name entry, Uniform Resource Locator (URL) and Internet or Intranet page content filtering system and or other event monitoring systems such as virus scanning software by providing an interface system and method that enables authorised authors to communicate targeted and value- adding information to the user through a browser or user interface at the unique point in time when they have deliberately or inadvertently caused an Internet or Intranet browser security threat or breach or when their computer's virus scanning software has detected a security threat or breach, and improves utilisation of Internet or Intranet page content at this point in time which may be measured for its effectiveness as communicated information. Advantageously, this invention allows the communication of value-adding information to also be displayed to a user in the event that their computer has timed-out as an alternative to a standard computer monitor screen-saver.
The invention is installed on a standalone or networked computer and may comprise an events list which is either a local or centrally stored file on the computer that may contain a listing of possible non-threats such as a computer timing out, security threats such as computer viruses, malware and spam and or Internet or Intranet page identifiers, which typically are Uniform Resource Locators (URLs) and a content category related to allow-block lists used in a filtering system and the content category for each such Internet or Intranet page. A content settings function is further provided containing settings for the user as determined by the computer administrator. Such content settings may include an age group map that cross-references age groups to the categories of landing page permissibly and suggestibly viewable by the respective age group or their personal interests. Content settings may also include the user's interest-matching list, the user's age group and other demographic based grouping as determined and customised by the administrator. Preferably authorised authors may access the events list and content settings by unique and secure password to classify and compile a plurality of different types of non-threatening and security threatening events that may occur within a computer, an Internet or Intranet filtering system or other area of a computer, for example a detectable threat or breach found by an installed virus scanning software, or a non-threatening event such as when a computer has timed-out, or a prohibited content is requested and is programmed to automatically display a standard notification or computer monitor screen- saver.
Preferably the invention continually interfaces with a plurality of computer based event monitoring systems such as filtering systems and or virus scanning software to determine whether these systems have detected a non-threatening event and or security threat or breach that corresponds with those detailed within the events list and content settings. Preferably when an event such as a security threat has been detected by an event monitoring system such as a filtering systems and or virus scanning software that corresponds to an event recorded on the events list, a corresponding tailored and targeted hypertext message and information is instantly displayed to the computer user through a browser or user interface by the invention.
Preferably an editing function shall be provided that enables the login of authorised authors including computer administrator/s by unique and secure password to edit and publish tailored and targeted hypertext messages and information that may be classified as useful, entertaining, educational, interesting or instructional to a computer user through a browser or user interface in the instant their computer's event monitoring systems detect an event corresponding to that recorded on the events list.
Preferably a measuring function shall be provided that enables the login of authorised authors including computer administrator/s by unique and secure password to define and set up a plurality of metrics that may enable them to measure the effectiveness of the published and communicated messages and information recorded within the editing function in terms of being useful, entertaining, educational, interesting or instructional to a computer user. Additional advantages and the novel features of the invention will be set forth in the description which follows, and in part will be apparent to those skilled in the art upon examination of the following, or may be learned by practice of the invention.
Brief Description of Drawings
The present invention is described in detail below with reference to the attached drawing figure, wherein:
FIG. 1 is an illustration detailing an overview of the present invention.
Detailed Description of the Invention
The invention provides a system and method for continuously interfacing with a plurality of computer based event monitoring systems 1 such as Internet and Intranet filtering systems 2 and or virus scanning software 3 to determine whether these systems have detected a non-threatening and or security threatening event that corresponds with an event pre-determined and recorded within the events list 4 which contains a plurality of non-threatening and security threatening events that may occur within a computer 5 which in turn triggers a classified, targeted and value-adding hypertext message or information 6 to be instantly displayed to the computer user through a browser or user interface 7 instead of an event monitoring system 1 default hypertext security message, and preferably an editing function 8 shall be provided that enables the login of authorised authors 9 including computer administrator/s 10 to edit and publish targeted and value-adding hypertext messages and information 6, and preferably a measuring function 11 shall be provided that enables the login of authorised authors 9 including computer administrator/s 10 to define and set up a plurality of metrics 12 that may enable them to measure the effectiveness of the displayed targeted and value-adding hypertext messages and information 6 in terms of being useful, entertaining, educational, interesting or instructional to a computer user through a browser or user interface 7 at the unique point in time when their computer has detected an event. The invention is preferably installed on a standalone 5 or networked computer 13, with an events list 4, hypertext message list 14. Moreover, those skilled in the art will appreciate that the invention may be practised with other computer system configurations, including hand-held devices.
The events list 4 is preferably a listing of a plurality of non-threatening and security threatening events that may occur and be detected by computer base monitoring systems 1 such as Internet and Intranet filtering systems 2 and or virus scanning software 3 within a computer which is preferably accessible by unique and secure password to enable the login of authorised authors 9 including computer administrator/s 10 to edit and group these events by type such that hypertext messages and information 6 recorded on the hypertext message list 14 can be subsequently classified and subsequently displayed in the instant a particular event occurs. The present embodiment may operate with a pre-populated events list 4 to provide an authorised author 9 or administrator/s 10 a listing of typical events to choose from to save time.
Preferably this system and method continuously interfaces and communicates with a predetermined group of computer based event monitoring systems 1 such as Internet and Intranet filtering systems 2, virus scanning software 3 and standard computer alerts until it determines that a system/s or alert has detected a non-threatening and or security threatening event that corresponds with a predetermined event recorded within the events list 4. On installation of the system and method the installer shall be provided the option to search, select and pre-determine which computer based event monitoring systems 1 are to be continuously interfaced with. Preferably this system and method interfaces directly with that function of an event monitoring system 1 that stops or produces an event which subsequently displays a related default hypertext message, such as "Access Denied" or similar, and replaces this default message with a classified hypertext messages or information 6 from the hypertext message list 14 which is instead displayed to the user through a browser or user interface 7.
Preferably the system and method shall be provided an editing function 8 accessible by unique and secure password to enable the login of authorised authors 9 including computer administrator/s 10 to edit in a live environment hypertext messages and information 6 that may be defined as useful, entertaining, educational, interesting or instructional to a user through a browser or user interface 7, and classify such messages and information 6 according to a plurality of predefined events and or content categories maintained on the events list 4 such that the hypertext messages and information 6 is targeted and displayed to the computer user through a browser or user interface 7 in the instant their computer's event monitoring systems 1 detect an event corresponding to that recorded on the events list 4, and maintain these hypertext messages and information 6 on the hypertext message list 14. For example, the age group for a primary school and the school's prohibited content categories may include pornography and gambling so that when a primary school child user attempts to access Internet or Intranet pages that may contain these prohibited categories the computer's filtering system's 2 detects the security threat and instead of this filtering system simultaneously displaying its standard default hypertext message of "Access Denied" or similar the invention by referencing the pre-determined events and content categories recorded within the events list 4 determines what type of event has occurred and selects a corresponding value-adding hypertext message 6 that may be entertaining, educational, interesting or instructional and displays this to the child user through a browser or user interface 7 to provide them an improved viewing and reading experience.
Preferably the system and method shall be provided a measuring function 11 which enables the login of authors 9 and computer administrator 10 who are authorised by unique and secure password to define and set up a plurality of metrics 12 that may enable them to measure the effectiveness of their displayed and communicated tailored, targeted and value-adding hypertext message and information 6 in achieving a desired level of effectiveness in terms of being useful, entertaining, educational, interesting or instructional to a computer user in the instant their computer's event monitoring system/s 1 detect an event corresponding to that recorded on the events list 4. A metric may be a static and or dynamic statistic that is set up, calculated via an algorithm and recorded within the measuring function 11 with the measured results collected and saved within the measuring function 11 every time a targeted and value-adding hypertext message and information 6 is displayed to a computer user, which may preferably be presented in a report 15 format within the measuring function 11 or extracted out of the measuring function 11 into another format to enable the authorised author 9 or administrator 10 to easily assess whether their hypertext message and information 6 has been viewed and or interacted with by the computer user the way they intended. For example, an author 9 of a targeted hypertext message 6 may be interested to measure whether a computer user is interacting with this message's hyperlinks and or in measuring how long in time the user stays interacting within the displayed message 6 and or may survey users online on a number of specific questions to gauge their opinion on a particular subject/s. If the measured metric indicates that a displayed hypertext message or information 6 was effective in interacting with a computer user in the way they intended, then the authorised author 9 or administrator 10 may leave this information unchanged, or if the report 15 for a metric 12 indicates that a displayed hypertext message or information 6 was ineffective, then the authorised author 9 or administrator 10 may modify or delete the targeted hypertext information 6.
Although many other internal components of the computer are not detailed, those of ordinary skill in the art will appreciate that such components and the interconnection are well known. Accordingly, additional details concerning the internal construction of the computer need not be disclosed in connection with the present invention.
Finally, it is to be understood that the inventive concept in any of its aspects can be incorporated in many different constructions so that the generality of the preceding description is not to be superseded by the particularity of the attached drawing/s. Various alterations, modifications and/or additions may be incorporated into the various constructions and arrangements of parts without departing from the spirit or ambit of the invention.

Claims

The claims defining the invention are as follows:
1. A method for continuously interfacing with a plurality of computer based event monitoring systems such as Internet and Intranet filtering systems and or virus scanning software to determine whether these systems have detected a non-threatening or threatening event, and displaying editable hypertext messages and information that can be measured on standalone or networked computers, comprising steps of:
• searching, selecting and determining computer based event monitoring systems;
• determining, editing and recording non-threatening or threatening events on the events list;
• editing and recording of hypertext messages and information for display;
• classifying said hypertext messages and information;
• editing and recording metrics to measure the effectiveness of said hypertext messages and information;
• detecting and classifying non-threatening or threatening events on said events list;
• displaying classified said hypertext messages and information; and
• measuring effectiveness of said hypertext messages and information.
2. The method according to claim 1, wherein said steps of searching, selecting and determining computer based event monitoring systems are performed by accessing a computer's installed programs and their identification.
3. The method according to claim 1, wherein said steps of editing and recording of hypertext messages and information are performed within the message list.
4. The method according to claim 1, wherein said step of classifying hypertext messages and information is performed by reference to non-threatening or threatening events and content categories on said events list.
5. The method according to claim 1, wherein said step of displaying classified said hypertext messages and information is performed by use of alternate Internet or Intranet browser or user interface.
6. The method according to claim 1, wherein said step of measuring effectiveness of said hypertext messages and information is performed by at least one metric.
7. A system for continuously interfacing with a plurality of computer based event monitoring systems such as Internet and Intranet filtering systems and or virus scanning software to determine whether these systems have detected a non-threatening or threatening event, and displaying editable hypertext messages and information that can be measured on standalone or networked computers, comprising:
• an events list;
• a message list;
• a browser or user interface;
• editing function;
• measuring function; and
• a requester configured to dynamically request a hypertext message or information from the message list to be instantly displayed in response to determined event on a computer.
8. A system for displaying a hypertext message and information into an alternate Internet and Intranet browser or user interface, comprising:
• a secure login function configured to enable an authorised author or computer administrator to login by unique and secure password in a live computer environment;
• a secure editing function configured to enable an author or computer administrator to edit and save a plurality of hypertext messages and information;
• a list of classifications to enable an author or computer administrator to classify a hypertext message and information corresponding to known non-threatening or threatening events, including prohibited content categories or particular user's age groups; and
• a request processor configured to dynamically receive a request from an event monitoring system for said hypertext message and information to be displayed in an alternate Internet or Intranet browser or user interface.
9. A system for measuring the effectiveness of hypertext messages and information when displayed to a computer user through a browser or user interface, comprising:
• a secure login function configured to enable an authorised author or computer administrator to login by unique and secure password in a live computer environment;
• a secure editing function configured to enable an author or computer administrator to define, set up, edit and save a plurality of metrics;
• a content request function configured to dynamically collect and record data required for said metrics;
• an algorithm that calculates the difference between said metrics and said collected data; and
• a display mechanism configured to format said metrics, collected data and said differences for reporting to and viewing by an author or computer administrator.
PCT/AU2009/001590 2008-12-08 2009-12-07 System and method for adapting an internet and intranet filtering system WO2010065991A1 (en)

Priority Applications (4)

Application Number Priority Date Filing Date Title
EP09831305.9A EP2389629A4 (en) 2008-12-08 2009-12-07 System and method for adapting an internet and intranet filtering system
AU2009326848A AU2009326848B2 (en) 2008-12-08 2009-12-07 System and method for adapting an internet and intranet filtering system
US13/132,607 US9049227B2 (en) 2008-12-08 2009-12-07 System and method for adapting an internet and intranet filtering system
CN2009801559763A CN102369516A (en) 2008-12-08 2009-12-07 System and method for adapting an internet and intranet filtering system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
AU2008906320 2008-12-08
AU2008906320A AU2008906320A0 (en) 2008-12-08 System and method for adapting an internet and intranet filtering system

Publications (1)

Publication Number Publication Date
WO2010065991A1 true WO2010065991A1 (en) 2010-06-17

Family

ID=42242237

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/AU2009/001590 WO2010065991A1 (en) 2008-12-08 2009-12-07 System and method for adapting an internet and intranet filtering system

Country Status (5)

Country Link
US (1) US9049227B2 (en)
EP (1) EP2389629A4 (en)
CN (1) CN102369516A (en)
AU (1) AU2009326848B2 (en)
WO (1) WO2010065991A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8578453B2 (en) 2009-07-07 2013-11-05 Netsweeper Inc. System and method for providing customized response messages based on requested website
US11552896B2 (en) * 2020-04-07 2023-01-10 Salesforce, Inc. Filtering network traffic from automated scanners

Families Citing this family (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8850584B2 (en) * 2010-02-08 2014-09-30 Mcafee, Inc. Systems and methods for malware detection
US9467421B2 (en) * 2011-05-24 2016-10-11 Palo Alto Networks, Inc. Using DNS communications to filter domain names
US8990392B1 (en) 2012-04-11 2015-03-24 NCC Group Inc. Assessing a computing resource for compliance with a computing resource policy regime specification
US9264395B1 (en) 2012-04-11 2016-02-16 Artemis Internet Inc. Discovery engine
US9083727B1 (en) 2012-04-11 2015-07-14 Artemis Internet Inc. Securing client connections
US9106661B1 (en) 2012-04-11 2015-08-11 Artemis Internet Inc. Computing resource policy regime specification and verification
US8799482B1 (en) 2012-04-11 2014-08-05 Artemis Internet Inc. Domain policy specification and enforcement
US10742601B2 (en) * 2013-03-14 2020-08-11 Fortinet, Inc. Notifying users within a protected network regarding events and information
US9591005B2 (en) * 2014-08-20 2017-03-07 Ge Aviation Systems Llc Avionics intrusion detection system and method of determining intrusion of an avionics component or system
US10178195B2 (en) 2015-12-04 2019-01-08 Cloudflare, Inc. Origin server protection notification
US10505985B1 (en) 2016-04-13 2019-12-10 Palo Alto Networks, Inc. Hostname validation and policy evasion prevention
CN106202320B (en) * 2016-06-30 2020-02-07 广东小天才科技有限公司 Control method and device for browser website navigation and mobile device
US11108788B1 (en) * 2017-05-15 2021-08-31 RiskIQ, Inc. Techniques for managing projects and monitoring network-based assets
CN107704491B (en) * 2017-08-22 2022-01-04 腾讯科技(深圳)有限公司 Message processing method and device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5884033A (en) * 1996-05-15 1999-03-16 Spyglass, Inc. Internet filtering system for filtering data transferred over the internet utilizing immediate and deferred filtering actions
US6615266B1 (en) * 1997-02-04 2003-09-02 Networks Associates Technology, Inc. Internet computer system with methods for dynamic filtering of hypertext tags and content
US20070061459A1 (en) * 2005-09-12 2007-03-15 Microsoft Corporation Internet content filtering

Family Cites Families (38)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5706507A (en) * 1995-07-05 1998-01-06 International Business Machines Corporation System and method for controlling access to data located on a content server
US5956491A (en) * 1996-04-01 1999-09-21 Marks; Daniel L. Group communications multiplexing system
US5832212A (en) * 1996-04-19 1998-11-03 International Business Machines Corporation Censoring browser method and apparatus for internet viewing
US5835722A (en) * 1996-06-27 1998-11-10 Logon Data Corporation System to control content and prohibit certain interactive attempts by a person using a personal computer
US6539430B1 (en) * 1997-03-25 2003-03-25 Symantec Corporation System and method for filtering data received by a computer system
US6209027B1 (en) * 1998-06-01 2001-03-27 International Business Machines Corporation Recirculating network address list with single button sequencer/selector
US6145000A (en) * 1998-10-06 2000-11-07 Ameritech Corporation System and method for creating and navigating a linear hypermedia resource program
US6564327B1 (en) * 1998-12-23 2003-05-13 Worldcom, Inc. Method of and system for controlling internet access
US6976070B1 (en) * 1999-02-16 2005-12-13 Kdd Corporation Method and apparatus for automatic information filtering using URL hierarchical structure and automatic word weight learning
US6202087B1 (en) * 1999-03-22 2001-03-13 Ofer Gadish Replacement of error messages with non-error messages
US7509148B1 (en) * 2000-02-15 2009-03-24 Motorola, Inc. Message alert system and method of providing message notification
CA2323883C (en) * 2000-10-19 2016-02-16 Patrick Ryan Morin Method and device for classifying internet objects and objects stored oncomputer-readable media
US20020143827A1 (en) * 2001-03-30 2002-10-03 Crandall John Christopher Document intelligence censor
US7346548B2 (en) * 2001-10-25 2008-03-18 Goldman Sachs & Co. System, method, apparatus and means evaluating historical network activity
US7152242B2 (en) * 2002-09-11 2006-12-19 Enterasys Networks, Inc. Modular system for detecting, filtering and providing notice about attack events associated with network security
US7685085B2 (en) * 2003-11-10 2010-03-23 James Ralph Heidenreich System and method to facilitate user thinking about an arbitrary problem with output and interfaces to external systems, components and resources
AU2003300848A1 (en) * 2002-12-10 2004-06-30 Telabout, Inc. Content creation, distribution, interaction, and monitoring system
US7685269B1 (en) * 2002-12-20 2010-03-23 Symantec Operating Corporation Service-level monitoring for storage applications
US20080177994A1 (en) * 2003-01-12 2008-07-24 Yaron Mayer System and method for improving the efficiency, comfort, and/or reliability in Operating Systems, such as for example Windows
US7295119B2 (en) * 2003-01-22 2007-11-13 Wireless Valley Communications, Inc. System and method for indicating the presence or physical location of persons or devices in a site specific representation of a physical environment
US8516536B2 (en) * 2003-05-28 2013-08-20 Alcatel Lucent Method and system for internet censorship
DE602004029020D1 (en) * 2004-07-08 2010-10-21 Ricoh Kk A method of configuring a network monitoring system to monitor selected network elements
US9384345B2 (en) * 2005-05-03 2016-07-05 Mcafee, Inc. Providing alternative web content based on website reputation assessment
US7548915B2 (en) * 2005-09-14 2009-06-16 Jorey Ramer Contextual mobile content placement on a mobile communication facility
US20070198635A1 (en) * 2005-12-12 2007-08-23 Awamba Inc. Apparatus and method for interpretation and enrichment of documents and exchange thereof
US8146146B1 (en) * 2005-12-23 2012-03-27 At&T Intellectual Property Ii, L.P. Method and apparatus for integrated network security alert information retrieval
IL173472A (en) * 2006-01-31 2010-11-30 Deutsche Telekom Ag Architecture for identifying electronic threat patterns
US8112515B2 (en) * 2006-05-26 2012-02-07 Against Intuition Oy Reputation management system
US7551073B2 (en) * 2007-01-10 2009-06-23 International Business Machines Corporation Method, system and program product for alerting an information technology support organization of a security event
JP4933286B2 (en) * 2007-01-26 2012-05-16 株式会社日立製作所 Encrypted packet communication system
US8961292B2 (en) * 2007-02-28 2015-02-24 Wms Gaming, Inc. System for managing wagering game content
US7900094B2 (en) * 2007-05-14 2011-03-01 International Business Machines Corporation Method, system and computer program for facilitating the analysis of error messages
US8429750B2 (en) * 2007-08-29 2013-04-23 Enpulz, L.L.C. Search engine with webpage rating feedback based Internet search operation
CN101393629A (en) * 2007-09-20 2009-03-25 阿里巴巴集团控股有限公司 Implementing method and apparatus for network advertisement effect monitoring
US20100010890A1 (en) * 2008-06-30 2010-01-14 Eyeblaster, Ltd. Method and System for Measuring Advertisement Dwell Time
US7912900B1 (en) * 2008-07-24 2011-03-22 Apex Learning, Inc. System and method for providing education-related alerts in an online learning environment
US8560371B2 (en) * 2008-09-26 2013-10-15 Microsoft Corporation Suggesting things to do during time slots in a schedule
US8244740B2 (en) * 2008-11-26 2012-08-14 Microsoft Corporation Providing suggested sites associated with target sites

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5884033A (en) * 1996-05-15 1999-03-16 Spyglass, Inc. Internet filtering system for filtering data transferred over the internet utilizing immediate and deferred filtering actions
US6615266B1 (en) * 1997-02-04 2003-09-02 Networks Associates Technology, Inc. Internet computer system with methods for dynamic filtering of hypertext tags and content
US20070061459A1 (en) * 2005-09-12 2007-03-15 Microsoft Corporation Internet content filtering

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP2389629A4 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8578453B2 (en) 2009-07-07 2013-11-05 Netsweeper Inc. System and method for providing customized response messages based on requested website
US11552896B2 (en) * 2020-04-07 2023-01-10 Salesforce, Inc. Filtering network traffic from automated scanners

Also Published As

Publication number Publication date
EP2389629A1 (en) 2011-11-30
US9049227B2 (en) 2015-06-02
EP2389629A4 (en) 2016-08-17
AU2009326848A1 (en) 2011-07-07
AU2009326848B2 (en) 2015-03-12
US20110247073A1 (en) 2011-10-06
CN102369516A (en) 2012-03-07

Similar Documents

Publication Publication Date Title
AU2009326848B2 (en) System and method for adapting an internet and intranet filtering system
US11570211B1 (en) Detection of phishing attacks using similarity analysis
US10567412B2 (en) Security threat detection based o patterns in machine data events
US8856165B1 (en) Ranking of users who report abuse
US8769690B2 (en) Protection from malicious web content
US7930299B2 (en) System and method for appending security information to search engine results
JP6155521B2 (en) Detect and prevent illegal purchases of content on the Internet
US8347396B2 (en) Protect sensitive content for human-only consumption
US8126866B1 (en) Identification of possible scumware sites by a search engine
US20130166529A1 (en) Computer-implemented search using result matching
CN110321479B (en) Privacy protection mobile service recommendation method, client and recommendation system
US20120209987A1 (en) Monitoring Use Of Tracking Objects on a Network Property
WO2006036170A1 (en) Methods and systems for filtering urls, webpages, and content
RU2658878C1 (en) Method and server for web-resource classification
Mehrnezhad et al. How can and would people protect from online tracking?
Urban et al. Towards understanding privacy implications of adware and potentially unwanted programs
US20160156659A1 (en) System for detecting link spam, a method, and an associated computer readable medium
JP2007128119A (en) Method and system for carrying out filter processing of url, web page, and content
Urban et al. Analyzing leakage of personal information by malware
WO2019020812A1 (en) Cloud-based method, system and computer product for testing web domains for behavioral targeting in online advertising
Chiba et al. Detecting Information Leakage via a HTTP Request Based on the Edit Distance.
Roongta et al. From User Insights to Actionable Metrics: A User-Focused Evaluation of Privacy-Preserving Browser Extensions
Fouad et al. The Devil is in the Details: Detection, Measurement and Lawfulness of Server-Side Tracking on the Web
Agno et al. A Study on the Design of Pandora's Box Web Application Using Design Thinking approach: A study on a centralized web browser security extension design and planned realization
JP2005122556A (en) Information-evaluating system

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 200980155976.3

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09831305

Country of ref document: EP

Kind code of ref document: A1

DPE2 Request for preliminary examination filed before expiration of 19th month from priority date (pct application filed from 20040101)
WWE Wipo information: entry into national phase

Ref document number: 13132607

Country of ref document: US

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 2009326848

Country of ref document: AU

REEP Request for entry into the european phase

Ref document number: 2009831305

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2009831305

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 4720/CHENP/2011

Country of ref document: IN

ENP Entry into the national phase

Ref document number: 2009326848

Country of ref document: AU

Date of ref document: 20091207

Kind code of ref document: A