By virtue of the rapid development of network technologies, including the Internet, PC users can access and download an ever-increasing wealth of information and useful or entertaining programs and other digital content to their computers. Unfortunately, as the Internet continues to grow, the quantity and quality of malicious software distributed via the Internet also grows. Hackers or attackers making use of malware can pursue different objectives, from ranging from pranks and banal hooliganism to serious cybercrimes such as theft of funds from bank accounts.
One particular area of concern is the problem of the proliferation of malicious software in corporate networks. Infection of a computer in a corporate network can have an adverse impact not only on the morale of the user due to inability to work normally, but also on the company's bottom line due to material costs incurred in connection with setting up or repairing infected PCs. Still one of the greatest concerns is the risk of confidential data belonging to the company or to the company's customers being compromised by malware.
Accordingly, much effort has been, and continues to be, expended in protecting against malware. Today, many different approaches are known for antivirus scanning and scrubbing of files, including performing those actions on a remote computer or server such as a proxy server or gateway.
One challenge associated with these approaches, however, is the need to balance the thoroughness of the antivirus scanning against the associated time delay in delivering requested content to users through the malware-screening proxy server. U.S. Pub. No. 2008/0301796, for example, discloses adjusting the extensiveness of antivirus scanning at a proxy server based on various indicia, such as the content type, the content's security zone, infection history of the client or content, and threat level. When it is possible under this approach to reduce antivirus scanning extensiveness, the user-requested content may be delivered with reduced delay to the user.
While this approach, and similar approaches, offer the possibility of providing reduced antivirus screening (and therefore faster content delivery) when appropriate, challenges remain as to how the various indicia should be analyzed to provide efficient and appropriate selection of the antivirus scanning method. In addition, the approach of reducing the extent of malware screening in order to speed up content delivery creates the risk of failing to detect malware in a reduced scan. In view of these, and other, challenges, an improved approach for streamlining antivirus screening at the proxy server is needed.