WO2001050364A1 - Online advertising method on computer networks - Google Patents

Online advertising method on computer networks Download PDF

Info

Publication number
WO2001050364A1
WO2001050364A1 PCT/KR2000/001373 KR0001373W WO0150364A1 WO 2001050364 A1 WO2001050364 A1 WO 2001050364A1 KR 0001373 W KR0001373 W KR 0001373W WO 0150364 A1 WO0150364 A1 WO 0150364A1
Authority
WO
WIPO (PCT)
Prior art keywords
web server
harmful information
client computer
contents
code module
Prior art date
Application number
PCT/KR2000/001373
Other languages
French (fr)
Inventor
Yeon-Sub Jung
Original Assignee
Inca Internet Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Inca Internet Co., Ltd. filed Critical Inca Internet Co., Ltd.
Priority to AU18997/01A priority Critical patent/AU1899701A/en
Publication of WO2001050364A1 publication Critical patent/WO2001050364A1/en

Links

Classifications

    • EFIXED CONSTRUCTIONS
    • E02HYDRAULIC ENGINEERING; FOUNDATIONS; SOIL SHIFTING
    • E02DFOUNDATIONS; EXCAVATIONS; EMBANKMENTS; UNDERGROUND OR UNDERWATER STRUCTURES
    • E02D1/00Investigation of foundation soil in situ
    • EFIXED CONSTRUCTIONS
    • E02HYDRAULIC ENGINEERING; FOUNDATIONS; SOIL SHIFTING
    • E02DFOUNDATIONS; EXCAVATIONS; EMBANKMENTS; UNDERGROUND OR UNDERWATER STRUCTURES
    • E02D17/00Excavations; Bordering of excavations; Making embankments
    • E02D17/18Making embankments, e.g. dikes, dams
    • EFIXED CONSTRUCTIONS
    • E02HYDRAULIC ENGINEERING; FOUNDATIONS; SOIL SHIFTING
    • E02DFOUNDATIONS; EXCAVATIONS; EMBANKMENTS; UNDERGROUND OR UNDERWATER STRUCTURES
    • E02D17/00Excavations; Bordering of excavations; Making embankments
    • E02D17/20Securing of slopes or inclines
    • E02D17/205Securing of slopes or inclines with modular blocks, e.g. pre-fabricated
    • EFIXED CONSTRUCTIONS
    • E02HYDRAULIC ENGINEERING; FOUNDATIONS; SOIL SHIFTING
    • E02DFOUNDATIONS; EXCAVATIONS; EMBANKMENTS; UNDERGROUND OR UNDERWATER STRUCTURES
    • E02D2600/00Miscellaneous
    • E02D2600/20Miscellaneous comprising details of connection between elements

Definitions

  • the present invention relates to an online advertising method carried out in conjunction with execution of an online harmful information blocking program capable of blocking in real time harmful information, for example, for computer viruses, over a computer network via which a client is linked to a web server.
  • the Web World Wide Web
  • the number of users on computer networks, and particularly, on the Internet is rapidly expanding.
  • Computer users are able to explore the Internet by launching a web browser and just clicking what they desire to access with a mouse, and are provided with a variety of useful resources or services through the Internet.
  • the Internet is no longer a new technology and service field in virtual space, but is getting into the realities of life.
  • a banner advertising technique which provides advertisements through hompages of popular web sites, is the predominant form of advertising on the Internet.
  • the key idea of such banner advertising is to impress all kinds of Internet users accessing popular web sites.
  • banner advertisements are inserted in a particular home page, so that the visitors are no longer impressed with the ads if they move to another web site. This is an inherent problem of the conventional banner advertising technique.
  • concerns about highly possible illegal extraction of personal information or damage caused by a variety of computer viruses through computer networks are also quickly increasing. The damage caused by harmful information such as computer viruses can be serious.
  • An existing counterplan for protection against various harmful information is based on the first damage/post-repair policy.
  • This protection counterplan assumes a passive position by taking measures (for example, follow-up development of appropriate antivirus programs) after computer systems have been suffered from unidentified harmful information.
  • Another disadvantage found in the protection policy lies in that a variety of antivirus programs for protecting against harmful information need to be manually installed on individual personal computers, which is an inefficient process overloading computer users with the installation activity. Furthermore, since various harmful information is created and distributed ever quickly through the Internet, it is not easy to consistently equip computers with the latest releases of antivirus programs.
  • an objective of the present invention to provide an online advertising method for offering advertisements (ads) on a computer network through which a web server and a client computer are linked to each other, wherein ad contents are displayed on a separate window or frame in conjunction with the execution of an online harmful information blocking program, which is automatically provided to and installed in the client computer to block in real time harmful information including computer viruses, upon accessing to the web server.
  • a method for providing advertisements (ads) on a computer network through which a first web server and a client computer are linked to each other comprising the steps of: (a) the first web server receiving a connection request from the client computer over the computer network; (b) the first web server transmitting a harmful information blocking code module and ad contents to the client computer; and (c) the harmful information blocking code module automatically running on the client computer to block in real time harmful information including computer viruses, and the ad contents delivered in step (b) being displayed on a separate window, wherein when the ad contents display window is closed, the execution of the harmful information blocking code module is aborted.
  • step (c) the running status of the harmful information blocking code module may be also displayed on the ad contents display window. It is preferable that the ad contents delivered in step (b) and displayed in step (c) are periodically updated by a server push or client pull technique. The ad contents delivered in step (b) and displayed in step (c) may contain a plurality of banner images.
  • the harmful information blocking code module transmitted in step (b) may be an ActiveXTM or JavaTM program. It is preferable that the harmful information blocking code module running in step (c) and the ad contents display window remain activated even when the client computer accesses another web server.
  • the client computer is primarily connected to a second web server and requests a connection to the first web server using information provided by the second web server.
  • the ad contents delivered in step (b) may be designated by the second web server.
  • the present invention provides a method for providing advertisements (ads) on a computer network through which a first web server and a client computer are linked to each other, the method comprising the steps of: (a) the first web server receiving a connection request from the client computer over the computer network; (b) the first web server transmitting a harmful information blocking code module and ad contents including a plurality of banner images to the client computer; (c) the harmful information blocking code module automatically running on the client computer to block in real time harmful information including computer viruses, and the ad contents delivered in step (b) being displayed on a separate window; and (d) when each of the plurality of banner images is copied to a predetermined application program which is downloaded from the first web server and runs on the client computer, using a drag and
  • Step (d) preferably includes: (d1) when each of the plurality of banner images is copied to a predetermined application program which is downloaded from the first web server and runs on the client computer, using a drag and drop technique, the client computer informing the first web server of the occurrence of the drag and drop event; (d2) the first web server sending ads e-mails associated with each of the plurality of banner images downloaded; and (d3) the first web server providing a predetermined compensation to the client computer if the reception of the e-mails sent in step (d2) is ascertained.
  • the present invention provides a method for providing advertisements (ads) on a computer network through which a first web server and a client computer are linked to each other, the method comprising the steps of: (a) the first web server receiving a connection request from the client computer over the computer network; (b) the first web server transmitting a harmful information blocking code module and ad contents including a plurality of banner images to the client computer; (c) the harmful information blocking code module automatically running on the client computer to block in real time harmful information including computer viruses, and the ad contents delivered in step (b) being displayed on a frame created in a specific area of a web browser screen; and (d) when each of the plurality of banner images is copied to a predetermined application program which is downloaded from the first web server and runs on the client computer, using a drag and drop technique, the first web server providing a predetermined compensation to the client computer, wherein when the ad contents display frame is closed, the execution of the harmful information blocking code is aborted.
  • step (d) includes: (d1 ) when each of the plurality of banner images is copied to a predetermined application program which is downloaded from the first web server and runs on the client computer, using a drag and drop technique, the client computer informing the first web server of the occurrence of the drag and drop event; (d2) the first web server sending ads e-mails associated with each of the plurality of banner images downloaded; and (d3) the first web server providing a predetermined compensation to the client computer if the reception of the e-mails sent in step (d2) is ascertained.
  • a method for providing advertisements (ads) on a computer network through which a first web server and a client computer are linked to each other comprising the steps of: (a) the first web server receiving a connection request from the client computer over the computer network; (b) the first web server transmitting a harmful information blocking code module and ad contents to the client computer; and (c) the harmful information blocking code module automatically running on the client computer to block in real time harmful information including computer viruses, and the ad contents delivered in step (b) being displayed on a frame created in a specific area of a web browser screen, wherein when the ad contents display frame is closed, the execution of the harmful information blocking code is aborted.
  • step (c) a predetermined icon associated with the ad contents display frame, which is kept consistent when the web browser is launched again, is created on a tool bar of the web browser, and the client computer is automatically connected to the first web server by just clicking the predetermined icon.
  • the running status of the harmful information blocking code module may also displayed on the ad contents display frame.
  • the present invention provides a method for providing advertisements (ads) on a computer network through which a first web server and a client computer are linked to each other, the method comprising the steps of: (a) the first web server receiving a connection request from the client computer over the computer network; (b) the first web server transmitting a harmful information blocking code module and ad contents including a plurality of banner images to the client computer; (c) the harmful information blocking code module automatically running on the client computer to block in real time harmful information including computer viruses, and the ad contents delivered in step (b) being displayed on a frame created in a specific area of a web browser screen; and (d) when each of the plurality of banner images is copied to a predetermined application program which is downloaded from the first web server and runs on the client computer, using a drag and drop technique, the first web server providing a predetermined compensation to the client computer, wherein when the ad contents display frame is closed, the execution of the harmful information blocking code is aborted.
  • the present invention provides a method for providing advertisements (ads) on a computer network through which a web server and a client computer are linked to each other, the method comprising the steps of: (a) the web server receiving a connection request from the client computer over the computer network; and (b) the web server transmitting a harmful information blocking code module to automatically run on the client computer and block in real time harmful information including computer viruses, and ad contents to be displayed on a separate window or a frame created in a specific place of a web browser screen, to the client computer, wherein when the ad contents display window or frame is closed, the execution of the harmful information blocking code module is aborted.
  • FIGS. 1A and 1 B are schematic views of systems applied to implement the present invention.
  • FIGS. 2A and 2B are flowcharts illustrating preferred embodiments of a method for offering online advertisements (ads) along with an online harmful information blocking code module according to the present invention
  • FIG. 3 is a schematic view showing the configuration of an example of a harmful information blocking code module adopted in the present invention
  • FIG. 4 is a flowchart illustrating the operation of the harmful information blocking code module shown in FIG. 3;
  • FIG. 5 illustrates a graphic screen on which ad contents are displayed in conjunction with the execution of the online harmful information blocking code module;
  • FIG. 6 illustrates another graphic screen on which ad contents are displayed in conjunction with the execution of the online harmful information blocking code module.
  • a harmful information management server 110 which is a web server, has a homepage, and is linked with a client computer 130 via a computer network, such as the
  • the harmful information management server 110 provides an online service for providing a harmful information blocking code module (including associated online advertisement (ad) contents), which is capable of blocking in real time harmful information, to the client computer 130.
  • a harmful information blocking code module including associated online advertisement (ad) contents
  • “harmful information” collectively refers to an undesirable object or action that adversely effects computer systems and/or computer networks, including computer viruses, undesirable lascivious web sites on the Internet, and the act of illegally extracting personal information.
  • FIG. 2A A first embodiment of a method for offering online advertising in connection with a harmful information blocking code module will be described with reference to FIG. 2A.
  • An example of graphic screen on which ad contents are displayed in connection with the harmful information blocking code module is shown in FIG. 5.
  • the method begins with a homepage being constructed for online services on the harmful information management server 110 (step 210).
  • a computer user launches a web browser on the client computer (hereinafter, referred to as merely "client") 130 (step 220).
  • client 130 is connected to the harmful information management server 110 (step 240).
  • the harmful information management server 110 transmits a harmful information blocking code module and ad contents to the client 130 (step 250).
  • the connection between the client 130 and the harmful information management server 110 is accomplished by a HyperText Transfer Protocol formatted request (HTTP request), and the transferring of the harmful information blocking code module from the harmful information management server 110 to the client 130 is performed by a HTTP response.
  • HTTP request is carried out by typing the Universal Resource Locator (URL) of the harmful information management server 110 or clicking a hyperlink associated with the URL on the web browser.
  • URL Universal Resource Locator
  • the harmful information blocking code module is an executable application program which runs on the client 130.
  • the harmful information blocking code module is an executable application program which runs on the client 130.
  • an object coded program designed with a high-level language may be linked to a web browser to run.
  • the harmful information blocking code module transferred in step 250 is automatically executed on the client 130 and blocks in real time harmful information including computer viruses, and the ad contents transferred in step 250 are displayed in a separate window (step 260).
  • the ad contents transferred in step 250 can be displayed by creating a frame in a predetermined portion of the web browser screen. This will be described later.
  • the harmful information management server 110 For the display of ad contents in a separate window, it is preferable that when the client 130 is connected to the harmful information management server 110, the harmful information management server 110 provides an HTTP response, which enables the creation of a window, to the client 130, and then provides the ad contents as an HTTP response with respect to an HTTP request issued from the client 130, through the separate window.
  • the harmful information blocking code module and the ad contents are operated/managed in conjunction with each other, and thus it is preferable to display a running status of the harmful information blocking code module and the ad contents on the same window.
  • the client 130 may request the harmful information management server 110 to provide both the harmful information blocking code module and the ad contents through a separate window created as an HTTP response from the harmful information management server 110.
  • the harmful information management server 110 provides an HTTP response such that the client 130 is able to request the harmful information blocking code module and ad contents through a separate window.
  • the window is closed, the execution of the harmful information blocking code and the display of ad contents are aborted.
  • the client 130 may be connected to the harmful information management server 110 through each of the frames within the same window.
  • the separate connections for the harmful information blocking code module and the ad contents can be achieved in parallel.
  • FIG. 5 illustrates a graphic screen displaying the running status of the harmful information blocking code module and the ad contents in different frames within the separate window. Since the harmful information blocking code module and the ad contents are provided through the window and then run in real time on the client 130, the execution of the harmful information blocking code module and the ad contents is continued on the client 130 even when the client 130 accesses another web server. Thus, the client 130 can be provided with a harmful information blocking service for security in real time by accessing the harmful information management server 110 only once.
  • the ad contents transferred in step 250 and displayed on the separate window in step 260 may include a plurality of banner images, which can be periodically updated by a server push or client pull technique.
  • the server push technique supports the server's periodic data transfer to the client even when there is no request from users. This technique is extensively applied to online stock information service sites.
  • the client pull supports the transfer of a client's HTTP request to the server even when there is no request from users. This is implemented by setting a timer at a sever's HTTP response to count the time period between the server's HTTP response and the next client's HTTP request.
  • the client 120 can be optionally provided with a compensation event for the client' dragging and dropping of ad banner images (step 270).
  • a particular object on the window is clicked with a button (left button) of a mouse, dragged by moving the mouse, and then dropped by releasing the mouse button to move the object (or a copy).
  • the harmful information management server 110 For the compensation event for the dragging & dropping of banner images in step 270, there is a need to download and run on the client 130 a predetermined application program for communications between the client 130 and the harmful information management server 110.
  • a user's preregistration in the harmful information management server 110 is required to receive the benefits of the compensation.
  • the harmful information management server 110 is informed of the dragging and dropping of the images, and provides a predetermined compensation to the user.
  • the information provided to the harmful information management server 110 can be utilized for statistical purposes, for example, relating information on effectiveness of the advertisement to the client 130.
  • the drag & drop based advertising technique described in the present embodiment is applicable in connection with e-mail services.
  • the harmful information management server 110 e-mails ads relating to the banner images selected through the drag & drop event by the user, or directs advertisers to send such mails to the user.
  • a predetermined compensation is provided.
  • the execution of the harmful information blocking code module is also aborted (step 280).
  • FIG. 1 B illustrates the configuration of a system applied for the second embodiment according to the present invention
  • FIG. 2B is a flowchart illustrating the second embodiment of the method for offering online ads along with an online harmful information blocking code module according to the present invention.
  • the system further comprises a web server 120
  • second web server other than the harmful information management server 1 10, for providing online services on a network.
  • the second web server 120 is a common web sever linked with a client system via a computer network such as the Internet.
  • the client 130 primarily accesses the second web server 120 (step 230).
  • the second web server 120 provides hyperlink information for use in accessing the harmful information management server 110 as well as information relating to online services to the client 130 (step 235). It is preferable that the hyperlink information is not link information for the front
  • the client 130 performs an HTTP request to the harmful o information management server 110, according to the hyperlink information from the second web server 120 (step 245).
  • the harmful information management server 110 transmits the harmful information blocking code module and ad contents, which are an HTTP response with respect to the HTTP request issued from the client 130, to the client 130 (step 255).
  • the harmful information blocking code module is automatically executed on the client 130 to block in real time harmful information including computer viruses, and outputs the ad contents on a separate window (step 260), as in the first embodiment. It is preferable that the harmful 0 information blocking code module and ad contents are managed through separate frames within the same window, as in the first embodiment.
  • the second web server 120 it is preferable to support the second web server 120 to designate link information relating to the ad contents.
  • the ad contents provided to the client 130 can be varied by various 5 web servers which the client 130 visits in the course of connecting to the harmful information management server 110. It is apparent that the ad contents may be periodically updated by the server push or client pull technique.
  • the client 120 can be optionally o provided with a compensation event for the client's dragging and dropping of banner images of the ad contents (step 270).
  • the execution of the harmful information blocking code module is also aborted (step 280). While in the first and second embodiments the ad contents are displayed on a separate window, the ad contents can be output on a frame created for displaying the ad contents in a specific place on the web browser screen.
  • FIG. 6 illustrates a graphic screen on which ad contents are displayed on a separate frame in conjunction with the execution of the online harmful information blocking code module.
  • the ad contents delivered from the harmful information management server 110 are displayed on a new frame created in a specific place on the web browser screen of the client.
  • the new frame which displays the ad contents is shown in the lower portion of the web browser screen in FIG. 6, but the frame can be located in another portion (for example, on the left or right) of the web browser.
  • the frame includes a sub-frame on which ad contents are output and a sub-frame on which information on running status of the harmful information blocking code module are output.
  • the harmful information blocking code module and ad contents are managed through separate frames within the window. Even when the client 130 accesses another web server, the display of ad contents through the frame is continued. When the frame for ad contents is closed, the execution of the harmful information blocking code module is also aborted.
  • the ad contents may contain a plurality of banner images, and can be updated periodically by the server push or client pull technique.
  • additional compensation events can be served for the client's dragging & dropping of ad banner images, and for the client's reception of an e-mail with ads associated with the banner image dragged and dropped by the user.
  • the connecting of the client 130 to the harmful information management server 110 can be established using the link information provided from another web server, such as the second web server 120 shown in FIG. 1 B.
  • the ad contents can be designated by the second web server 120.
  • the mechanism of providing ad contents in the present embodiment is similar to that described with reference to FIG. 5, except that a new frame, rather than a separated window, is created on the web browser screen to display the ad contents thereon.
  • the frame for displaying the ad contents is based on the web browser, the ad display frame is aborted when the web browser is closed.
  • a predetermined icon associated with the frames displaying the ad contents and the running status of the harmful information blocking code module for example, an icon appearing along with the text "security" in FIG. 6, is created on the tool bar of the web browser. More preferably, the related icon is kept consistent in the tool bar when the web browser is launched again. In this way, a window registry relating to the web browser must be changed.
  • the automatic connecting to the harmful information management server 110 which is established by just clinking the related icon, is favorable in terms of user interface.
  • the preferred embodiments of the online advertising method have been described. Now, the harmful information blocking code module for blocking harmful information, which is executed in conjunction with the display of ad contents, will be described.
  • FIG. 3 shows the configuration of an example of the harmful information blocking code module adopted in the present invention.
  • the harmful information blocking code module includes an input/output management unit 310, a harmful information blocking unit 320, and an information transferring unit 330.
  • the harmful information blocking code module is executed in connection with the separate window or frame 340 on which its running status and ad contents are displayed. When the window or frame 340 is closed, the execution of the harmful information blocking code module is aborted as described previously.
  • the input/output management unit 310 inspects file input/output (I/O) on the client 130.
  • the inspection of the file I/O refers to the action taken to get file information by hooking up file I/O routines.
  • the input/output management unit 310 also inspects network packet I/O on the client 130 so as to block harmful information from the network.
  • a computer virus capable of illegally extracting personal information such as the Back Orifice virus, may be blocked by checking file I/O, or checking processes, which will be described below.
  • the input/output management unit 310 further has a function for monitoring any Internet address that the client 130 attempts accessing, which prevents computer users from accessing undesirable lascivious web sites.
  • the harmful information blocking unit 320 diagnoses whether or not a file or packet is harmful, and takes appropriate remedial action if the file or packet is harmful.
  • the information transferring unit 330 informs the harmful information management server 110 of information on the file or packet determined to be harmful.
  • the harmful information blocking code module which is automatically executed on the client 130, inspects whether processes currently running on the client 130 are harmful or not (step 410). This is because all future processes can be influenced by the current processes in memory. Another reason for this is that the Back Orifice virus capable of illegally extracting personal information from a system, which operates in the form of processes and enables an external computer system to remote control a user computer.
  • a method for checking whether or not processes are harmful involves making a list of the ongoing processes loaded in the memory, and examining whether the files corresponding to each of the processes are harmful or not. If a file is determined to be harmful, the corresponding process is determined to be a harmful process and is then aborted. It is appreciated that an appropriate treatment may also be performed on the corresponding harmful file.
  • the harmful information blocking code module informs a user of the presence of the harmful information, and requests the user's approval to take remedial action.
  • the harmful information blocking code module inspects every file I/O on the client 140 (step 420).
  • the file I/O inspection is performed by hooking up file I/O routines.
  • VxD which is the I/O routine under the Windows environment, may be hooked up for the inspection.
  • network packet I/O may be inspected along with the file I/O so as to block harmful information infiltrating from a network, which was also previously mentioned.
  • the network packet I/O inspection may be accomplished by hooking up socket I/O routines (such as the so-called
  • Winsock module in the Windows environment.
  • any Internet address that the client 130 attempts to access may be further monitored, which prevents the accessing of undesirable lascivious web sites.
  • This monitoring for preventing undesirable accessing can be accomplished by checking the header of an HTTP request message or a Domain Name Service (DNS) lookup message.
  • DNS Domain Name Service
  • step 420 may involve additional functions for checking for possible occurrences of harmful information on the client 130. Subsequent operations of the harmful information blocking code module will be described with reference to file I/O inspection, however, file I/O inspection is only an example and should not be contrived as limiting the scope of the invention.
  • step 430 it is determined whether files which are monitored in step 420 are harmful or not (step 430).
  • This determination can be performed by various methods, according to the type of harmful information or the necessities of applications. For example, a pattern comparison with known harmful information, for example, identified computer viruses, may be performed for the purpose of the determination.
  • a pattern comparison with known harmful information for example, identified computer viruses, may be performed for the purpose of the determination.
  • computer viruses operate in a predetermined pattern, and thus the pattern comparison technique can be a tool for identifying new species of viruses.
  • step 430 it is preferable to make a determination as to whether or not a network packet is harmful, or whether the client 130 attempts to access an undesirable lascivious web site.
  • the harmful information code module performs no specified treatment on the file. Accordingly, a user is allowed to continue his or her task on the client 130 irrespective of the harmful information code blocking module.
  • the monitored information is determined to be harmful, it is further determined whether the monitored information is related to file I/O or packet I/O to provide a proper treatment consistent with the harmful file or packet.
  • file I/O or packet I/O to provide a proper treatment consistent with the harmful file or packet.
  • HTTP request message can be reformulated to guide the client 130 to a desirable web site good for users.
  • step 450 it is determined whether the harmful file can be properly treated.
  • step 454 If the treatment is possible, the corresponding file is treated (step 454). If the treatment is impossible, execution of the corresponding file is merely aborted (step 452). In step 454, it is preferable to notify a user that harmful information was detected, and to request approval for performing treatment on the harmful information.
  • the harmful information management server 110 it is preferable to notify the harmful information management server 110 if information indicative of harmful information is detected from the client 130 online, using the harmful information blocking code module (step 470). If the detected information is a new kind of harmful information and thus cannot be treated, it is preferable to transmit the entire file related to the unidentified harmful information to the harmful information management server 110. Of course, it is preferable to get pre-approval regarding notification of the harmful information detection and/or the transmission of the unidentified harmful information file to the harmful information management server 110.
  • the present embodiment provides the function of automatically providing the harmful information management server 110 with information on harmful information detected in the client 130.
  • the harmful information management server 110 is allowed to acquire statistical data on harmful information, and can thus instantaneously counteract the occurrence of an unidentified computer virus, for example, by developing an effective antivirus program.
  • the harmful information management server 110 analyzes the unidentified harmful information from the client 130 to develop a proper treatment program, and provides an appropriate security service for blocking harmful information from attacking the client 130, with the latest version of the harmful information blocking code module. Therefore, the present invention can prevent user computers operating in an open network environment from damage caused by various harmful information.
  • a communications channel for use by the harmful information blocking code module in automatically transmitting harmful information to the harmful information management server 110 may be implemented with Internet mail transfer protocol such as Simple Mail Transfer Protocol (SMTP), or File Transfer Protocol (FTP). More preferably, a specified communication channel is provided exclusively for the transmission of the harmful information.
  • SMTP Simple Mail Transfer Protocol
  • FTP File Transfer Protocol
  • step 440 if it is determined in step 440 that harmful information is related to the packet I/O, a communication port assigned for the packet I/O is blocked (step 460). If internal processes for supporting the network packet I/O via the communication channel is in progress, it is preferable to abort the processes.
  • step 462 a proper treatment is performed on the harmful information infiltrating through the communications port in a similar way as for the harmful information related with the file I/O (step 462).
  • step 470 the harmful information management server 110 is informed of the detection of the harmful information from the network packet I/O.
  • the present embodiments may be implemented as a computer readable program code.
  • the invention may be embodied in a general purpose digital computer by running a program from a computer readable medium, including but not limited to magnetic storage media (e.g., ROM's, floppy disks, hard disks, etc.), optically readable media (e.g., CD-ROMs, DVDs, etc.) and carrier waves (e.g., transmissions over the Internet).
  • magnetic storage media e.g., ROM's, floppy disks, hard disks, etc.
  • optically readable media e.g., CD-ROMs, DVDs, etc.
  • carrier waves e.g., transmissions over the Internet
  • the harmful information blocking program upon the connecting of the client system to the harmful information management server on a computer network, the harmful information blocking program is automatically provided to and installed in the client system, so that harmful information detected on the client system can be actively blocked in real time.
  • the harmful information blocking program is provided along with ad contents, and management of the program and the ad contents is performed through the same window or frame, thereby boosting effectiveness of the advertisement.
  • the ad display window or frame which is managed in connection with the harmful information blocking program, remains displayed on the client's screen, thus enhancing effectiveness of the advertisement.

Abstract

An online advertising method on a computer network through which a web server and a client system are linked to each other, the online advertising method being provided in connection with live execution of an online harmful information blocking program providing protection against harmful information including computer viruses. The online advertising method includes the first web server receiving a connection request from the client computer over the computer network. Then, the first web server transmits a harmful information blocking code module and ad contents to the client computer, and the harmful information blocking code module automatically runs on the client computer to block in real time harmful information including computer viruses, and the ad contents delivered being displayed on a separate window. In this way, when the ad contents display window is closed, the execution of the harmful information blocking code module is aborted. The harmful information blocking program for blocking in real time harmful information, and the ad contents, both of which run automatically upon the connecting of the client computer to the web server, are managed with the same window or frame. In addition, the window or frame remains active even when a client accesses another web server, thereby increasing effectiveness of the advertisement.

Description

ONLINE ADVERTISING METHOD ON COMPUTER NETWORKS
Technical Field The present invention relates to an online advertising method carried out in conjunction with execution of an online harmful information blocking program capable of blocking in real time harmful information, for example, for computer viruses, over a computer network via which a client is linked to a web server.
Background Art
With the development of computer network based technologies, and particularly, the World Wide Web ("the Web") technology, the number of users on computer networks, and particularly, on the Internet, is rapidly expanding. Computer users are able to explore the Internet by launching a web browser and just clicking what they desire to access with a mouse, and are provided with a variety of useful resources or services through the Internet. Now, the Internet is no longer a new technology and service field in virtual space, but is getting into the realities of life. An ever-growing number of businesses, for example, shopping, auction, banking and advertising businesses, have established a presence on the Internet.
The increase in Internet users has urged enterprisers to manage web sites for their businesses on the Internet and develop diverse business models for Internet users. Success in business on a particular web site is determined by the number of user's access to the site. For this reason, a variety of online events are planned and banner advertisements are provided through popular web sites.
As the Internet users increase, the online advertising market is also rapidly expanding. A banner advertising technique, which provides advertisements through hompages of popular web sites, is the predominant form of advertising on the Internet. The key idea of such banner advertising is to impress all kinds of Internet users accessing popular web sites. However, almost no users who visit such web sites focus on banner advertisements other than the contents provided through the web sites. In addition, such banner advertisements are inserted in a particular home page, so that the visitors are no longer impressed with the ads if they move to another web site. This is an inherent problem of the conventional banner advertising technique. On the other hand, as computer and Internet related technologies have grown, concerns about highly possible illegal extraction of personal information or damage caused by a variety of computer viruses through computer networks are also quickly increasing. The damage caused by harmful information such as computer viruses can be serious. Reportedly, the amount of worldwide damage by computer viruses in the first half of 1999 marked a three-fold jump at $7.6 billion over 1998's $2.5 billion. As an example, the Chernobyl (CIH) virus, which is a high-risk computer virus, corrupted all of the data on a hard disk, and caused tremendous damage in the world including Korea. Recently, new harmful information such as the Back Orifice virus, or the School Bus virus which implants a "spy" file capable of remote controlling a computer, into computers along with other computer viruses, to thereby illegally extract personal information from the computers, has been introduced onto the Internet.
An existing counterplan for protection against various harmful information is based on the first damage/post-repair policy. This protection counterplan assumes a passive position by taking measures (for example, follow-up development of appropriate antivirus programs) after computer systems have been suffered from unidentified harmful information. Another disadvantage found in the protection policy lies in that a variety of antivirus programs for protecting against harmful information need to be manually installed on individual personal computers, which is an inefficient process overloading computer users with the installation activity. Furthermore, since various harmful information is created and distributed ever quickly through the Internet, it is not easy to consistently equip computers with the latest releases of antivirus programs.
Disclosure of the Invention
To solve the above problems, it is an objective of the present invention to provide an online advertising method for offering advertisements (ads) on a computer network through which a web server and a client computer are linked to each other, wherein ad contents are displayed on a separate window or frame in conjunction with the execution of an online harmful information blocking program, which is automatically provided to and installed in the client computer to block in real time harmful information including computer viruses, upon accessing to the web server.
To achieve the objective of the present invention, there is provided a method for providing advertisements (ads) on a computer network through which a first web server and a client computer are linked to each other, the method comprising the steps of: (a) the first web server receiving a connection request from the client computer over the computer network; (b) the first web server transmitting a harmful information blocking code module and ad contents to the client computer; and (c) the harmful information blocking code module automatically running on the client computer to block in real time harmful information including computer viruses, and the ad contents delivered in step (b) being displayed on a separate window, wherein when the ad contents display window is closed, the execution of the harmful information blocking code module is aborted. In step (c), the running status of the harmful information blocking code module may be also displayed on the ad contents display window. It is preferable that the ad contents delivered in step (b) and displayed in step (c) are periodically updated by a server push or client pull technique. The ad contents delivered in step (b) and displayed in step (c) may contain a plurality of banner images. The harmful information blocking code module transmitted in step (b) may be an ActiveX™ or Java™ program. It is preferable that the harmful information blocking code module running in step (c) and the ad contents display window remain activated even when the client computer accesses another web server. It is preferable that in step (a), the client computer is primarily connected to a second web server and requests a connection to the first web server using information provided by the second web server. The ad contents delivered in step (b) may be designated by the second web server. In another embodiment, the present invention provides a method for providing advertisements (ads) on a computer network through which a first web server and a client computer are linked to each other, the method comprising the steps of: (a) the first web server receiving a connection request from the client computer over the computer network; (b) the first web server transmitting a harmful information blocking code module and ad contents including a plurality of banner images to the client computer; (c) the harmful information blocking code module automatically running on the client computer to block in real time harmful information including computer viruses, and the ad contents delivered in step (b) being displayed on a separate window; and (d) when each of the plurality of banner images is copied to a predetermined application program which is downloaded from the first web server and runs on the client computer, using a drag and drop technique, and the first web server providing a predetermined compensation to the client computer, wherein when the ad contents display window is closed, the execution of the harmful information blocking code module is aborted.
Step (d) preferably includes: (d1) when each of the plurality of banner images is copied to a predetermined application program which is downloaded from the first web server and runs on the client computer, using a drag and drop technique, the client computer informing the first web server of the occurrence of the drag and drop event; (d2) the first web server sending ads e-mails associated with each of the plurality of banner images downloaded; and (d3) the first web server providing a predetermined compensation to the client computer if the reception of the e-mails sent in step (d2) is ascertained.
In still another embodiment, the present invention provides a method for providing advertisements (ads) on a computer network through which a first web server and a client computer are linked to each other, the method comprising the steps of: (a) the first web server receiving a connection request from the client computer over the computer network; (b) the first web server transmitting a harmful information blocking code module and ad contents including a plurality of banner images to the client computer; (c) the harmful information blocking code module automatically running on the client computer to block in real time harmful information including computer viruses, and the ad contents delivered in step (b) being displayed on a frame created in a specific area of a web browser screen; and (d) when each of the plurality of banner images is copied to a predetermined application program which is downloaded from the first web server and runs on the client computer, using a drag and drop technique, the first web server providing a predetermined compensation to the client computer, wherein when the ad contents display frame is closed, the execution of the harmful information blocking code is aborted.
It is preferable that step (d) includes: (d1 ) when each of the plurality of banner images is copied to a predetermined application program which is downloaded from the first web server and runs on the client computer, using a drag and drop technique, the client computer informing the first web server of the occurrence of the drag and drop event; (d2) the first web server sending ads e-mails associated with each of the plurality of banner images downloaded; and (d3) the first web server providing a predetermined compensation to the client computer if the reception of the e-mails sent in step (d2) is ascertained. In yet still another embodiment, there is provided a method for providing advertisements (ads) on a computer network through which a first web server and a client computer are linked to each other, the method comprising the steps of: (a) the first web server receiving a connection request from the client computer over the computer network; (b) the first web server transmitting a harmful information blocking code module and ad contents to the client computer; and (c) the harmful information blocking code module automatically running on the client computer to block in real time harmful information including computer viruses, and the ad contents delivered in step (b) being displayed on a frame created in a specific area of a web browser screen, wherein when the ad contents display frame is closed, the execution of the harmful information blocking code is aborted.
It is preferable that, in step (c), a predetermined icon associated with the ad contents display frame, which is kept consistent when the web browser is launched again, is created on a tool bar of the web browser, and the client computer is automatically connected to the first web server by just clicking the predetermined icon. In step (c), the running status of the harmful information blocking code module may also displayed on the ad contents display frame.
In another embodiment, the present invention provides a method for providing advertisements (ads) on a computer network through which a first web server and a client computer are linked to each other, the method comprising the steps of: (a) the first web server receiving a connection request from the client computer over the computer network; (b) the first web server transmitting a harmful information blocking code module and ad contents including a plurality of banner images to the client computer; (c) the harmful information blocking code module automatically running on the client computer to block in real time harmful information including computer viruses, and the ad contents delivered in step (b) being displayed on a frame created in a specific area of a web browser screen; and (d) when each of the plurality of banner images is copied to a predetermined application program which is downloaded from the first web server and runs on the client computer, using a drag and drop technique, the first web server providing a predetermined compensation to the client computer, wherein when the ad contents display frame is closed, the execution of the harmful information blocking code is aborted.
In another embodiment, the present invention provides a method for providing advertisements (ads) on a computer network through which a web server and a client computer are linked to each other, the method comprising the steps of: (a) the web server receiving a connection request from the client computer over the computer network; and (b) the web server transmitting a harmful information blocking code module to automatically run on the client computer and block in real time harmful information including computer viruses, and ad contents to be displayed on a separate window or a frame created in a specific place of a web browser screen, to the client computer, wherein when the ad contents display window or frame is closed, the execution of the harmful information blocking code module is aborted.
Brief Description of the Drawings
FIGS. 1A and 1 B are schematic views of systems applied to implement the present invention;
FIGS. 2A and 2B are flowcharts illustrating preferred embodiments of a method for offering online advertisements (ads) along with an online harmful information blocking code module according to the present invention; FIG. 3 is a schematic view showing the configuration of an example of a harmful information blocking code module adopted in the present invention;
FIG. 4 is a flowchart illustrating the operation of the harmful information blocking code module shown in FIG. 3; FIG. 5 illustrates a graphic screen on which ad contents are displayed in conjunction with the execution of the online harmful information blocking code module; and
FIG. 6 illustrates another graphic screen on which ad contents are displayed in conjunction with the execution of the online harmful information blocking code module.
Best mode for carrying out the Invention
As shown in FIG. 1A, which illustrates a system applicable to implement a preferred embodiment of the invention, a harmful information management server 110 , which is a web server, has a homepage, and is linked with a client computer 130 via a computer network, such as the
Internet.
The harmful information management server 110 provides an online service for providing a harmful information blocking code module (including associated online advertisement (ad) contents), which is capable of blocking in real time harmful information, to the client computer 130. The term
"harmful information" collectively refers to an undesirable object or action that adversely effects computer systems and/or computer networks, including computer viruses, undesirable lascivious web sites on the Internet, and the act of illegally extracting personal information.
The operation of the system shown in FIG. 1 A is illustrated in FIG. 2A. A first embodiment of a method for offering online advertising in connection with a harmful information blocking code module will be described with reference to FIG. 2A. An example of graphic screen on which ad contents are displayed in connection with the harmful information blocking code module is shown in FIG. 5.
The method begins with a homepage being constructed for online services on the harmful information management server 110 (step 210). A computer user launches a web browser on the client computer (hereinafter, referred to as merely "client") 130 (step 220). When the client 130 is connected to the harmful information management server 110 (step 240)., the harmful information management server 110 transmits a harmful information blocking code module and ad contents to the client 130 (step 250).
For this case, the connection between the client 130 and the harmful information management server 110 is accomplished by a HyperText Transfer Protocol formatted request (HTTP request), and the transferring of the harmful information blocking code module from the harmful information management server 110 to the client 130 is performed by a HTTP response. In general, the HTTP request is carried out by typing the Universal Resource Locator (URL) of the harmful information management server 110 or clicking a hyperlink associated with the URL on the web browser.
Preferably, the harmful information blocking code module is an executable application program which runs on the client 130. For example, there are ActiveX™ controls designed for use in the Windows environment developed by the Microsoft Corporation, and Java™ applets and JavaScript™, which can be executed by web browser. Alternatively, an object coded program designed with a high-level language may be linked to a web browser to run.
Next, the harmful information blocking code module transferred in step 250 is automatically executed on the client 130 and blocks in real time harmful information including computer viruses, and the ad contents transferred in step 250 are displayed in a separate window (step 260). Alternatively, the ad contents transferred in step 250 can be displayed by creating a frame in a predetermined portion of the web browser screen. This will be described later.
For the display of ad contents in a separate window, it is preferable that when the client 130 is connected to the harmful information management server 110, the harmful information management server 110 provides an HTTP response, which enables the creation of a window, to the client 130, and then provides the ad contents as an HTTP response with respect to an HTTP request issued from the client 130, through the separate window.
In the present embodiment, the harmful information blocking code module and the ad contents are operated/managed in conjunction with each other, and thus it is preferable to display a running status of the harmful information blocking code module and the ad contents on the same window. In this manner, the client 130 may request the harmful information management server 110 to provide both the harmful information blocking code module and the ad contents through a separate window created as an HTTP response from the harmful information management server 110. To be exact, upon the connecting of the client 130 to the harmful information management server 110, the harmful information management server 110 provides an HTTP response such that the client 130 is able to request the harmful information blocking code module and ad contents through a separate window. When the window is closed, the execution of the harmful information blocking code and the display of ad contents are aborted.
It is more preferable for user interface that the ad contents and the running status of the harmful information blocking code module are displayed in separate frames within the same window. In this manner, the client 130 may be connected to the harmful information management server 110 through each of the frames within the same window. The separate connections for the harmful information blocking code module and the ad contents can be achieved in parallel. FIG. 5 illustrates a graphic screen displaying the running status of the harmful information blocking code module and the ad contents in different frames within the separate window. Since the harmful information blocking code module and the ad contents are provided through the window and then run in real time on the client 130, the execution of the harmful information blocking code module and the ad contents is continued on the client 130 even when the client 130 accesses another web server. Thus, the client 130 can be provided with a harmful information blocking service for security in real time by accessing the harmful information management server 110 only once.
The ad contents transferred in step 250 and displayed on the separate window in step 260 may include a plurality of banner images, which can be periodically updated by a server push or client pull technique. The server push technique supports the server's periodic data transfer to the client even when there is no request from users. This technique is extensively applied to online stock information service sites. The client pull supports the transfer of a client's HTTP request to the server even when there is no request from users. This is implemented by setting a timer at a sever's HTTP response to count the time period between the server's HTTP response and the next client's HTTP request.
In the present embodiment, the client 120 can be optionally provided with a compensation event for the client' dragging and dropping of ad banner images (step 270). According to the drag and drop method, a particular object on the window is clicked with a button (left button) of a mouse, dragged by moving the mouse, and then dropped by releasing the mouse button to move the object (or a copy).
For the compensation event for the dragging & dropping of banner images in step 270, there is a need to download and run on the client 130 a predetermined application program for communications between the client 130 and the harmful information management server 110. Of course, a user's preregistration in the harmful information management server 110 is required to receive the benefits of the compensation. In other words, when a user moves banner images of the ad contents to the predetermined application program by dragging and dropping the image, the harmful information management server 110 is informed of the dragging and dropping of the images, and provides a predetermined compensation to the user. The information provided to the harmful information management server 110 can be utilized for statistical purposes, for example, relating information on effectiveness of the advertisement to the client 130.
In addition, the drag & drop based advertising technique described in the present embodiment is applicable in connection with e-mail services. In particular, when a user performs a drag & drop event and the harmful information management server 110 is informed of the event, the harmful information management server 110 e-mails ads relating to the banner images selected through the drag & drop event by the user, or directs advertisers to send such mails to the user. Upon the user's receiving of the mails, a predetermined compensation is provided. Lastly, when the ad display window is closed, the execution of the harmful information blocking code module is also aborted (step 280).
Prior to description of the mechanism of the harmful information blocking code module, a variation (hereinafter, referred to as "second embodiment") of the first embodiment will be described. FIG. 1 B illustrates the configuration of a system applied for the second embodiment according to the present invention, and FIG. 2B is a flowchart illustrating the second embodiment of the method for offering online ads along with an online harmful information blocking code module according to the present invention. As shown in FIG. 1 B, the system further comprises a web server 120
(hereinafter, referred to as "second web server"), other than the harmful information management server 1 10, for providing online services on a network. The second web server 120 is a common web sever linked with a client system via a computer network such as the Internet. In the present embodiment, referring to FIG. 2B, step 210 and step
220 are carried out in the same way as in the first embodiment described with reference to FIG. 2A. Next, the client 130 primarily accesses the second web server 120 (step 230). The second web server 120 provides hyperlink information for use in accessing the harmful information management server 110 as well as information relating to online services to the client 130 (step 235). It is preferable that the hyperlink information is not link information for the front
5 homepage of the harmful information management server 110, but link information that directly enables the client 130 to receive the harmful information blocking code module (including ad contents) from the harmful information management server 110 through a separate window.
Next, the client 130 performs an HTTP request to the harmful o information management server 110, according to the hyperlink information from the second web server 120 (step 245). The harmful information management server 110 transmits the harmful information blocking code module and ad contents, which are an HTTP response with respect to the HTTP request issued from the client 130, to the client 130 (step 255). s When the transfer of the harmful information blocking code module is completed, the harmful information blocking code module is automatically executed on the client 130 to block in real time harmful information including computer viruses, and outputs the ad contents on a separate window (step 260), as in the first embodiment. It is preferable that the harmful 0 information blocking code module and ad contents are managed through separate frames within the same window, as in the first embodiment. Unlike the first embodiment, it is preferable to support the second web server 120 to designate link information relating to the ad contents. In other words, the ad contents provided to the client 130 can be varied by various 5 web servers which the client 130 visits in the course of connecting to the harmful information management server 110. It is apparent that the ad contents may be periodically updated by the server push or client pull technique.
Next, similar to the first embodiment, the client 120 can be optionally o provided with a compensation event for the client's dragging and dropping of banner images of the ad contents (step 270). Lastly, when the ad display window is closed, the execution of the harmful information blocking code module is also aborted (step 280). While in the first and second embodiments the ad contents are displayed on a separate window, the ad contents can be output on a frame created for displaying the ad contents in a specific place on the web browser screen. FIG. 6 illustrates a graphic screen on which ad contents are displayed on a separate frame in conjunction with the execution of the online harmful information blocking code module.
As shown in FIG. 6, the ad contents delivered from the harmful information management server 110 are displayed on a new frame created in a specific place on the web browser screen of the client. The new frame which displays the ad contents is shown in the lower portion of the web browser screen in FIG. 6, but the frame can be located in another portion (for example, on the left or right) of the web browser. As shown in FIG. 6, it is preferable that the frame includes a sub-frame on which ad contents are output and a sub-frame on which information on running status of the harmful information blocking code module are output. In other words, the harmful information blocking code module and ad contents are managed through separate frames within the window. Even when the client 130 accesses another web server, the display of ad contents through the frame is continued. When the frame for ad contents is closed, the execution of the harmful information blocking code module is also aborted.
In the example illustrated in FIG. 6, the ad contents may contain a plurality of banner images, and can be updated periodically by the server push or client pull technique. As in the first embodiment, additional compensation events can be served for the client's dragging & dropping of ad banner images, and for the client's reception of an e-mail with ads associated with the banner image dragged and dropped by the user. In addition, the connecting of the client 130 to the harmful information management server 110 can be established using the link information provided from another web server, such as the second web server 120 shown in FIG. 1 B. In this case, the ad contents can be designated by the second web server 120.
In other words, the mechanism of providing ad contents in the present embodiment is similar to that described with reference to FIG. 5, except that a new frame, rather than a separated window, is created on the web browser screen to display the ad contents thereon. In the present embodiment, since the frame for displaying the ad contents is based on the web browser, the ad display frame is aborted when the web browser is closed.
Preferably, a predetermined icon associated with the frames displaying the ad contents and the running status of the harmful information blocking code module, for example, an icon appearing along with the text "security" in FIG. 6, is created on the tool bar of the web browser. More preferably, the related icon is kept consistent in the tool bar when the web browser is launched again. In this way, a window registry relating to the web browser must be changed. The automatic connecting to the harmful information management server 110, which is established by just clinking the related icon, is favorable in terms of user interface. The preferred embodiments of the online advertising method have been described. Now, the harmful information blocking code module for blocking harmful information, which is executed in conjunction with the display of ad contents, will be described. FIG. 3 shows the configuration of an example of the harmful information blocking code module adopted in the present invention.
As shown in FIG. 3, the harmful information blocking code module includes an input/output management unit 310, a harmful information blocking unit 320, and an information transferring unit 330. The harmful information blocking code module is executed in connection with the separate window or frame 340 on which its running status and ad contents are displayed. When the window or frame 340 is closed, the execution of the harmful information blocking code module is aborted as described previously.
The input/output management unit 310 inspects file input/output (I/O) on the client 130. The inspection of the file I/O refers to the action taken to get file information by hooking up file I/O routines. Preferably, the input/output management unit 310 also inspects network packet I/O on the client 130 so as to block harmful information from the network. A computer virus capable of illegally extracting personal information, such as the Back Orifice virus, may be blocked by checking file I/O, or checking processes, which will be described below. Preferably, the input/output management unit 310 further has a function for monitoring any Internet address that the client 130 attempts accessing, which prevents computer users from accessing undesirable lascivious web sites.
The harmful information blocking unit 320 diagnoses whether or not a file or packet is harmful, and takes appropriate remedial action if the file or packet is harmful. The information transferring unit 330 informs the harmful information management server 110 of information on the file or packet determined to be harmful.
In the operation of the harmful information blocking code module, referring to FIG.4, first the harmful information blocking code module, which is automatically executed on the client 130, inspects whether processes currently running on the client 130 are harmful or not (step 410). This is because all future processes can be influenced by the current processes in memory. Another reason for this is that the Back Orifice virus capable of illegally extracting personal information from a system, which operates in the form of processes and enables an external computer system to remote control a user computer.
A method for checking whether or not processes are harmful involves making a list of the ongoing processes loaded in the memory, and examining whether the files corresponding to each of the processes are harmful or not. If a file is determined to be harmful, the corresponding process is determined to be a harmful process and is then aborted. It is appreciated that an appropriate treatment may also be performed on the corresponding harmful file. Preferably, after the detection of harmful information and before performing appropriate treatment, the harmful information blocking code module informs a user of the presence of the harmful information, and requests the user's approval to take remedial action.
Next, the harmful information blocking code module inspects every file I/O on the client 140 (step 420). As previously mentioned, the file I/O inspection is performed by hooking up file I/O routines. For example, VxD, which is the I/O routine under the Windows environment, may be hooked up for the inspection.
In step 420, network packet I/O may be inspected along with the file I/O so as to block harmful information infiltrating from a network, which was also previously mentioned. The network packet I/O inspection may be accomplished by hooking up socket I/O routines (such as the so-called
"Winsock module" in the Windows environment).
Furthermore, as previously mentioned, in step 420, any Internet address that the client 130 attempts to access, may be further monitored, which prevents the accessing of undesirable lascivious web sites. This monitoring for preventing undesirable accessing can be accomplished by checking the header of an HTTP request message or a Domain Name Service (DNS) lookup message. In other words, step 420 may involve additional functions for checking for possible occurrences of harmful information on the client 130. Subsequent operations of the harmful information blocking code module will be described with reference to file I/O inspection, however, file I/O inspection is only an example and should not be contrived as limiting the scope of the invention.
Next, it is determined whether files which are monitored in step 420 are harmful or not (step 430). This determination can be performed by various methods, according to the type of harmful information or the necessities of applications. For example, a pattern comparison with known harmful information, for example, identified computer viruses, may be performed for the purpose of the determination. In general, computer viruses operate in a predetermined pattern, and thus the pattern comparison technique can be a tool for identifying new species of viruses.
In step 430, it is preferable to make a determination as to whether or not a network packet is harmful, or whether the client 130 attempts to access an undesirable lascivious web site.
If it is determined that the monitored information is safe, the harmful information code module performs no specified treatment on the file. Accordingly, a user is allowed to continue his or her task on the client 130 irrespective of the harmful information code blocking module.
If the monitored information is determined to be harmful, it is further determined whether the monitored information is related to file I/O or packet I/O to provide a proper treatment consistent with the harmful file or packet. Although not shown in FIG. 4, as for blocking access to an desirable lascivious web site, an HTTP request message can be reformulated to guide the client 130 to a desirable web site good for users.
In the case where the monitored information is related to file I/O, it is determined whether the harmful file can be properly treated (step 450).
If the treatment is possible, the corresponding file is treated (step 454). If the treatment is impossible, execution of the corresponding file is merely aborted (step 452). In step 454, it is preferable to notify a user that harmful information was detected, and to request approval for performing treatment on the harmful information.
Lastly, it is preferable to notify the harmful information management server 110 if information indicative of harmful information is detected from the client 130 online, using the harmful information blocking code module (step 470). If the detected information is a new kind of harmful information and thus cannot be treated, it is preferable to transmit the entire file related to the unidentified harmful information to the harmful information management server 110. Of course, it is preferable to get pre-approval regarding notification of the harmful information detection and/or the transmission of the unidentified harmful information file to the harmful information management server 110.
In other words, the present embodiment provides the function of automatically providing the harmful information management server 110 with information on harmful information detected in the client 130. Accordingly, the harmful information management server 110 is allowed to acquire statistical data on harmful information, and can thus instantaneously counteract the occurrence of an unidentified computer virus, for example, by developing an effective antivirus program. In this manner, the harmful information management server 110 analyzes the unidentified harmful information from the client 130 to develop a proper treatment program, and provides an appropriate security service for blocking harmful information from attacking the client 130, with the latest version of the harmful information blocking code module. Therefore, the present invention can prevent user computers operating in an open network environment from damage caused by various harmful information.
In the present embodiment, a communications channel for use by the harmful information blocking code module in automatically transmitting harmful information to the harmful information management server 110 may be implemented with Internet mail transfer protocol such as Simple Mail Transfer Protocol (SMTP), or File Transfer Protocol (FTP). More preferably, a specified communication channel is provided exclusively for the transmission of the harmful information.
Meanwhile, if it is determined in step 440 that harmful information is related to the packet I/O, a communication port assigned for the packet I/O is blocked (step 460). If internal processes for supporting the network packet I/O via the communication channel is in progress, it is preferable to abort the processes.
Next, a proper treatment is performed on the harmful information infiltrating through the communications port in a similar way as for the harmful information related with the file I/O (step 462). In step 470, the harmful information management server 110 is informed of the detection of the harmful information from the network packet I/O.
The present embodiments may be implemented as a computer readable program code. The invention may be embodied in a general purpose digital computer by running a program from a computer readable medium, including but not limited to magnetic storage media (e.g., ROM's, floppy disks, hard disks, etc.), optically readable media (e.g., CD-ROMs, DVDs, etc.) and carrier waves (e.g., transmissions over the Internet). While this invention has been particularly shown and described with reference to preferred embodiments thereof, it will be understood by those skilled in the art that various changes in form and details may be made thereto without departing from the spirit and scope of the invention as defined by the appended claims. The embodiments should be construed as being illustrative and not as limiting the scope of the invention. Accordingly, the scope of the present invention is defined by the appended claims rather than the foregoing description.
Industrial Applicability
As previously described, according to the present invention, upon the connecting of the client system to the harmful information management server on a computer network, the harmful information blocking program is automatically provided to and installed in the client system, so that harmful information detected on the client system can be actively blocked in real time. In addition, the harmful information blocking program is provided along with ad contents, and management of the program and the ad contents is performed through the same window or frame, thereby boosting effectiveness of the advertisement. Furthermore, even when a user accesses another web server, the ad display window or frame, which is managed in connection with the harmful information blocking program, remains displayed on the client's screen, thus enhancing effectiveness of the advertisement.

Claims

What is claimed is:
1. A method for providing advertisements (ads) on a computer network through which a first web server and a client computer are linked to each other, the method comprising the steps of: (a) the first web server receiving a connection request from the client computer over the computer network;
(b) the first web server transmitting a harmful information blocking code module and ad contents to the client computer; and
(c) the harmful information blocking code module automatically running on the client computer to block in real time harmful information including computer viruses, and the ad contents delivered in step (b) being displayed on a separate window, wherein when the ad contents display window is closed, the execution of the harmful information blocking code module is aborted.
2. The method of claim 1 , wherein, in step (c), the running status of the harmful information blocking code module is also displayed on the ad contents display window.
3. The method of claim 2, wherein, in step (c), the running status of the harmful information blocking code module and the ad contents are displayed on different frames within the separate window.
4. The method of claim 4, wherein, in step (b), the harmful information blocking code module and the ad contents are transferred to the client computer through different links.
5. The method of claim 1 , wherein the ad contents delivered in step (b) and displayed in step (c) are periodically updated by a server push or client pull technique.
6. The method of claim 1 , wherein the ad contents delivered in step (b) and displayed in step (c) contain a plurality of banner images.
7. The method of claim 1 , wherein the harmful information blocking code module transmitted in step (b) is an ActiveX™ or Java™ program.
8. The method of claim 1 , wherein the harmful information blocking code module running in step (c) and the ad contents display window remain activated even when the client computer accesses another web server.
9. The method of claim 1 , wherein, in step (a), the client computer is primarily connected to a second web server and requests a connection to the first web server using information provided by the second web server.
10. The method of claim 9, wherein the ad contents delivered in step (b) are designated by the second web server.
11. A method for providing advertisements (ads) on a computer network through which a first web server and a client computer are linked to each other, the method comprising the steps of:
(a) the first web server receiving a connection request from the client computer over the computer network;
(b) the first web server transmitting a harmful information blocking code module and ad contents including a plurality of banner images to the client computer;
(c) the harmful information blocking code module automatically running on the client computer to block in real time harmful information including computer viruses, and the ad contents delivered in step (b) being displayed on a separate window; and (d) when each of the plurality of banner images is copied to a predetermined application program which is downloaded from the first web server and runs on the client computer, using a drag and drop technique, and the first web server providing a predetermined compensation to the client computer, wherein when the ad contents display window is closed, the execution of the harmful information blocking code module is aborted.
12. The method of claim 11 , wherein step (d) comprises:
(d1 ) when each of the plurality of banner images is copied to a predetermined application program which is downloaded from the first web server and runs on the client computer, using a drag and drop technique, the client computer informing the first web server of the occurrence of the drag and drop event;
(d2) the first web server sending ads e-mails associated with each of the plurality of banner images downloaded; and
(d3) the first web server providing a predetermined compensation to the client computer if the reception of the e-mails sent in step (d2) is ascertained.
13. The method of claim 11 , wherein, in step (c), the running status of the harmful information blocking code module is also displayed on the ad display window.
14. The method of claim 11 , wherein, in step (a), the client computer is primarily connected to a second web server and requests a connection to the first web server using information provided by the second web server.
15. A method for providing advertisements (ads) on a computer network through which a first web server and a client computer are linked to each other, the method comprising the steps of:
(a) the first web server receiving a connection request from the client computer over the computer network;
(b) the first web server transmitting a harmful information blocking code module and ad contents to the client computer; and
(c) the harmful information blocking code module automatically running on the client computer to block in real time harmful information including computer viruses, and the ad contents delivered in step (b) being displayed on a frame created in a specific area of a web browser screen, wherein when the ad contents display frame is closed, the execution
5 of the harmful information blocking code is aborted.
16. The method of claim 15, wherein, in step (c), a predetermined icon associated with the ad contents display frame, which is kept consistent when the web browser is launched again, is created on a tool bar of the web o browser, and the client computer is automatically connected to the first web server by just clicking the predetermined icon.
17. The method of claim 15, wherein, in step (c), the running status of the harmful information blocking code module is also displayed on s the ad contents display frame, and the running status of the harmful information blocking code module and the ad contents are displayed on different sub-frames within the frame.
18. The method of claim 15, wherein the ad contents delivered in 0 step (b) and displayed in step (c) are periodically updated by a server push or client pull technique.
19. The method of claim 15, wherein the harmful information blocking code module running in step (c) and the ad contents display frame 5 remain activated even when the client computer accesses another web server.
20. The method of claim 15, wherein, in step (a), the client computer is primarily connected to a second web server and requests a o connection to the first web server using information provided by the second web server.
21. A method for providing advertisements (ads) on a computer network through which a first web server and a client computer are linked to each other, the method comprising the steps of:
(a) the first web server receiving a connection request from the client computer over the computer network; (b) the first web server transmitting a harmful information blocking code module and ad contents including a plurality of banner images to the client computer;
(c) the harmful information blocking code module automatically running on the client computer to block in real time harmful information including computer viruses, and the ad contents delivered in step (b) being displayed on a frame created in a specific area of a web browser screen; and
(d) when each of the plurality of banner images is copied to a predetermined application program which is downloaded from the first web server and runs on the client computer, using a drag and drop technique, the first web server providing a predetermined compensation to the client computer, wherein when the ad contents display frame is closed, the execution of the harmful information blocking code is aborted.
22. The method of claim 21 , wherein step (d) comprises:
(d1) when each of the plurality of banner images is copied to a predetermined application program which is downloaded from the first web server and runs on the client computer, using a drag and drop technique, the client computer informing the first web server of the occurrence of the drag and drop event;
(d2) the first web server sending ads e-mails associated with each of the plurality of banner images downloaded; and
(d3) the first web server providing a predetermined compensation to the client computer if the reception of the e-mails sent in step (d2) is ascertained.
23. The method of claim 21 , wherein, in step (c), a predetermined icon associated with the ad contents display frame, which is kept consistent when the web browser is launched again, is created on a tool bar of the web browser, and the client computer is automatically connected to the first web server by just clicking the predetermined icon.
24. The method of claim 21 , wherein, in step (c), the running status of the harmful information blocking code module is also displayed on the ad contents display frame.
25. The method of claim 21 , wherein, in step (a), the client computer is primarily connected to a second web server and requests a connection to the first web server using information provided by the second web server.
26. A method for providing advertisements (ads) on a computer network through which a web server and a client computer are linked to each other, the method comprising the steps of:
(a) the web server receiving a connection request from the client computer over the computer network; and (b) the web server transmitting a harmful information blocking code module to automatically run on the client computer and block in real time harmful information including computer viruses, and ad contents to be displayed on a separate window or a frame created in a specific place of a web browser screen, to the client computer, wherein when the ad contents display window or frame is closed, the execution of the harmful information blocking code module is aborted.
PCT/KR2000/001373 1999-12-31 2000-11-28 Online advertising method on computer networks WO2001050364A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU18997/01A AU1899701A (en) 1999-12-31 2000-11-28 Online advertising method on computer networks

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
KR1999/68606 1999-12-31
KR19990068606 1999-12-31
KR2000/11284 2000-03-07
KR1020000011284A KR100684987B1 (en) 1999-12-31 2000-03-07 A Method for screening harmful information and hacking attempt in an E-commerce system using internet

Publications (1)

Publication Number Publication Date
WO2001050364A1 true WO2001050364A1 (en) 2001-07-12

Family

ID=26636629

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2000/001373 WO2001050364A1 (en) 1999-12-31 2000-11-28 Online advertising method on computer networks

Country Status (3)

Country Link
KR (1) KR100684987B1 (en)
AU (1) AU1899701A (en)
WO (1) WO2001050364A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1303540C (en) * 2003-05-12 2007-03-07 英业达股份有限公司 Method for real-time displaying server terminal program operating state at customer terminal

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100609839B1 (en) * 2004-06-08 2006-08-08 (주)파인핸즈 Method for Monitoring Download of Harmful Information on Internet

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH10240828A (en) * 1997-02-28 1998-09-11 Net Biretsuji Kk Advertisement distribution service system
JPH10320336A (en) * 1997-04-14 1998-12-04 Adletts Internatl Llc Method and device for inserting advertisement, etc., in data stream of client performed network connection to internet to display during free time
JPH1125176A (en) * 1997-07-03 1999-01-29 Fujitsu Ltd Device for preparing and transmitting notice information
US6014698A (en) * 1997-05-19 2000-01-11 Matchlogic, Inc. System using first banner request that can not be blocked from reaching a server for accurately counting displays of banners on network terminals

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5960170A (en) * 1997-03-18 1999-09-28 Trend Micro, Inc. Event triggered iterative virus detection

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH10240828A (en) * 1997-02-28 1998-09-11 Net Biretsuji Kk Advertisement distribution service system
JPH10320336A (en) * 1997-04-14 1998-12-04 Adletts Internatl Llc Method and device for inserting advertisement, etc., in data stream of client performed network connection to internet to display during free time
US6014698A (en) * 1997-05-19 2000-01-11 Matchlogic, Inc. System using first banner request that can not be blocked from reaching a server for accurately counting displays of banners on network terminals
JPH1125176A (en) * 1997-07-03 1999-01-29 Fujitsu Ltd Device for preparing and transmitting notice information

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1303540C (en) * 2003-05-12 2007-03-07 英业达股份有限公司 Method for real-time displaying server terminal program operating state at customer terminal

Also Published As

Publication number Publication date
KR100684987B1 (en) 2007-02-22
AU1899701A (en) 2001-07-16
KR20000030564A (en) 2000-06-05

Similar Documents

Publication Publication Date Title
USRE42196E1 (en) System and method for blocking harmful information online, and computer readable medium therefor
US7831672B2 (en) Systems and methods for securing computers
US10757120B1 (en) Malicious network content detection
US8219849B2 (en) Method and apparatus for controlling a computer over a wide area network
US7996902B1 (en) System and method for certifying that data received over a computer network has been checked for viruses
KR100450472B1 (en) Web server apparatus and method for virus checking
US20050198587A1 (en) Method and apparatus for defeating a mechanism that blocks windows
Gandhi et al. Badvertisements: Stealthy click-fraud with unwitting accessories
US20040006715A1 (en) System and method for providing security to a remote computer over a network browser interface
WO2006052714A2 (en) Apparatus and method for protection of communications systems
US7590698B1 (en) Thwarting phishing attacks by using pre-established policy files
WO2001050364A1 (en) Online advertising method on computer networks
US20030101242A1 (en) Method and apparatus for distributing a computer program
CA2548783A1 (en) Method and apparatus for a client call service
US20050010814A1 (en) System and method for preventing and delaying the distribution of electronic mail virus
US20160378982A1 (en) Local environment protection method and protection system of terminal responding to malicious code in link information
KR20220037803A (en) How to block hacking in an E-commerce system using the Internet
US8918515B1 (en) Interstitial redirection management
Kharouni SDBOT IRC botnet continues to make waves
Trent The Administrator Shortcut Guide to Patch Management
Arif Spyware: A Growing Software Threat
KR20190007713A (en) System for collecting malignant action using virtual operation environment
KR20070114674A (en) Server for processing mobile virus
KR20060108575A (en) System for mailing warning message against the worm virus and anti-virus vaccine automatically against it via wireless networks

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 69(1) EPC (COMMUNICATION OF 17-01-2003, EPO FORM 1205)

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP