This article relies largely or entirely on a single source. (September 2010)
TrustedSource is an Internet reputation system originally developed by CipherTrust and now owned by Intel Security. It provides reputation scores for Internet identities, such as IP addresses, URLs, domains, and email/web content.
Reputation data and content categories, as well as global email, web and other network traffic patterns observed by TrustedSource ecosystem, for any IP address, domain, or URL can be checked from the TrustedSource.org portal site
TrustedSource works by analyzing in real-time traffic patterns from email, web and network data flows from McAfee's global set of security appliances and hosted services, as well as those of partners like F5 Networks. Working off that data stream, it applies data mining and analysis techniques, such as Support Vector Machine, Random forest, and Term-Frequency Inverse-Document Frequency (TFIDF) classifiers to determine the degree of maliciousness and security risk associated with each Internet identity, as well as perform content categorization.
The numeric scores that result from that analysis are then combined with local filtering policies of devices and services that utilize TrustedSource to make an accept/deny/traffic shape types of decisions on the network connections associated with those Internet identities.
Internet reputation systems like TrustedSource are useful to effectively block network-based attacks sent over email, web and other protocols. They benefit from the global sensor network reporting attack patterns in real-time and the intensive behavioral analysis is distributed across a world-wide network of systems instead of unnecessarily utilizing processing power of local security devices. Those systems have also been effective at tracking and monitoring botnets, such as the infamous Storm worm.