公开(公告)号：US11044088B2

公开(公告)日：2021-06-22

申请号：US16451351

申请日：2019-06-25

Applicant: Dropbox, Inc.

Inventor： Anton Mityagin

IPC: H04L9/08 ,  H04L9/16 ,  H04L9/12 ,  H04L29/06

Abstract: Systems, methods, and non-transitory computer-readable storage media for rotating security keys for an online synchronized content management system client. A client having a first security key as an active security key may send a request to a server for a new security key as a replacement for the first security key. The server may receive the request and generate a candidate security key. The server can issue the candidate security key to the client device. After receiving the candidate security key, the client may send a key receipt confirmation message to the server. In response to the confirmation message, the server may mark the candidate key as the new security key for the client and discard the client's old security key. The server may send an acknowledgment message to the client device. In response, the client may also mark the candidate key as its new active key.

公开(公告)号：US10374798B2

公开(公告)日：2019-08-06

申请号：US15814331

申请日：2017-11-15

Applicant: DROPBOX INC.

Inventor： Anton Mityagin

IPC: H04L9/08 ,  H04L9/16 ,  H04L29/06 ,  H04L9/12

Abstract: Systems, methods, and non-transitory computer-readable storage media for rotating security keys for an online synchronized content management system client. A client having a first security key as an active security key may send a request to a server for a new security key as a replacement for the first security key. The server may receive the request and generate a candidate security key. The server can issue the candidate security key to the client device. After receiving the candidate security key, the client may send a key receipt confirmation message to the server. In response to the confirmation message, the server may mark the candidate key as the new security key for the client and discard the client's old security key. The server may send an acknowledgment message to the client device. In response, the client may also mark the candidate key as its new active key.

公开(公告)号：US20170346797A1

公开(公告)日：2017-11-30

申请号：US15167972

申请日：2016-05-27

Applicant: Dropbox, Inc.

Inventor： Kapil Yedidi ,  Anton Mityagin ,  Sean Byrne

IPC: H04L29/06

CPC classification number: H04L63/06 ,  H04L63/083 ,  H04L63/14

Abstract: Disclosed are systems, methods, and non-transitory computer-readable storage media for detecting compromised credentials. In some implementations, a content management system can receive information identifying compromised login credentials (e.g., account identifier, password, etc.) from a third party server. The login credentials can be represented by a first hash value generated using a hashing algorithm. When a user logs in to the content management system the user can provide the user's account identifier and password for the content management system. The content management system can generate a second hash value from the user-supplied password using the same hashing algorithm used for the compromised login credentials. The content management system can determine whether the second hash value matches the first hash value and prompt the user to provide a new password for the user's content management system account when the second hash value matches the first hash value.

公开(公告)号：US20150188886A1

公开(公告)日：2015-07-02

申请号：US14145040

申请日：2013-12-31

Applicant: DROPBOX, INC.

Inventor： Anton Mityagin

IPC: H04L29/06

CPC classification number: G06F21/6218 ,  G06F21/10 ,  H04L63/0263 ,  H04L63/101

Abstract: To identify whether a content item is prohibited, a content management system can generate a content item fingerprint for the content item and then compare the generated content item fingerprint to a blacklist of content item fingerprints for prohibited content items. If the generated content item fingerprint matches any of the content item fingerprints included in the blacklist, the content management system can determine that the content item is prohibited. The content management system can deny requests to share prohibited content items and/or requests to assign prohibited content items to a user account on the content management system. The content management system can generate the content item fingerprint using the content item as input in a fingerprinting algorithm that was used to generate the content item fingerprints on the blacklist.

Abstract translation: 为了识别内容项目是否被禁止，内容管理系统可以生成用于内容项目的内容项目指纹，然后将生成的内容项目指纹与禁止内容项目的内容项目指纹的黑名单进行比较。 如果生成的内容项目指纹与黑名单中包含的任何内容项目指纹相匹配，则内容管理系统可以确定内容项被禁止。 内容管理系统可以拒绝将禁止的内容项目和/或将禁止的内容项目分配给内容管理系统上的用户帐户的请求。 内容管理系统可以使用在用于在黑名单上生成内容项目指纹的指纹算法中的内容项目作为输入来生成内容项目指纹。

公开(公告)号：US20150178516A1

公开(公告)日：2015-06-25

申请号：US14139469

申请日：2013-12-23

Applicant: Dropbox, Inc.

Inventor： Anton Mityagin

IPC: G06F21/62 ,  H04L29/08

CPC classification number: G06F21/6218 ,  H04L63/0876 ,  H04L63/105 ,  H04L67/10 ,  H04L67/1095

Abstract: Various embodiments restrict or enable access to content items of an account based on login information or content request properties. For example, a synchronized online content management system can receive a request including one or more content request properties from a client device to access a user account. Access rules for the user account can be obtained and applied based on the content request properties to generate an access status. In one instance, the client device is provided with full account access if the access status indicates that the client device is an authorized device. In another instance, if the client device is an unauthorized device, at least one aspect of access to the user account is restricted.

Abstract translation: 各种实施例基于登录信息或内容请求属性限制或允许对帐户的内容项目的访问。 例如，同步的在线内容管理系统可以从客户端设备接收包括一个或多个内容请求属性的请求以访问用户帐户。 可以基于内容请求属性获取并应用用户帐户的访问规则，以生成访问状态。 在一种情况下，如果访问状态指示客户端设备是授权设备，则向客户端设备提供完整的帐户访问。 在另一个实例中，如果客户端设备是未经授权的设备，则访问用户帐户的至少一个方面受到限制。

公开(公告)号：US20230139473A1

公开(公告)日：2023-05-04

申请号：US18147468

申请日：2022-12-28

Applicant: Dropbox, Inc.

Inventor： Ishita Arora ,  Anton Mityagin ,  Ray Zhang ,  Sam Keller ,  Stacey Sern

IPC: G06F21/56 ,  G06F8/71

Abstract: Disclosed are systems, methods, and non-transitory computer-readable storage media for malware detection and content item recovery. For example, a content management system can receive information describing changes made to content items stored on a user device. The content management system can analyze the information to determine if the described changes are related to malicious software on the user device. When the changes are related to malicious software, the content management system can determine which content items are effected by the malicious software and/or determine when the malicious software first started making changes to the user device. The content management system can recover effected content items associated with the user device by replacing the effected versions of the content items with versions of the content items that existed immediately before the malicious software started making changes to the user device.

公开(公告)号：US11184341B2

公开(公告)日：2021-11-23

申请号：US16832463

申请日：2020-03-27

Applicant: Dropbox, Inc.

Inventor： Anton Mityagin

IPC: H04L29/06

Abstract: In some embodiments, upon detecting malicious activity associated with a user account, a content management system can identify other user accounts related to the malicious user account. The content management system can identify related user accounts by comparing authentication information collected for the malicious user account with authentication information collected for other user accounts. Authentication information can include IP address information, geographic information, device type, browser type, email addresses, and/or referral information, for example. The content management system can compare the content items associated with the malicious user account to content items associated with other user accounts to determine relatedness or maliciousness. After identifying related malicious user accounts, the content management system can block all related malicious user accounts.

公开(公告)号：US10013568B2

公开(公告)日：2018-07-03

申请号：US14984822

申请日：2015-12-30

Applicant: Dropbox, Inc.

Inventor： Anton Mityagin

IPC: G06F17/30 ,  G06F21/62 ,  H04L29/06 ,  H04N7/16 ,  G06F21/10

CPC classification number: G06F21/6218 ,  G06F21/10 ,  H04L63/0263 ,  H04L63/101

Abstract: To identify whether a content item is prohibited, a content management system can generate a content item fingerprint for the content item and then compare the generated content item fingerprint to a blacklist of content item fingerprints for prohibited content items. If the generated content item fingerprint matches any of the content item fingerprints included in the blacklist, the content management system can determine that the content item is prohibited. The content management system can deny requests to share prohibited content items and/or requests to assign prohibited content items to a user account on the content management system. The content management system can generate the content item fingerprint using the content item as input in a fingerprinting algorithm that was used to generate the content item fingerprints on the blacklist.

公开(公告)号：US09961053B2

公开(公告)日：2018-05-01

申请号：US15167972

申请日：2016-05-27

Applicant: Dropbox, Inc.

Inventor： Kapil Yedidi ,  Anton Mityagin ,  Sean Byrne

IPC: H04L29/06

CPC classification number: H04L63/06 ,  H04L63/083 ,  H04L63/14

Abstract: Disclosed are systems, methods, and non-transitory computer-readable storage media for detecting compromised credentials. In some implementations, a content management system can receive information identifying compromised login credentials (e.g., account identifier, password, etc.) from a third party server. The login credentials can be represented by a first hash value generated using a hashing algorithm. When a user logs in to the content management system the user can provide the user's account identifier and password for the content management system. The content management system can generate a second hash value from the user-supplied password using the same hashing algorithm used for the compromised login credentials. The content management system can determine whether the second hash value matches the first hash value and prompt the user to provide a new password for the user's content management system account when the second hash value matches the first hash value.

公开(公告)号：US20170308698A1

公开(公告)日：2017-10-26

申请号：US15649410

申请日：2017-07-13

Applicant: DROPBOX INC.

Inventor： Anton Mityagin

IPC: G06F21/56 ,  H04L29/06

CPC classification number: G06F21/561 ,  G06F21/566 ,  H04L63/1433 ,  H04L63/20

Abstract: In some embodiments, a content management system can initiate a scan of a content item when the content management system detects that activity associated with the content item triggers a scan policy. In some embodiments, a content management system can initiate a scan of a user's account when the content management system detects that activity associated with the content item triggers a scan policy. A scan policy can specify, for example, a number of shares, downloads and/or previews of the content item allowable in a period of time. When the number of shares, downloads, and/or previews exceeds the specified number in the policy in the specified period of time, the content management system can initiate a scan (e.g., virus scan, malware scan, etc.) of the content item and/or the user's account.