-
公开(公告)号:US20110162070A1
公开(公告)日:2011-06-30
申请号:US12693765
申请日:2010-01-26
申请人: Sven Krasser , Yuchun Tang , Yuanchen He , Zhenyu Zhong
发明人: Sven Krasser , Yuchun Tang , Yuanchen He , Zhenyu Zhong
CPC分类号: G06F21/564 , G06F21/56
摘要: A computer network device receives a digital file and extracts a plurality of high level features from the file. The plurality of high level features are evaluated using a classifier to determine whether the file is benign or malicious. The file is forwarded to a requesting computer if the file is determined to be benign, and blocked if the file is determined to be malicious.
摘要翻译: 计算机网络设备接收数字文件并从文件中提取多个高级特征。 使用分类器评估多个高级特征以确定文件是良性还是恶意的。 如果文件被确定为良性,则将文件转发到请求计算机,如果该文件被确定为恶意文件,则该文件被阻止。
-
公开(公告)号:US08719939B2
公开(公告)日:2014-05-06
申请号:US12693765
申请日:2010-01-26
申请人: Sven Krasser , Yuchun Tang , Yuanchen He , Zhenyu Zhong
发明人: Sven Krasser , Yuchun Tang , Yuanchen He , Zhenyu Zhong
IPC分类号: H04L29/06
CPC分类号: G06F21/564 , G06F21/56
摘要: A computer network device receives a digital file and extracts a plurality of high level features from the file. The plurality of high level features are evaluated using a classifier to determine whether the file is benign or malicious. The file is forwarded to a requesting computer if the file is determined to be benign, and blocked if the file is determined to be malicious.
摘要翻译: 计算机网络设备接收数字文件并从文件中提取多个高级特征。 使用分类器评估多个高级特征以确定文件是良性还是恶意的。 如果文件被确定为良性,则将文件转发到请求计算机,如果该文件被确定为恶意文件,则该文件被阻止。
-
公开(公告)号:US20110191423A1
公开(公告)日:2011-08-04
申请号:US12696828
申请日:2010-01-29
申请人: Sven Krasser , Dmitri Alperovitch , Yuchun Tang , Yuanchen He , Jonathan Zdziarski , Mark Gilbert
发明人: Sven Krasser , Dmitri Alperovitch , Yuchun Tang , Yuanchen He , Jonathan Zdziarski , Mark Gilbert
IPC分类号: G06F15/173 , G06F15/16
CPC分类号: G06F21/552
摘要: A system derives a reputation for a plurality of network addresses, the reputation of each network address determined by analyzing a plurality of high-level email features related to one or more emails originating from the network address. The plurality of high-level email features include domain registration analysis, hashed term frequency indexing, persistent communication, address age, correlation analysis, zombie detection, and hash vault matching.
摘要翻译: 系统通过分析与源自网络地址的一个或多个电子邮件相关的多个高级电子邮件特征来确定多个网络地址的信誉,每个网络地址的声誉。 多个高级电子邮件功能包括域注册分析,散列术语频率索引,持久通信,地址年龄,相关分析,僵尸检测和哈希库匹配。
-
公开(公告)号:US08719352B2
公开(公告)日:2014-05-06
申请号:US12696828
申请日:2010-01-29
申请人: Sven Krasser , Dmitri Alperovitch , Yuchun Tang , Yuanchen He , Jonathan Zdziarski , Mark Gilbert
发明人: Sven Krasser , Dmitri Alperovitch , Yuchun Tang , Yuanchen He , Jonathan Zdziarski , Mark Gilbert
IPC分类号: G06F15/16 , G06F15/173
CPC分类号: G06F21/552
摘要: A system derives a reputation for a plurality of network addresses, the reputation of each network address determined by analyzing a plurality of high-level email features related to one or more emails originating from the network address. The plurality of high-level email features include domain registration analysis, hashed term frequency indexing, persistent communication, address age, correlation analysis, zombie detection, and hash vault matching.
摘要翻译: 系统通过分析与源自网络地址的一个或多个电子邮件相关的多个高级电子邮件特征来确定多个网络地址的信誉,每个网络地址的声誉。 多个高级电子邮件功能包括域注册分析,散列术语频率索引,持久通信,地址年龄,相关分析,僵尸检测和哈希库匹配。
-
公开(公告)号:US20130104230A1
公开(公告)日:2013-04-25
申请号:US13278578
申请日:2011-10-21
申请人: Yuchun Tang , Zhenyu Zhong , Yuanchen He
发明人: Yuchun Tang , Zhenyu Zhong , Yuanchen He
CPC分类号: G06F21/552 , G06F2221/2117 , H04L63/1458
摘要: Systems and methods for detecting a denial of service attack are disclosed. These may include receiving a plurality of web log traces from one of a plurality of web servers; extracting a first set of features from the plurality of web log traces; applying a first machine learning technique to the first set of features; producing a first plurality of user classifications for communication to the web server; extracting a second set of features from the plurality of web log traces; applying a second machine learning technique to the second set of features; producing a second plurality of user classification for communication to the web server; communicating the first plurality of user classifications to the web server based at least on the plurality of web log traces; and communicating the second plurality of user classifications to the web server based at least on the plurality of web log traces.
摘要翻译: 公开了用于检测拒绝服务攻击的系统和方法。 这些可以包括从多个web服务器之一接收多个web日志跟踪; 从所述多个web日志跟踪中提取第一组特征; 将第一机器学习技术应用于第一组特征; 产生用于与所述web服务器进行通信的第一多个用户分类; 从所述多个web日志跟踪中提取第二组特征; 将第二机器学习技术应用于第二组特征; 产生用于与所述web服务器通信的第二多个用户分类; 至少基于所述多个web日志跟踪将所述第一多个用户分类传达到所述web服务器; 以及至少基于所述多个web日志跟踪将所述第二多个用户分类传达到所述web服务器。
-
公开(公告)号:US08549645B2
公开(公告)日:2013-10-01
申请号:US13278578
申请日:2011-10-21
申请人: Yuchun Tang , Zhenyu Zhong , Yuanchen He
发明人: Yuchun Tang , Zhenyu Zhong , Yuanchen He
IPC分类号: H04L29/06
CPC分类号: G06F21/552 , G06F2221/2117 , H04L63/1458
摘要: Systems and methods for detecting a denial of service attack are disclosed. These may include receiving a plurality of web log traces from one of a plurality of web servers; extracting a first set of features from the plurality of web log traces; applying a first machine learning technique to the first set of features; producing a first plurality of user classifications for communication to the web server; extracting a second set of features from the plurality of web log traces; applying a second machine learning technique to the second set of features; producing a second plurality of user classification for communication to the web server; communicating the first plurality of user classifications to the web server based at least on the plurality of web log traces; and communicating the second plurality of user classifications to the web server based at least on the plurality of web log traces.
摘要翻译: 公开了用于检测拒绝服务攻击的系统和方法。 这些可以包括从多个web服务器之一接收多个web日志跟踪; 从所述多个web日志跟踪中提取第一组特征; 将第一机器学习技术应用于第一组特征; 产生用于与所述web服务器进行通信的第一多个用户分类; 从所述多个web日志跟踪中提取第二组特征; 将第二机器学习技术应用于第二组特征; 产生用于与所述web服务器通信的第二多个用户分类; 至少基于所述多个web日志跟踪将所述第一多个用户分类传达到所述web服务器; 以及至少基于所述多个web日志跟踪将所述第二多个用户分类传达到所述web服务器。
-
7.发明申请SYSTEM AND METHOD FOR BOTNET DETECTION BY COMPREHENSIVE EMAIL BEHAVIORAL ANALYSIS 审中-公开通过综合电子邮件行为分析进行网络检测的系统和方法公开(公告)号:US20130247192A1
公开(公告)日:2013-09-19
申请号:US13037988
申请日:2011-03-01
申请人: Sven Krasser , Yuchun Tang , Zhenyu Zhong
发明人: Sven Krasser , Yuchun Tang , Zhenyu Zhong
IPC分类号: G06F21/00
CPC分类号: H04L63/1425 , H04L2463/144
摘要: A method is provided in one example embodiment that includes receiving message sender traits associated with email senders, and receiving a dataset of known malware identifiers and network addresses from a spamtrap. The message sender traits may include behavior features and/or content resemblance factors in various embodiments. The method further includes classifying the email senders as malicious or benign based on the behavior features, and further classifying the malicious senders by malware identifiers based on similarity of content resemblance factors and the dataset of known malware identifiers and network addresses. In certain specific embodiments, a supervised classifier, such as a support vector machine, may be used to classify the malicious senders by malware identifiers.
摘要翻译: 在一个示例实施例中提供了一种方法,其包括接收与电子邮件发送者相关联的消息发送者特征,以及从垃圾邮件捕获接收已知恶意软件标识符和网络地址的数据集。 消息发送者特征可以包括各种实施例中的行为特征和/或内容相似性因素。 该方法还包括基于行为特征将电子邮件发送者分类为恶意或良性,并且基于内容相似性因素与已知恶意软件标识符和网络地址的数据集的恶意软件标识符进一步对恶意发送者进行分类。 在某些具体实施例中,监督分类器(例如支持向量机)可用于通过恶意软件标识符对恶意发送者进行分类。
-
公开(公告)号:US20090192955A1
公开(公告)日:2009-07-30
申请号:US12020253
申请日:2008-01-25
申请人: Yuchun Tang , Yuanchen He
发明人: Yuchun Tang , Yuanchen He
IPC分类号: G06F15/18
CPC分类号: G06K9/6269 , G06N99/005 , H04L51/12
摘要: Methods and systems for granular support vector machines. Granular support vector machines can randomly select samples of datapoints and project the samples of datapoints into a randomly selected subspaces to derive granules. A support vector machine can then be used to identify hyperplane classifiers respectively associated with the granules. The hyperplane classifiers can be used on an unknown datapoint to provide a plurality of predictions which can be aggregated to provide a final prediction associated with the datapoint.
摘要翻译: 粒状支持向量机的方法和系统。 颗粒支持向量机可以随机选择数据点的样本,并将数据点的样本投影到随机选择的子空间中以得到颗粒。 然后可以使用支持向量机来识别分别与颗粒相关联的超平面分类器。 可以在未知数据点上使用超平面分类器来提供多个可以被聚合的预测,以提供与数据点相关联的最终预测。
-
公开(公告)号:US08160975B2
公开(公告)日:2012-04-17
申请号:US12020253
申请日:2008-01-25
申请人: Yuchun Tang , Yuanchen He
发明人: Yuchun Tang , Yuanchen He
IPC分类号: G06F15/18
CPC分类号: G06K9/6269 , G06N99/005 , H04L51/12
摘要: Methods and systems for granular support vector machines. Granular support vector machines can randomly select samples of datapoints and project the samples of datapoints into a randomly selected subspaces to derive granules. A support vector machine can then be used to identify hyperplane classifiers respectively associated with the granules. The hyperplane classifiers can be used on an unknown datapoint to provide a plurality of predictions which can be aggregated to provide a final prediction associated with the datapoint.
摘要翻译: 粒状支持向量机的方法和系统。 颗粒支持向量机可以随机选择数据点的样本,并将数据点的样本投影到随机选择的子空间中以得到颗粒。 然后可以使用支持向量机来识别分别与颗粒相关联的超平面分类器。 可以在未知数据点上使用超平面分类器来提供多个可以被聚合的预测,以提供与数据点相关联的最终预测。
-
公开(公告)号:US20150040218A1
公开(公告)日:2015-02-05
申请号:US14305877
申请日:2014-06-16
申请人: Dmitri Alperovitch , Nick Black , Jeremy Gould , Paul Judge , Sven Krasser , Phyllis Adele Schneck , Yuchun Tang , Aarjav Jyotindra Neeta Trivedi , Lamar Lorenzo Willis , Weilai Yang , Jonathan Alexander Zdziarski
发明人: Dmitri Alperovitch , Nick Black , Jeremy Gould , Paul Judge , Sven Krasser , Phyllis Adele Schneck , Yuchun Tang , Aarjav Jyotindra Neeta Trivedi , Lamar Lorenzo Willis , Weilai Yang , Jonathan Alexander Zdziarski
CPC分类号: H04L63/0227 , G06K9/6202 , G06Q10/107 , H04L51/12 , H04L63/20
摘要: Methods and systems for operation upon one or more data processors for detecting image spam by detecting an image and analyzing the content of the image to determine whether the incoming communication comprises an unwanted communication.
摘要翻译: 用于通过检测图像并分析图像的内容来确定进入的通信是否包含不需要的通信的用于在一个或多个数据处理器上操作以检测图像垃圾邮件的方法和系统。
-
-
-
-
-
-
-
-
-
搜索结果
22 条记录 (耗时 0.019 秒)
