-
公开(公告)号:US20120297477A1
公开(公告)日:2012-11-22
申请号:US13110017
申请日:2011-05-18
申请人: Gil RAVIV
发明人: Gil RAVIV
IPC分类号: G06F21/00
CPC分类号: G06F21/316 , G06F21/00 , G06F21/554 , H04L63/1425 , H04L67/02 , H04L67/306
摘要: To protect a user of a social network, the user's activity is monitored during a baseline monitoring period to determine a baseline activity record. If subsequently monitored activity of the user deviates sufficiently from the baseline activity record to indicate abuse (hijacking) of the user's account, the abuse is mitigated, for example by notifying the user of the abuse. Monitored activity includes posting links, updating statuses, sending messages, and changing a profile. Monitoring also includes logging times of the user activity. Monitoring anomalous profile changes does not need a baseline.
摘要翻译: 为了保护社交网络的用户,在基线监视期间监视用户的活动以确定基线活动记录。 如果用户随后监视的活动与基准活动记录充分偏离,以表示用户帐户的滥用(劫持),则可以减轻虐待行为,例如通知用户虐待。 受监控的活动包括发布链接,更新状态,发送消息和更改配置文件。 监控还包括用户活动的记录时间。 监测异常情况变化不需要基线。
-
112.发明授权Methods for protecting against cookie-poisoning attacks in networked-communication applications 有权在网络通信应用中防止cookie中毒攻击的方法公开(公告)号:US08176539B2
公开(公告)日:2012-05-08
申请号:US12259305
申请日:2008-10-28
申请人: Ori Aldor , Neta Solomon
发明人: Ori Aldor , Neta Solomon
IPC分类号: G06F21/00
CPC分类号: H04L63/1466 , G06F21/64 , H04L63/123 , H04L67/02
摘要: The present invention discloses methods, media, and gateways for protecting against cookie-poisoning attacks in networked-communication applications. Methods include the steps of: creating a protected gateway cookie, generated by a gateway, for a server cookie, generated by a server, wherein the server cookie is received by the gateway in an HTTP response message; and validating, by the gateway, that a client cookie from a client request has a corresponding gateway cookie with expected field values. Preferably, the field values include at least one field value selected from the group consisting of: a name, a hash value computed over the server cookie, a hash-function index, a timestamp, a nonce, a hash value computed over newly-generated values, a path, a domain, an expiration, and an HTTP-only value. Preferably, the gateway cookie is signed with a secret key. Most preferably, the secret key is generated by a secret seed.
摘要翻译: 本发明公开了在网络通信应用中防止cookie中毒攻击的方法,媒体和网关。 方法包括以下步骤:创建由网关生成的用于由服务器生成的服务器cookie的受保护网关cookie,其中服务器cookie由网关在HTTP响应消息中接收; 并且由网关验证来自客户端请求的客户端cookie具有具有期望字段值的相应网关cookie。 优选地,字段值包括从由以下组成的组中选择的至少一个字段值:名称,通过服务器cookie计算的散列值,散列函数索引,时间戳,随机数,通过新生成的散列值 值,路径,域,到期和只有HTTP的值。 优选地,使用密钥对网关cookie进行签名。 最优选地,秘密密钥由秘密种子生成。
-
113.发明授权Methods for automatically generating natural-language news items from log files and status traces 有权从日志文件和状态跟踪自动生成自然语言新闻项目的方法公开(公告)号:US08090727B2
公开(公告)日:2012-01-03
申请号:US12123544
申请日:2008-05-20
申请人: Marina Lachtarnik , Gil Raviv
发明人: Marina Lachtarnik , Gil Raviv
IPC分类号: G06F17/30
CPC分类号: G06F17/27
摘要: Methods, for automatically generating natural-language news items from log files, including the steps of: gathering at least one data record; filtering at least one data record according to at least one rule to produce at least one filtered data set; aggregating at least one filtered data set; analyzing at least one filtered data set for at least one statistical trend; and automatically generating a news item based on at least one statistical trend. Preferably, the method further includes the step of: customizing the news item based on a relative importance of at least one statistical trend. Preferably, the method further includes the step of: performing a drill-down analysis on at least one statistical trend. Most preferably, the method further includes the step of: enriching the news item based on the drill-down analysis. Preferably, the method further includes the step of: embedding at least one graphical element into the news item.
摘要翻译: 用于从日志文件自动生成自然语言新闻项目的方法,包括以下步骤:收集至少一个数据记录; 根据至少一个规则对至少一个数据记录进行过滤以产生至少一个过滤的数据集; 聚合至少一个滤波数据集; 分析至少一个过滤数据集至少一个统计趋势; 并基于至少一个统计趋势自动生成新闻项目。 优选地,该方法还包括以下步骤:基于至少一个统计趋势的相对重要性定制新闻项目。 优选地,该方法还包括以下步骤:对至少一个统计趋势执行向下钻取分析。 最优选地,所述方法还包括以下步骤:基于所述向下分析来丰富所述新闻项目。 优选地,该方法还包括以下步骤:将至少一个图形元素嵌入到新闻项中。
-
114.发明申请METHODS FOR USER PROFILING FOR DETECTING INSIDER THREATS BASED ON INTERNET SEARCH PATTERNS AND FORENSICS OF SEARCH KEYWORDS 有权基于互联网搜索模式和搜索关键词威胁的用户分类检测内部威胁的方法公开(公告)号:US20100169971A1
公开(公告)日:2010-07-01
申请号:US12344229
申请日:2008-12-25
申请人: Gil RAVIV
发明人: Gil RAVIV
IPC分类号: G06F21/00
CPC分类号: H04L63/1408 , G06F21/316 , G06F21/552
摘要: Disclosed are methods for user profiling for detecting insider threats including the steps of: upon a client application sending a request for a link, extracting at least one search keyword from a search session associated with the request; classifying the link into at least one classification; determining whether at least one classification is a monitored classification; capturing search elements of search sessions associated with the monitored classification; acquiring usage data from the search elements to create a user profile associated with a user's search behavior; and performing a statistical analysis, on a search frequency for the monitored classification, on user profiles associated with many users. Preferably, the method includes: designating a profile as suspicious based on the statistical analysis exceeding a pre-determined threshold value, wherein the pre-determined threshold value is based on an expected search frequency for the profile and each respective grade for at least one risk-assessment dimension.
摘要翻译: 公开了用于检测内部威胁的用户分析的方法,包括以下步骤:在客户端应用发送链接请求时,从与请求相关联的搜索会话中提取至少一个搜索关键字; 将链接分为至少一个分类; 确定至少一个分类是否是受监视的分类; 捕获与所监视的分类相关联的搜索会话的搜索元素; 从所述搜索元素获取使用数据以创建与用户的搜索行为相关联的用户简档; 以及在与许多用户相关联的用户简档上对所监视的分类的搜索频率执行统计分析。 优选地,该方法包括:基于超过预定阈值的统计分析来将轮廓指定为可疑,其中所述预定阈值基于所述轮廓的预期搜索频率以及针对至少一个风险的每个相应等级 评估维度。
-
115.发明申请METHODS FOR PROTECTING AGAINST COOKIE-POISONING ATTACKS IN NETWORKED-COMMUNICATION APPLICATIONS 有权网络通信应用中防御COOKIE-DISISING攻击的方法公开(公告)号:US20100107234A1
公开(公告)日:2010-04-29
申请号:US12259305
申请日:2008-10-28
申请人: Ori Aldor , Neta Solomon
发明人: Ori Aldor , Neta Solomon
IPC分类号: G06F21/00
CPC分类号: H04L63/1466 , G06F21/64 , H04L63/123 , H04L67/02
摘要: The present invention discloses methods, media, and gateways for protecting against cookie-poisoning attacks in networked-communication applications. Methods include the steps of: creating a protected gateway cookie, generated by a gateway, for a server cookie, generated by a server, wherein the server cookie is received by the gateway in an HTTP response message; and validating, by the gateway, that a client cookie from a client request has a corresponding gateway cookie with expected field values. Preferably, the field values include at least one field value selected from the group consisting of: a name, a hash value computed over the server cookie, a hash-function index, a timestamp, a nonce, a hash value computed over newly-generated values, a path, a domain, an expiration, and an HTTP-only value. Preferably, the gateway cookie is signed with a secret key. Most preferably, the secret key is generated by a secret seed.
摘要翻译: 本发明公开了在网络通信应用中防止cookie中毒攻击的方法,媒体和网关。 方法包括以下步骤:创建由网关生成的用于由服务器生成的服务器cookie的受保护网关cookie,其中服务器cookie由网关在HTTP响应消息中接收; 并且由网关验证来自客户端请求的客户端cookie具有具有期望字段值的相应网关cookie。 优选地,字段值包括从由以下组成的组中选择的至少一个字段值:名称,通过服务器cookie计算的散列值,散列函数索引,时间戳,随机数,通过新生成的散列值 值,路径,域,到期和只有HTTP的值。 优选地,使用密钥对网关cookie进行签名。 最优选地,秘密密钥由秘密种子生成。
-
116.发明申请METHODS FOR AUTOMATICALLY GENERATING NATURAL-LANGUAGE NEWS ITEMS FROM LOG FILES AND STATUS TRACES 有权从日志文件和状态轨迹自动生成自然语言新闻项目的方法公开(公告)号:US20090292719A1
公开(公告)日:2009-11-26
申请号:US12123544
申请日:2008-05-20
申请人: Marina LACHTARNIK , Gil RAVIV
发明人: Marina LACHTARNIK , Gil RAVIV
IPC分类号: G06F17/30
CPC分类号: G06F17/27
摘要: Methods, for automatically generating natural-language news items from log files, including the steps of: gathering at least one data record; filtering at least one data record according to at least one rule to produce at least one filtered data set; aggregating at least one filtered data set; analyzing at least one filtered data set for at least one statistical trend; and automatically generating a news item based on at least one statistical trend. Preferably, the method further includes the step of: customizing the news item based on a relative importance of at least one statistical trend. Preferably, the method further includes the step of: performing a drill-down analysis on at least one statistical trend. Most preferably, the method further includes the step of: enriching the news item based on the drill-down analysis. Preferably, the method further includes the step of: embedding at least one graphical element into the news item.
摘要翻译: 用于从日志文件自动生成自然语言新闻项目的方法,包括以下步骤:收集至少一个数据记录; 根据至少一个规则对至少一个数据记录进行过滤以产生至少一个过滤的数据集; 聚合至少一个滤波数据集; 分析至少一个过滤数据集至少一个统计趋势; 并基于至少一个统计趋势自动生成新闻项目。 优选地,该方法还包括以下步骤:基于至少一个统计趋势的相对重要性定制新闻项目。 优选地,该方法还包括以下步骤:对至少一个统计趋势执行向下钻取分析。 最优选地,所述方法还包括以下步骤:基于所述向下分析来丰富所述新闻项目。 优选地,该方法还包括以下步骤:将至少一个图形元素嵌入到新闻项中。
-
117.发明申请METHODS AND DEVICES FOR ENFORCING NETWORK ACCESS CONTROL UTILIZING SECURE PACKET TAGGING 有权使用安全分组标签执行网络访问控制的方法和设备公开(公告)号:US20090249466A1
公开(公告)日:2009-10-01
申请号:US12056462
申请日:2008-03-27
申请人: Kirill MOTIL , Almog Cohen , Yaron Sheffer
发明人: Kirill MOTIL , Almog Cohen , Yaron Sheffer
CPC分类号: H04L63/0245 , H04L63/1441 , H04L63/164
摘要: Disclosed are methods, devices, and media for enforcing network access control, the method including the steps of: extracting a packet signature from a packet (or packet fragment) received from a network; storing the packet signature and the packet in a buffer; computing a buffer signature using a per-endpoint secret key; determining whether the packet signature and the buffer signature are identical; and upon determining the packet signature and the buffer signature are identical, transmitting the packet to a protocol stack. Preferably, the step of extracting includes extracting the packet signature from a field (e.g. identification field) of a header of the packet. Preferably, the method further includes the step of: upon determining the packet signature and the buffer signature are not identical, discarding the packet. Methods for receiving a packet from a protocol stack, and transmitting the packet to a network are disclosed as well.
摘要翻译: 公开了用于执行网络访问控制的方法,设备和媒体,该方法包括以下步骤:从从网络接收的分组(或分组片段)中提取分组签名; 将分组签名和分组存储在缓冲器中; 使用每端点秘密密钥计算缓冲区签名; 确定分组签名和缓冲器签名是否相同; 并且在确定分组签名和缓冲器签名是相同的时,将分组发送到协议栈。 优选地,提取步骤包括从分组报头的字段(例如标识字段)中提取分组签名。 优选地,该方法还包括以下步骤:在确定分组签名并且缓冲器签名不相同时,丢弃分组。 还公开了从协议栈接收分组并将分组发送到网络的方法。
-
118.发明申请公开(公告)号:US20070180513A1
公开(公告)日:2007-08-02
申请号:US11693032
申请日:2007-03-29
IPC分类号: G06F15/16
CPC分类号: H04L63/0218 , H04L29/12481 , H04L61/2557
摘要: A method for protecting data communications using a multiple processor device in which multiple processors are operatively connected by a transport mechanism for sharing data. One or more of the processors is programmed as a dispatcher and other processors are programmed with processes. Each of the processes enforce an identical security policy and/or perform an identical or specialized security function. Data streams are transferred respectively from the dispatcher to the processes through the transport mechanism. Control information is transmitted through the transport mechanism from one or more processes to the dispatcher. The control information specifies balancing load of the data streams between the processes. The dispatcher balances load based on the control information.
摘要翻译: 一种使用多处理器设备来保护数据通信的方法,其中多个处理器通过用于共享数据的传输机制可操作地连接。 一个或多个处理器被编程为调度器,并且其他处理器用进程编程。 每个进程执行相同的安全策略和/或执行相同或专门的安全功能。 数据流通过传送机制分别从调度器传送到进程。 控制信息通过传送机制从一个或多个进程传送到调度员。 控制信息指定进程之间的数据流的平衡负载。 调度员根据控制信息平衡负载。
-
-
-
-
-
-
-
搜索结果
118 条记录 (耗时 0.034 秒)
