-
公开(公告)号:US09122877B2
公开(公告)日:2015-09-01
申请号:US13052739
申请日:2011-03-21
申请人: Dmitri Alperovitch , Sven Krasser
发明人: Dmitri Alperovitch , Sven Krasser
CPC分类号: H04L63/145 , G06F17/30106 , G06F21/577 , G06F2221/034 , H04L63/14 , H04L2463/144
摘要: A method is provided in one example embodiment and includes receiving a reputation value based on a hash of a file making a network connection and on a network address of a remote end of the network connection. The network connection may be blocked if the reputation value indicates the hash or the network address is associated with malicious activity. In more specific embodiments, the method may also include sending a query to a threat analysis host to request the reputation value. Additionally or alternatively the reputation value may be based on query patterns in particular embodiments. In yet more specific embodiments, the network connection may be an inbound connection and/or an outbound connection, and the reputation value may be based on a file reputation associated with the hash and a connection reputation associated with the network address of the remote end of the network connection.
摘要翻译: 在一个示例实施例中提供了一种方法,并且包括基于构成网络连接的文件的散列以及网络连接的远程端的网络地址来接收信誉值。 如果信誉值指示哈希或网络地址与恶意活动相关联,则可能会阻止网络连接。 在更具体的实施例中,该方法还可以包括向威胁分析主机发送查询请求信誉值。 附加地或替代地,信誉值可以基于特定实施例中的查询模式。 在更具体的实施例中,网络连接可以是入站连接和/或出站连接,并且信誉值可以基于与散列相关联的文件信誉以及与远程端的网络地址相关联的连接信誉 网络连接。
-
公开(公告)号:US20150040218A1
公开(公告)日:2015-02-05
申请号:US14305877
申请日:2014-06-16
申请人: Dmitri Alperovitch , Nick Black , Jeremy Gould , Paul Judge , Sven Krasser , Phyllis Adele Schneck , Yuchun Tang , Aarjav Jyotindra Neeta Trivedi , Lamar Lorenzo Willis , Weilai Yang , Jonathan Alexander Zdziarski
发明人: Dmitri Alperovitch , Nick Black , Jeremy Gould , Paul Judge , Sven Krasser , Phyllis Adele Schneck , Yuchun Tang , Aarjav Jyotindra Neeta Trivedi , Lamar Lorenzo Willis , Weilai Yang , Jonathan Alexander Zdziarski
CPC分类号: H04L63/0227 , G06K9/6202 , G06Q10/107 , H04L51/12 , H04L63/20
摘要: Methods and systems for operation upon one or more data processors for detecting image spam by detecting an image and analyzing the content of the image to determine whether the incoming communication comprises an unwanted communication.
摘要翻译: 用于通过检测图像并分析图像的内容来确定进入的通信是否包含不需要的通信的用于在一个或多个数据处理器上操作以检测图像垃圾邮件的方法和系统。
-
公开(公告)号:US20130247201A1
公开(公告)日:2013-09-19
申请号:US13052739
申请日:2011-03-21
申请人: Dmitri Alperovitch , Sven Krasser
发明人: Dmitri Alperovitch , Sven Krasser
IPC分类号: G06F21/20
CPC分类号: H04L63/145 , G06F17/30106 , G06F21/577 , G06F2221/034 , H04L63/14 , H04L2463/144
摘要: A method is provided in one example embodiment and includes receiving a reputation value based on a hash of a file making a network connection and on a network address of a remote end of the network connection. The network connection may be blocked if the reputation value indicates the hash or the network address is associated with malicious activity. In more specific embodiments, the method may also include sending a query to a threat analysis host to request the reputation value. Additionally or alternatively the reputation value may be based on query patterns in particular embodiments. In yet more specific embodiments, the network connection may be an inbound connection and/or an outbound connection, and the reputation value may be based on a file reputation associated with the hash and a connection reputation associated with the network address of the remote end of the network connection.
-
公开(公告)号:US08132250B2
公开(公告)日:2012-03-06
申请号:US11173941
申请日:2005-07-01
申请人: Paul Judge , Guru Rajan , Dmitri Alperovitch , Matt Moyer , Sven Krasser
发明人: Paul Judge , Guru Rajan , Dmitri Alperovitch , Matt Moyer , Sven Krasser
IPC分类号: G06F15/16
CPC分类号: G06Q10/107 , H04L51/12
摘要: Methods and systems for operation upon one or more data processors that classify communications from messaging entities. A method can include receiving a communication that was sent from a messaging entity. A plurality of message classification techniques is used to classify the communication. Each message classification technique is associated with a confidence value which is used in generating a message classification output from the message classification technique. The message classification outputs are combined in order to generate a message profile score. The message profile score is used in deciding what action is to be taken with respect to the communication associated with the messaging entity.
摘要翻译: 用于对一个或多个数据处理器进行操作的方法和系统,用于对通信实体进行分类。 一种方法可以包括接收从消息传送实体发送的通信。 使用多种消息分类技术对通信进行分类。 每个消息分类技术与用于从消息分类技术生成消息分类输出中使用的置信度值相关联。 消息分类输出被组合以便生成消息简档得分。 消息简档分数用于决定对于与消息传递实体相关联的通信采取什么动作。
-
公开(公告)号:US20110191423A1
公开(公告)日:2011-08-04
申请号:US12696828
申请日:2010-01-29
申请人: Sven Krasser , Dmitri Alperovitch , Yuchun Tang , Yuanchen He , Jonathan Zdziarski , Mark Gilbert
发明人: Sven Krasser , Dmitri Alperovitch , Yuchun Tang , Yuanchen He , Jonathan Zdziarski , Mark Gilbert
IPC分类号: G06F15/173 , G06F15/16
CPC分类号: G06F21/552
摘要: A system derives a reputation for a plurality of network addresses, the reputation of each network address determined by analyzing a plurality of high-level email features related to one or more emails originating from the network address. The plurality of high-level email features include domain registration analysis, hashed term frequency indexing, persistent communication, address age, correlation analysis, zombie detection, and hash vault matching.
摘要翻译: 系统通过分析与源自网络地址的一个或多个电子邮件相关的多个高级电子邮件特征来确定多个网络地址的信誉,每个网络地址的声誉。 多个高级电子邮件功能包括域注册分析,散列术语频率索引,持久通信,地址年龄,相关分析,僵尸检测和哈希库匹配。
-
公开(公告)号:US07693947B2
公开(公告)日:2010-04-06
申请号:US11423308
申请日:2006-06-09
IPC分类号: G06F15/16 , G06F15/173
CPC分类号: H04L41/142 , H04L41/12 , H04L41/22 , H04L43/026 , H04L43/045 , H04L63/1408 , H04W24/00
摘要: Systems and methods for graphically displaying messaging traffic flows by collecting messaging data, converting a portion of the messaging data to a geographical position and collecting statistics related to the messaging data for overlaying upon a geographical map.
摘要翻译: 用于图形地显示消息传递流量的系统和方法,其通过收集消息数据,将消息数据的一部分转换为地理位置,并且收集与消息传递数据相关的统计数据,以覆盖在地理地图上。
-
公开(公告)号:US20080184366A1
公开(公告)日:2008-07-31
申请号:US12020370
申请日:2008-01-25
申请人: Dmitri Alperovitch , Sven Krasser
发明人: Dmitri Alperovitch , Sven Krasser
CPC分类号: H04L51/12 , G06F11/008
摘要: Methods and systems for processing electronic communications based upon reputation. Reputation of an entity associated with the electronic communication can be generated. The communication can be placed in a queue based upon the reputation. The queued communication can be processed based upon updated information about the entity.
摘要翻译: 基于声誉处理电子通信的方法和系统。 可以生成与电子通信相关联的实体的信誉。 通信可以根据信誉放在队列中。 可以基于关于实体的更新信息来处理排队的通信。
-
公开(公告)号:US20070130351A1
公开(公告)日:2007-06-07
申请号:US11626479
申请日:2007-01-24
IPC分类号: G06F15/16
CPC分类号: H04L63/1425 , H04L51/12 , H04L63/168
摘要: Methods and systems for operation upon one or more data processors for aggregating reputation data from dispersed reputation engines and deriving global reputation information for use in handling received communications.
摘要翻译: 用于在一个或多个数据处理器上操作以用于聚合来自分散的信誉引擎的信誉数据并导出用于处理接收的通信的全局信誉信息的方法和系统。
-
公开(公告)号:US09292881B2
公开(公告)日:2016-03-22
申请号:US13538439
申请日:2012-06-29
CPC分类号: G06Q50/01 , G06Q10/00 , H04L63/104 , H04L63/107 , H04L63/14 , H04L63/1441 , H04L63/20
摘要: Techniques for social sharing security information between client entities forming a group are described herein. The group of client entities is formed as a result of a security server providing one or more secure mechanisms for forming a group among client entities, the client entities each belonging to a different organization. The security service then automatically shares security information of a client entity in the group with one or more other client entities in the group.
摘要翻译: 本文描述了形成组的客户实体之间的用于社交共享安全信息的技术。 客户端实体组由安全服务器的结果形成,该安全服务器提供一个或多个安全机制,用于在客户端实体之间形成组,每个属于不同组织的客户实体。 然后,安全服务自动与组中的一个或多个其他客户端实体共享组中的客户端实体的安全信息。
-
公开(公告)号:US20140007190A1
公开(公告)日:2014-01-02
申请号:US13538439
申请日:2012-06-29
IPC分类号: G06F21/00
CPC分类号: G06Q50/01 , G06Q10/00 , H04L63/104 , H04L63/107 , H04L63/14 , H04L63/1441 , H04L63/20
摘要: Techniques for social sharing security information between client entities forming a group are described herein. The group of client entities is formed as a result of a security server providing one or more secure mechanisms for forming a group among client entities, the client entities each belonging to a different organization. The security service then automatically shares security information of a client entity in the group with one or more other client entities in the group.
摘要翻译: 本文描述了形成组的客户实体之间的用于社交共享安全信息的技术。 客户端实体组由安全服务器的结果形成,该安全服务器提供一个或多个安全机制,用于在客户端实体之间形成组,每个属于不同组织的客户实体。 然后,安全服务自动与组中的一个或多个其他客户端实体共享组中的客户端实体的安全信息。
-
-
-
-
-
-
-
-
-
搜索结果
61 条记录 (耗时 0.037 秒)
