-
公开(公告)号:US08185930B2
公开(公告)日:2012-05-22
申请号:US11935756
申请日:2007-11-06
IPC分类号: G06F17/00
CPC分类号: H04L63/1425 , H04L63/20
摘要: Methods and systems for adjusting control settings associated with filtering or classifying communications to a computer or a network. The adjustment of the control settings can include adjustment of policy and/or security settings associated with the computer or network. Ranges associated with the control settings can also be provided in some implementations.
摘要翻译: 用于调整与将计算机或网络通信过滤或分类相关联的控制设置的方法和系统。 控制设置的调整可以包括调整与计算机或网络相关联的策略和/或安全设置。 与控制设置相关的范围也可以在一些实现中提供。
-
公开(公告)号:US20110296519A1
公开(公告)日:2011-12-01
申请号:US13108493
申请日:2011-05-16
申请人: Curtis Ide , Sven Krasser , Dmitri Alperovitch
发明人: Curtis Ide , Sven Krasser , Dmitri Alperovitch
IPC分类号: G06F21/20
CPC分类号: G06F21/30 , G06F21/55 , H04L63/0218 , H04L63/0263 , H04L63/1441
摘要: Methods and systems for operation upon one or more data processors for reputation based firewall processing of communications. The reputation based firewall processing includes receiving a communication identifying an entity, retrieving the reputation of the entity identified by the communication, and handling the communication based upon the retrieved reputation.
摘要翻译: 用于在一个或多个数据处理器上操作以用于基于信誉的防火墙处理通信的方法和系统。 基于信誉的防火墙处理包括接收识别实体的通信,检索由通信识别的实体的信誉,以及基于所检索的信誉来处理通信。
-
53.发明授权公开(公告)号:US09106680B2
公开(公告)日:2015-08-11
申请号:US13170163
申请日:2011-06-27
CPC分类号: H04L63/1408 , H04L63/0227 , H04L63/0236 , H04L63/0245 , H04L63/14 , H04L63/1416
摘要: A method is provided in one example embodiment that includes generating a fingerprint based on properties extracted from data packets received over a network connection and requesting a reputation value based on the fingerprint. A policy action may be taken on the network connection if the reputation value received indicates the fingerprint is associated with malicious activity. The method may additionally include displaying information about protocols based on protocol fingerprints, and more particularly, based on fingerprints of unrecognized protocols. In yet other embodiments, the reputation value may also be based on network addresses associated with the network connection.
摘要翻译: 在一个示例实施例中提供了一种方法,其包括基于通过网络连接接收的数据分组提取的属性生成指纹,并且基于指纹请求信誉值。 如果接收到的信誉值指示指纹与恶意活动相关联,则可以对网络连接进行策略动作。 该方法可以另外包括基于协议指纹显示关于协议的信息,更具体地,基于无法识别的协议的指纹。 在其他实施例中,信誉值也可以基于与网络连接相关联的网络地址。
-
公开(公告)号:US08775619B2
公开(公告)日:2014-07-08
申请号:US12987730
申请日:2011-01-10
IPC分类号: G06F15/173
CPC分类号: H04L67/02 , H04L51/12 , H04L63/02 , H04L63/08 , H04L63/145 , H04L67/2823 , H04L69/04
摘要: A distributed proxy server system is operable to receive a request for Internet data from a user, obtain the user's identity, store at least one cookie on the user's web browser identifying the user, and filter undesired content before forwarding requested Internet data to the user. A master cookie is associated with the proxy server including user identity information, and an injected domain cookie is associated with the domain of the requested Internet data including user identity information.
摘要翻译: 分布式代理服务器系统可操作以从用户接收对因特网数据的请求,获取用户的身份,在用户的web浏览器上存储识别用户的至少一个cookie,并且在将所请求的因特网数据转发给用户之前过滤不需要的内容。 主cookie与代理服务器相关联,包括用户身份信息,并且注入的域cookie与所请求的因特网数据的域相关联,包括用户身份信息。
-
公开(公告)号:US08621559B2
公开(公告)日:2013-12-31
申请号:US13460878
申请日:2012-05-01
IPC分类号: G06F17/00
CPC分类号: H04L63/1425 , H04L63/20
摘要: Methods and systems for managing data communications are described. The method includes receiving a data communication; analyzing the data communication to determine a particular type of sender or recipient activity associated with the data communication based at least in part on an application of a plurality of tests to the data communication; assigning a total risk level to the data communication based at least in part on one or more risks associated with the particular type of sender or recipient activity and a tolerance for each of the one or more risks; comparing the total risk level assigned to the data communication with a maximum total acceptable level of risk; and allowing the data communication to be delivered to a recipient in response to the comparison indicating that the total risk level assigned to the data communication does not exceed the maximum total acceptable level of risk.
摘要翻译: 描述用于管理数据通信的方法和系统。 该方法包括接收数据通信; 分析数据通信以至少部分地基于对数据通信的多个测试的应用来确定与数据通信相关联的特定类型的发送者或接收者活动; 至少部分地基于与特定类型的发送者或接收者活动相关联的一个或多个风险以及针对所述一个或多个风险中的每一个的容忍度而将数据通信的总风险水平分配给数据通信; 将分配给数据通信的总风险水平与最大总可接受风险水平进行比较; 并且响应于指示分配给数据通信的总风险级别不超过最大总可接受风险水平的比较,允许数据通信被传送到接收者。
-
公开(公告)号:US20120174219A1
公开(公告)日:2012-07-05
申请号:US13108671
申请日:2011-05-16
申请人: Alejandro Manuel Hernandez , Paul Judge , Sven Krasser , Phyllis Adele Schneck , Jonathan Alexander Zdziarski
发明人: Alejandro Manuel Hernandez , Paul Judge , Sven Krasser , Phyllis Adele Schneck , Jonathan Alexander Zdziarski
IPC分类号: G06F21/00
CPC分类号: G06F21/57 , G06F21/562 , H04L63/02 , H04L63/1408 , H04W12/08 , H04W12/1208
摘要: Methods and systems for operation upon one or more data processors for assigning a reputation to a messaging entity by analyzing the attributes of the entity, correlating the attributes with known attributes to define relationships between entities sharing attributes, and attributing a portion of the reputation of one related entity to the reputation of the other related entity.
摘要翻译: 用于在一个或多个数据处理器上操作的方法和系统,用于通过分析实体的属性来将信誉分配给消息传递实体,将属性与已知属性相关联,以定义共享属性的实体之间的关系,以及将一部分信誉归一化 相关实体与其他相关实体的声誉。
-
57.发明申请SYSTEM AND METHOD FOR BOTNET DETECTION BY COMPREHENSIVE EMAIL BEHAVIORAL ANALYSIS 审中-公开通过综合电子邮件行为分析进行网络检测的系统和方法公开(公告)号:US20130247192A1
公开(公告)日:2013-09-19
申请号:US13037988
申请日:2011-03-01
申请人: Sven Krasser , Yuchun Tang , Zhenyu Zhong
发明人: Sven Krasser , Yuchun Tang , Zhenyu Zhong
IPC分类号: G06F21/00
CPC分类号: H04L63/1425 , H04L2463/144
摘要: A method is provided in one example embodiment that includes receiving message sender traits associated with email senders, and receiving a dataset of known malware identifiers and network addresses from a spamtrap. The message sender traits may include behavior features and/or content resemblance factors in various embodiments. The method further includes classifying the email senders as malicious or benign based on the behavior features, and further classifying the malicious senders by malware identifiers based on similarity of content resemblance factors and the dataset of known malware identifiers and network addresses. In certain specific embodiments, a supervised classifier, such as a support vector machine, may be used to classify the malicious senders by malware identifiers.
摘要翻译: 在一个示例实施例中提供了一种方法,其包括接收与电子邮件发送者相关联的消息发送者特征,以及从垃圾邮件捕获接收已知恶意软件标识符和网络地址的数据集。 消息发送者特征可以包括各种实施例中的行为特征和/或内容相似性因素。 该方法还包括基于行为特征将电子邮件发送者分类为恶意或良性,并且基于内容相似性因素与已知恶意软件标识符和网络地址的数据集的恶意软件标识符进一步对恶意发送者进行分类。 在某些具体实施例中,监督分类器(例如支持向量机)可用于通过恶意软件标识符对恶意发送者进行分类。
-
58.发明申请SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR SEGMENTING A DATABASE BASED, AT LEAST IN PART, ON A PREVALENCE ASSOCIATED WITH KNOWN OBJECTS INCLUDED IN THE DATABASE 审中-公开基于数据库的系统,方法和计算机程序产品,至少部分在与数据库中包含的已知对象相关的预防性公开(公告)号:US20130031111A1
公开(公告)日:2013-01-31
申请号:US13645164
申请日:2012-10-04
申请人: Nitin Jyoti , Prabhat Kumar Singh , Zhenyu Zhong , Guy William Welch Roberts , Jeffrey Martin Green , Sven Krasser
发明人: Nitin Jyoti , Prabhat Kumar Singh , Zhenyu Zhong , Guy William Welch Roberts , Jeffrey Martin Green , Sven Krasser
IPC分类号: G06F17/30
CPC分类号: G06F21/57 , G06F16/278
摘要: A system, method, and computer program product are provided for segmenting a database based, at least in part, on a prevalence associated with known objects included in the database. In operation, a database including a plurality of known objects is identified. Additionally, the database is segmented into a plurality of segments. Furthermore, each of the plurality of known objects are assigned to one of the plurality of segments, based at least in part on a prevalence associated with each of the plurality of known objects.
摘要翻译: 提供了系统,方法和计算机程序产品,用于至少部分地基于与包括在数据库中的已知对象相关联的流行率来分割数据库。 在操作中,识别包括多个已知对象的数据库。 此外,数据库被分割成多个段。 此外,至少部分地基于与多个已知对象中的每一个相关联的流行率将多个已知对象中的每一个分配给多个段中的一个。
-
公开(公告)号:US20110162070A1
公开(公告)日:2011-06-30
申请号:US12693765
申请日:2010-01-26
申请人: Sven Krasser , Yuchun Tang , Yuanchen He , Zhenyu Zhong
发明人: Sven Krasser , Yuchun Tang , Yuanchen He , Zhenyu Zhong
CPC分类号: G06F21/564 , G06F21/56
摘要: A computer network device receives a digital file and extracts a plurality of high level features from the file. The plurality of high level features are evaluated using a classifier to determine whether the file is benign or malicious. The file is forwarded to a requesting computer if the file is determined to be benign, and blocked if the file is determined to be malicious.
摘要翻译: 计算机网络设备接收数字文件并从文件中提取多个高级特征。 使用分类器评估多个高级特征以确定文件是良性还是恶意的。 如果文件被确定为良性,则将文件转发到请求计算机,如果该文件被确定为恶意文件,则该文件被阻止。
-
公开(公告)号:US08719939B2
公开(公告)日:2014-05-06
申请号:US12693765
申请日:2010-01-26
申请人: Sven Krasser , Yuchun Tang , Yuanchen He , Zhenyu Zhong
发明人: Sven Krasser , Yuchun Tang , Yuanchen He , Zhenyu Zhong
IPC分类号: H04L29/06
CPC分类号: G06F21/564 , G06F21/56
摘要: A computer network device receives a digital file and extracts a plurality of high level features from the file. The plurality of high level features are evaluated using a classifier to determine whether the file is benign or malicious. The file is forwarded to a requesting computer if the file is determined to be benign, and blocked if the file is determined to be malicious.
摘要翻译: 计算机网络设备接收数字文件并从文件中提取多个高级特征。 使用分类器评估多个高级特征以确定文件是良性还是恶意的。 如果文件被确定为良性,则将文件转发到请求计算机,如果该文件被确定为恶意文件,则该文件被阻止。
-
-
-
-
-
-
-
-
-
搜索结果
61 条记录 (耗时 0.026 秒)
