公开(公告)号：US08676684B2

公开(公告)日：2014-03-18

申请号：US13085418

申请日：2011-04-12

申请人： Jim Newman ,  Bart Lonchar ,  Scott Waddell

发明人： Jim Newman ,  Bart Lonchar ,  Scott Waddell

IPC分类号： G06Q40/00

CPC分类号： G06Q40/02 ,  G06Q40/00

摘要： A method of determining a risk score indicating a risk that an electronic transaction will involve fraud and/or abuse. The method includes receiving transaction data associated with a not yet completed transaction from a merchant. The transaction data includes one or more characteristics related to the transaction. A profile is selected that identifies network devices each associated with the characteristics and having a device reputation. Next, a profile-based risk factor is determined as a function of a percentage of the network devices having a negative reputation. The risk score is determined as a function of the profile-based risk factor. In some embodiments, a transaction-based risk factor may also be determined. In such embodiments, the risk score is determined as a function of the profile-based and transaction-based risk factors. The risk score is provided to the merchant to be used thereby to determine whether to proceed with the transaction.

摘要翻译： 确定风险分数的方法，指示电子交易涉及欺诈和/或滥用的风险。 该方法包括从商家接收与尚未完成的交易相关联的交易数据。 交易数据包括与交易相关的一个或多个特征。 选择一个配置文件，用于标识每个与特性相关联并具有设备信誉的网络设备。 接下来，基于简档的风险因子被确定为具有负信誉的网络设备的百分比的函数。 风险分数是根据基于概况的风险因素确定的。 在一些实施例中，还可以确定基于事务的风险因素。 在这样的实施例中，风险评分被确定为基于简档和基于事务的风险因素的函数。 风险分数被提供给商家以被使用，从而确定是否进行交易。

公开(公告)号：US20120030083A1

公开(公告)日：2012-02-02

申请号：US13085418

申请日：2011-04-12

申请人： Jim Newman ,  Bart Lonchar ,  Scott Waddell

发明人： Jim Newman ,  Bart Lonchar ,  Scott Waddell

IPC分类号： G06Q40/02

CPC分类号： G06Q40/02 ,  G06Q40/00

摘要： A method of determining a risk score indicating a risk that an electronic transaction will involve fraud and/or abuse. The method includes receiving transaction data associated with a not yet completed transaction from a merchant. The transaction data includes one or more characteristics related to the transaction. A profile is selected that identifies network devices each associated with the characteristics and having a device reputation. Next, a profile-based risk factor is determined as a function of a percentage of the network devices having a negative reputation. The risk score is determined as a function of the profile-based risk factor. In some embodiments, a transaction-based risk factor may also be determined. In such embodiments, the risk score is determined as a function of the profile-based and transaction-based risk factors. The risk score is provided to the merchant to be used thereby to determine whether to proceed with the transaction.

摘要翻译： 确定风险分数的方法，指示电子交易涉及欺诈和/或滥用的风险。 该方法包括从商家接收与尚未完成的交易相关联的交易数据。 交易数据包括与交易相关的一个或多个特征。 选择一个配置文件，用于标识每个与特性相关联并具有设备信誉的网络设备。 接下来，基于简档的风险因子被确定为具有负信誉的网络设备的百分比的函数。 风险分数是根据基于概况的风险因素确定的。 在一些实施例中，还可以确定基于事务的风险因素。 在这样的实施例中，风险评分被确定为基于简档和基于事务的风险因素的函数。 风险分数被提供给商家以被使用，从而确定是否进行交易。

公开(公告)号：US06324656B1

公开(公告)日：2001-11-27

申请号：US09107964

申请日：1998-06-30

申请人： Robert Gleichauf ,  Steven Shanklin ,  Scott Waddell ,  Kevin Ziese

发明人： Robert Gleichauf ,  Steven Shanklin ,  Scott Waddell ,  Kevin Ziese

IPC分类号： G06F1100

CPC分类号： H04L41/12 ,  H04L63/1433

摘要： In one aspect of the invention, a computer implemented method for rules-driven multi-phase network vulnerability assessment is disclosed. The method comprises pinging devices on a network to discover devices with a connection to the network. Port scans are performed on the discovered devices and banners are collected. Information from the collected banners are stored as entries in a first database. Analysis is performed on the entries by comparing the entries with a rule set to determine potential vulnerabilities. The results of the analysis are stored in a second database.

摘要翻译： 在本发明的一个方面，公开了一种用于规则驱动的多阶段网络脆弱性评估的计算机实现方法。 该方法包括在网络上ping设备以发现具有与网络的连接的设备。 在发现的设备上执行端口扫描，并收集横幅。 来自收集的横幅的信息作为条目存储在第一个数据库中。 通过将条目与规则集进行比较来确定潜在的漏洞，对条目执行分析。 分析结果存储在第二个数据库中。