公开(公告)号：US20140053268A1

公开(公告)日：2014-02-20

申请号：US13889059

申请日：2013-05-07

Applicant: AT&T Intellectual Property I, L.P.

Inventor： Junlan Feng ,  Valerie Torres ,  Daniel G. Sheleheda

IPC: G06F21/55

CPC classification number: H04L63/1483 ,  G06F17/30887 ,  G06F21/554 ,  G06F21/566 ,  G06F21/57 ,  G06F2221/2101 ,  G06F2221/2119 ,  H04L63/0245 ,  H04L63/1441 ,  H04L67/02 ,  H04L67/10

Abstract: A method for detecting potential phishing URLs includes extracting a URL from a document, analyzing the URL context, and comparing the URL to stored trusted URLs and stored known phishing URLs. The URL context includes anchor text and surrounding content associated with the URL. The method further includes generating a phishing alert based on the comparing and the analyzing.

Abstract translation: 用于检测潜在的钓鱼URL的方法包括从文档中提取URL，分析URL上下文，以及将URL与存储的可信URL和存储的已知的钓鱼URL进行比较。 URL上下文包括与URL相关联的锚文本和周围内容。 该方法还包括基于比较和分析产生网络钓鱼警报。

公开(公告)号：US20190007296A1

公开(公告)日：2019-01-03

申请号：US16127338

申请日：2018-09-11

Applicant: AT&T Intellectual Property I, L.P.

Inventor： Daniel G. Sheleheda ,  Samuel Norman Alexander ,  John H. Hardenbergh ,  Joseph Harten ,  James Pace ,  Chaim Spielman

IPC: H04L12/26 ,  H04L29/06 ,  H04L12/24

CPC classification number: H04L43/16 ,  H04L41/0613 ,  H04L41/0622 ,  H04L41/069 ,  H04L43/02 ,  H04L43/024 ,  H04L43/0876 ,  H04L63/1408 ,  H04L63/1458

Abstract: A network device that operates as an analysis platform for analysis of event data records that can provide a flexible approach to event data record aggregation. For example, aggregation can be flexibly turned on or off and dynamically adjusted based on event record volume and other factors such as network capacity or throughput. Devices that are instructed to aggregate records can also be instructed to archive the raw records, e.g., to maintain a full fidelity log of events. Devices can further be instructed to utilize a mixed queue approach to determine an order to deliver those records that includes both older records and newer records.

公开(公告)号：US20170366440A1

公开(公告)日：2017-12-21

申请号：US15185152

申请日：2016-06-17

Applicant: AT&T INTELLECTUAL PROPERTY I, L.P.

Inventor： Daniel G. Sheleheda ,  Samuel Norman Alexander ,  John H. Hardenbergh ,  Joseph Harten ,  James Pace ,  Chaim Spielman

IPC: H04L12/26 ,  H04L12/24

CPC classification number: H04L43/16 ,  H04L41/069 ,  H04L43/02 ,  H04L43/0876 ,  H04L63/1408 ,  H04L63/1458

Abstract: A network device that operates as an analysis platform for analysis of event data records that can provide a flexible approach to event data record aggregation. For example, aggregation can be flexibly turned on or off and dynamically adjusted based on event record volume and other factors such as network capacity or throughput. Devices that are instructed to aggregate records can also be instructed to archive the raw records, e.g., to maintain a full fidelity log of events. Devices can further be instructed to utilize a mixed queue approach to determine an order to deliver those records that includes both older records and newer records.

公开(公告)号：US20150264086A1

公开(公告)日：2015-09-17

申请号：US14728286

申请日：2015-06-02

Applicant: AT&T Intellectual Property I, L.P.

Inventor： Junlan Feng ,  Valerie Torres ,  Daniel G. Sheleheda

IPC: H04L29/06 ,  G06F17/30 ,  H04L29/08

CPC classification number: H04L63/1483 ,  G06F17/30887 ,  G06F21/554 ,  G06F21/566 ,  G06F21/57 ,  G06F2221/2101 ,  G06F2221/2119 ,  H04L63/0245 ,  H04L63/1441 ,  H04L67/02 ,  H04L67/10

Abstract: A method for detecting potential phishing URLs includes extracting a URL from a document, analyzing the URL context, and comparing the URL to stored trusted URLs and stored known phishing URLs. The URL context includes anchor text and surrounding content associated with the URL. The method further includes generating a phishing alert based on the comparing and the analyzing.

公开(公告)号：US09058487B2

公开(公告)日：2015-06-16

申请号：US13889059

申请日：2013-05-07

Applicant: AT&T Intellectual Property I, L.P.

Inventor： Junlan Feng ,  Valerie Torres ,  Daniel G. Sheleheda

IPC: G06F11/00 ,  G06F21/55 ,  G06F21/56 ,  G06F21/57 ,  H04L29/06 ,  G06F17/30

CPC classification number: H04L63/1483 ,  G06F17/30887 ,  G06F21/554 ,  G06F21/566 ,  G06F21/57 ,  G06F2221/2101 ,  G06F2221/2119 ,  H04L63/0245 ,  H04L63/1441 ,  H04L67/02 ,  H04L67/10

Abstract: A method for detecting potential phishing URLs includes extracting a URL from a document, analyzing the URL context, and comparing the URL to stored trusted URLs and stored known phishing URLs. The URL context includes anchor text and surrounding content associated with the URL. The method further includes generating a phishing alert based on the comparing and the analyzing.

Abstract translation: 用于检测潜在的钓鱼URL的方法包括从文档中提取URL，分析URL上下文，以及将URL与存储的可信URL和存储的已知的钓鱼URL进行比较。 URL上下文包括与URL相关联的锚文本和周围内容。 该方法还包括基于比较和分析产生网络钓鱼警报。

公开(公告)号：US10516595B2

公开(公告)日：2019-12-24

申请号：US16127338

申请日：2018-09-11

Applicant: AT&T Intellectual Property I, L.P.

Inventor： Daniel G. Sheleheda ,  Samuel Norman Alexander ,  John H. Hardenbergh ,  Joseph Harten ,  James Pace ,  Chaim Spielman

IPC: H04L12/26 ,  H04L12/24 ,  H04L29/06

Abstract: A network device that operates as an analysis platform for analysis of event data records that can provide a flexible approach to event data record aggregation. For example, aggregation can be flexibly turned on or off and dynamically adjusted based on event record volume and other factors such as network capacity or throughput. Devices that are instructed to aggregate records can also be instructed to archive the raw records, e.g., to maintain a full fidelity log of events. Devices can further be instructed to utilize a mixed queue approach to determine an order to deliver those records that includes both older records and newer records.

公开(公告)号：US10103964B2

公开(公告)日：2018-10-16

申请号：US15185152

申请日：2016-06-17

Applicant: AT&T INTELLECTUAL PROPERTY I, L.P.

Inventor： Daniel G. Sheleheda ,  Samuel Norman Alexander ,  John H. Hardenbergh ,  Joseph Harten ,  James Pace ,  Chaim Spielman

IPC: H04L12/26 ,  H04L12/24

Abstract: A network device that operates as an analysis platform for analysis of event data records that can provide a flexible approach to event data record aggregation. For example, aggregation can be flexibly turned on or off and dynamically adjusted based on event record volume and other factors such as network capacity or throughput. Devices that are instructed to aggregate records can also be instructed to archive the raw records, e.g., to maintain a full fidelity log of events. Devices can further be instructed to utilize a mixed queue approach to determine an order to deliver those records that includes both older records and newer records.

公开(公告)号：US09521165B2

公开(公告)日：2016-12-13

申请号：US14728286

申请日：2015-06-02

Applicant: AT&T Intellectual Property I, L.P.

Inventor： Junlan Feng ,  Valerie Torres ,  Daniel G. Sheleheda

IPC: G06F11/00 ,  H04L29/06 ,  G06F21/56 ,  G06F21/57 ,  G06F21/55 ,  G06F17/30 ,  H04L29/08

CPC classification number: H04L63/1483 ,  G06F17/30887 ,  G06F21/554 ,  G06F21/566 ,  G06F21/57 ,  G06F2221/2101 ,  G06F2221/2119 ,  H04L63/0245 ,  H04L63/1441 ,  H04L67/02 ,  H04L67/10

Abstract: A method for detecting potential phishing URLs includes extracting a URL from a document, analyzing the URL context, and comparing the URL to stored trusted URLs and stored known phishing URLs. The URL context includes anchor text and surrounding content associated with the URL. The method further includes generating a phishing alert based on the comparing and the analyzing.