公开(公告)号：US09438626B1

公开(公告)日：2016-09-06

申请号：US13920500

申请日：2013-06-18

申请人： EMC Corporation

发明人： Ido Zilberberg ,  Lior Asher ,  Alex Zaslavsky ,  Marcelo Blatt

IPC分类号： H04L29/06 ,  G06F21/55

CPC分类号： H04L63/20 ,  G06F21/552 ,  H04L63/0263 ,  H04L63/1416 ,  H04L63/1441 ,  H04L2463/144

摘要： Methods, apparatus and articles of manufacture for risk scoring for internet protocol networks are provided herein. A method includes identifying a network to which a first network element belongs, wherein said first network element comprises corresponding risk-related information, determining each of one or more network elements previously identified as belonging to the network, and calculating a risk score assigned to the network, wherein said calculating comprises aggregating (i) the risk-related information corresponding to the first network element and (ii) risk-related information corresponding to each of the one or more network elements previously identified as belonging to the network.

摘要翻译： 本文提供了互联网协议网络风险评分的方法，装置和制造。 一种方法包括识别第一网络元件所属的网络，其中所述第一网络元件包括对应的风险相关信息，确定先前识别为属于网络的一个或多个网络元素中的每一个，以及计算分配给该网络的风险分数 网络，其中所述计算包括聚合（i）对应于第一网络元件的风险相关信息和（ii）与先前识别为属于网络的一个或多个网络元素中的每一个对应的风险相关信息。

公开(公告)号：US09038175B1

公开(公告)日：2015-05-19

申请号：US13919346

申请日：2013-06-17

申请人： EMC Corporation

发明人： Erez Yakoel ,  Lior Asher ,  Ido Zilberberg

IPC分类号： H04L29/06 ,  G06F21/57

CPC分类号： H04L63/1408 ,  G06F21/577

摘要： Methods, apparatus and articles of manufacture for providing an automatic electronic fraud network data quality feedback loop are provided herein. A method includes evaluating an item of input data provided by a given source, wherein the item of input data comprises a fraud-related status identifier provided by the given source, and wherein said evaluating comprises determining a level of accuracy associated with the fraud-related status identifier; outputting the determined level of accuracy associated with the fraud-related status identifier to the given source; and updating a trust measure associated with the given source based on the determined level of accuracy associated with the fraud-related status identifier provided by the given source.

摘要翻译： 本文提供了用于提供自动电子欺诈网络数据质量反馈环路的方法，装置和制造。 一种方法包括评估由给定源提供的输入数据项，其中所述输入数据项包括由所述给定源提供的与欺诈相关的状态标识符，并且其中所述评估包括确定与所述欺诈相关联的准确性水平 状态标识符; 将与所述欺诈相关状态标识符相关联的所确定的精度水平输出到所述给定源; 以及基于与由给定源提供的与欺诈相关的状态标识符相关联的所确定的精度级别来更新与给定源相关联的信任度量。

公开(公告)号：US10148673B1

公开(公告)日：2018-12-04

申请号：US14870218

申请日：2015-09-30

申请人： EMC Corporation

发明人： Zohar Duchin ,  Alon Kaufman ,  Oleg Freylafert ,  Lior Asher ,  Alex Zaslavsky

IPC分类号： H04L29/06

摘要： Techniques of operating intrusion detection systems provide a recommendation of an intrusion detection rule to an administrator of an intrusion detection system based on the experience of another administrator that has used the rule in another intrusion detection system. For example, suppose that electronic circuitry receives a numerical rating from a first intrusion detection system that indicates whether an intrusion detection rule was effective in identifying malicious activity when used in the first intrusion detection system. Based on the received rating and attributes of the first intrusion detection system, the electronic circuitry generates a predicted numerical rating that indicates whether the intrusion detection rule is likely to be effective in identifying malicious communications when used in a second intrusion detection system. If the predicted numerical rating is sufficiently high, then the electronic circuitry transmits a message to the second intrusion detection system recommending the intrusion detection rule for use in the second intrusion detection system.

公开(公告)号：US09124570B1

公开(公告)日：2015-09-01

申请号：US13928784

申请日：2013-06-27

申请人： EMC Corporation

发明人： Lior Asher ,  Ayelet Biger Levin ,  Marcelo Blatt

IPC分类号： G06F7/04 ,  H04L29/06

CPC分类号： H04L63/08

摘要： There is disclosed herein a technique for use in providing an assessment of authentication requests. In one embodiment, the technique comprises obtaining authentication data that relates to an attribute of authentication requests in a current time period and a previous time period. The technique also comprises applying a weight to the authentication data that relates to the attribute of authentication requests in the previous time period and performing a computation involving the weighted authentication data and the authentication data that relates to the attribute of authentication requests in the current time period. The computation producing a computational result. The technique still further comprises providing the computational result for use in processing future authentication requests.

摘要翻译： 这里公开了一种用于提供认证请求的评估的技术。 在一个实施例中，该技术包括获得与当前时间段和先前时间段中的认证请求的属性相关的认证数据。 该技术还包括对与前一时间段中的认证请求的属性相关的认证数据应用权重，并且执行涉及加权认证数据的计算和与当前时间段中的认证请求的属性相关的认证数据 。 计算产生计算结果。 该技术还包括提供用于处理未来认证请求的计算结果。

公开(公告)号：US09210147B1

公开(公告)日：2015-12-08

申请号：US13928880

申请日：2013-06-27

申请人： EMC Corporation

发明人： Ido Zilberberg ,  Lior Asher ,  Marcelo Blatt ,  Alex Zaslavsky

IPC分类号： H04L29/06

CPC分类号： H04L63/08 ,  H04L63/0876

摘要： There is disclosed a technique for use in providing an assessment of authentication requests. In one embodiment, the technique comprises receiving an authentication request with post-authentication feedback and an authentication request with no post-authentication feedback. In the same embodiment, the post-authentication feedback can include a marking indicating that the request is one of a genuine or fraudulent status after review by an analyst. If a request does not possess a post-authentication feedback then it is considered genuine status. The technique can then assign the status of the requests to a distinctive attribute associated with the requests before performing a computation which produces a computational result that is indicative of the risk associated with the distinctive attribute.

摘要翻译： 公开了一种用于提供认证请求的评估的技术。 在一个实施例中，该技术包括接收具有认证后反馈的认证请求和没有认证后反馈的认证请求。 在同一实施例中，认证后反馈可以包括指示在分析者审查之后请求是真实或欺诈状态之一的标记。 如果请求没有认证后的反馈，那么它被认为是真正的状态。 然后，该技术可以在执行计算之前将请求的状态分配给与请求相关联的独特属性，该计算产生指示与该特征属性相关联的风险的计算结果。