公开(公告)号：US09231971B2

公开(公告)日：2016-01-05

申请号：US14070903

申请日：2013-11-04

申请人： F-Secure Corporation

发明人： Andrew Patel ,  Igor Afanasiev ,  Veli-Jussi Kesti ,  Urmas Rahu ,  Yury Yakovlev ,  Jarkko Konola ,  Janne Pirttilahti

IPC分类号： G06F21/55 ,  G06F21/51 ,  H04L29/06 ,  G06F21/50

CPC分类号： H04L63/1441 ,  G06F21/50 ,  G06F21/51 ,  G06F21/55 ,  G06F2221/2119 ,  H04L63/1425

摘要： According to an aspect of the invention, there is provided a method of protecting a user from a compromised web resource. The method may include monitoring a user's requests for trusted web resources to determine one or more web resources to be checked. The method may include querying a network database based on the determined one or more web resources to obtain historical data relating to whether any of the one or more web resources has been compromised at any time during a preceding time period. The method may include providing a predetermined response to protect the user if any of the one or more web resources has been compromised.

摘要翻译： 根据本发明的一个方面，提供了一种保护用户免受受损网络资源的方法。 该方法可以包括监视用户对可信web资源的请求以确定要检查的一个或多个web资源。 该方法可以包括基于所确定的一个或多个web资源来查询网络数据库，以获得有关一个​​或多个Web资源中的任一个是否已经在之前时间段内的任何时间受到损害的历史数据。 该方法可以包括提供预定响应以保护用户，如果一个或多个web资源中的任何一个已被破坏。

公开(公告)号：US20140130165A1

公开(公告)日：2014-05-08

申请号：US14070903

申请日：2013-11-04

申请人： F-Secure Corporation

发明人： Andrew PATEL ,  Igor Afanasiev ,  Veli-Jussi Kesti ,  Urmas Rahu ,  Yury Yakovlev ,  Jarkko Konola ,  Janne Pirttilahti

IPC分类号： H04L29/06

CPC分类号： H04L63/1441 ,  G06F21/50 ,  G06F21/51 ,  G06F21/55 ,  G06F2221/2119 ,  H04L63/1425

摘要： According to an aspect of the invention, there is provided a method of protecting a user from a compromised web resource. The method may include monitoring a user's requests for trusted web resources to determine one or more web resources to be checked. The method may include querying a network database based on the determined one or more web resources to obtain historical data relating to whether any of the one or more web resources has been compromised at any time during a preceding time period. The method may include providing a predetermined response to protect the user if any of the one or more web resources has been compromised.

摘要翻译： 根据本发明的一个方面，提供了一种保护用户免受受损网络资源的方法。 该方法可以包括监视用户对可信web资源的请求以确定要检查的一个或多个web资源。 该方法可以包括基于所确定的一个或多个web资源来查询网络数据库，以获得有关一个​​或多个Web资源中的任一个是否已经在之前时间段内的任何时间受到损害的历史数据。 该方法可以包括提供预定响应以保护用户，如果一个或多个web资源中的任何一个已被破坏。

公开(公告)号：US10033746B2

公开(公告)日：2018-07-24

申请号：US14253228

申请日：2014-04-15

申请人： F-Secure Corporation

发明人： Jarno Niemela ,  Veli-Jussi Kesti

IPC分类号： G06F11/00 ,  H04L29/06 ,  G06F21/55 ,  G06F21/62

摘要： Methods, apparatus, systems are provided for use in detecting unauthorized changes to websites of web operators. Authorized content policy sets for each of a multiplicity of websites from web operators are collected and stored. In addition, content information obtained in respect web content downloaded from said websites by a multiplicity of client devices, client proxy devices, and/or client gateway devices is used to identify websites that do not conform to respective policy sets. Alerts are sent to the web operator of any non-conforming website. Optionally, alerts may be sent to client devices, client gateway devices, and/or client proxy devices for use in scanning or blocking the web content from non-conforming websites.

公开(公告)号：US09275228B2

公开(公告)日：2016-03-01

申请号：US14184845

申请日：2014-02-20

申请人： F-Secure Corporation

发明人： Jarno Niemela ,  Veli-Jussi Kesti

IPC分类号： G06F9/00 ,  G06F21/57 ,  H04L29/06

CPC分类号： G06F21/57 ,  H04L63/0853 ,  H04L2463/082

摘要： Methods are detailed for online fraud prevention. In one approach state information of a first and a second device is monitored, both of which are associated with one user. During a multi-factor authentication procedure which utilizes at least one of the first and the second devices for authorizing a transaction by an Internet domain, a security server participates in a supplemental security procedure which is conditional on the monitored state information. In another approach the second device receives a message that is ostensibly related to multi-factor authorization by an Internet domain, and in response sends a query about state information of the first device. Based on the response to the query that indicates the state information, the second device performs a supplemental security procedure.

摘要翻译： 网络欺诈预防方法详细。 在一种方法中，监视第一和第二设备的信息，两者都与一个用户相关联。 在利用第一和第二设备中的至少一个用于由因特网域授权交易的多因素认证过程中，安全服务器参与补充安全过程，该安全过程以所监视的状态信息为条件。 在另一种方法中，第二设备接收表面上与互联网域的多因素授权相关的消息，并且响应于发送关于第一设备的状态信息的查询。 基于指示状态信息的对查询的响应，第二设备执行补充安全过程。