-
公开(公告)号:US07689652B2
公开(公告)日:2010-03-30
申请号:US11031672
申请日:2005-01-07
IPC分类号: G06F15/16 , G06F15/173
CPC分类号: H04L51/28 , H04L29/1215 , H04L51/12 , H04L61/1564 , H04L63/0227 , H04L63/1441
摘要: Email spam filtering is performed based on a combination of IP address and domain. When an email message is received, an IP address and a domain associated with the email message are determined. A cross product of the IP address (or portions of the IP address) and the domain (or portions of the domain) is calculated. If the email message is known to be either spam or non-spam, then a spam score based on the known spam status is stored in association with each (IP address, domain) pair element of the cross product. If the spam status of the email message is not known, then the (IP address, domain) pair elements of the cross product are used to lookup previously determined spam scores. A combination of the previously determined spam scores is used to determine whether or not to treat the received email message as spam.
摘要翻译: 电子邮件垃圾邮件过滤是基于IP地址和域名的组合来执行的。 当接收到电子邮件消息时,确定与电子邮件消息相关联的IP地址和域。 计算IP地址(或IP地址的部分)和域(或域的部分)的交叉乘积。 如果电子邮件消息被称为垃圾邮件或非垃圾邮件,则根据已知垃圾邮件状态的垃圾邮件分数与交叉产品的每个(IP地址,域)对元素相关联地存储。 如果电子邮件的垃圾邮件状态未知,则交叉产品的(IP地址,域)对元素将用于查找先前确定的垃圾邮件分数。 使用先前确定的垃圾邮件分数的组合来确定是否将接收的电子邮件消息视为垃圾邮件。
-
公开(公告)号:US07693806B2
公开(公告)日:2010-04-06
申请号:US11766434
申请日:2007-06-21
CPC分类号: H04L51/12 , G06K9/6256 , G06Q10/06 , G06Q10/10
摘要: A system and method that facilitates and effectuates optimizing a classifier for greater performance in a specific region of classification that is of interest, such as a low false positive rate or a low false negative rate. A two-stage classification model can be trained and employed, where the first stage classification is optimized over the entire classification region and the second stage classifier is optimized for the specific region of interest. During training the entire set of training data is employed by a first stage classifier. Only data that is classified by the first stage classifier or by cross validation to fall within a region of interest is used to train the second stage classifier. During classification, data that is classified within the region of interest by the first classification is given the first stage classifier's classification value, otherwise the classification value for the instance of data from the second stage classifier is used.
摘要翻译: 促进并实现分类器在特定感兴趣区域中的更高性能的系统和方法,例如低假阳性率或低假阴性率。 可以训练和采用两阶段分类模型,其中对整个分类区域优化第一阶段分类,并针对特定的兴趣区域优化第二阶段分类器。 在训练期间,整套训练数据由第一阶段分类器采用。 仅使用由第一阶段分类器分类的数据或通过交叉验证落入感兴趣区域内的数据来训练第二阶段分类器。 在分类期间,通过第一分类对分类在感兴趣区域内的数据给予第一阶段分类器的分类值,否则使用来自第二阶段分类器的数据实例的分类值。
-
3.发明授权Training filters for detecting spasm based on IP addresses and text-related features 有权培训过滤器,用于根据IP地址和文本相关功能检测痉挛公开(公告)号:US07464264B2
公开(公告)日:2008-12-09
申请号:US10809163
申请日:2004-03-25
CPC分类号: H04L51/12 , G06Q10/107
摘要: The subject invention provides for an intelligent quarantining system and method that facilitates detecting and preventing spam. In particular, the invention employs a machine learning filter specifically trained using origination features such as an IP address as well as destination feature such as a URL. Moreover, the system and method involve training a plurality of filters using specific feature data for each filter. The filters are trained independently each other, thus one feature may not unduly influence another feature in determining whether a message is spam. Because multiple filters are trained and available to scan messages either individually or in combination (at least two filters), the filtering or spam detection process can be generalized to new messages having slightly modified features (e.g., IP address). The invention also involves locating the appropriate IP addresses or URLs in a message as well as guiding filters to weigh origination or destination features more than text-based features.
摘要翻译: 本发明提供了一种便于检测和防止垃圾邮件的智能隔离系统和方法。 特别地,本发明采用使用诸如IP地址之类的发起特征以及目的地特征(例如URL)专门训练的机器学习滤波器。 此外,该系统和方法涉及使用针对每个滤波器的特定特征数据来训练多个滤波器。 滤波器被彼此独立地训练,因此在确定消息是否是垃圾邮件时,一个特征可能不会不适当地影响另一特征。 由于多个过滤器被训练并可用于单独或组合扫描消息(至少两个过滤器),因此过滤或垃圾邮件检测过程可以推广到具有稍微修改的特征(例如,IP地址)的新消息。 本发明还涉及在消息中定位适当的IP地址或URL,以及引导过滤器比基于文本的特征更重要的起始或目的地特征。
-
公开(公告)号:US20080319932A1
公开(公告)日:2008-12-25
申请号:US11766434
申请日:2007-06-21
IPC分类号: G06F15/18
CPC分类号: H04L51/12 , G06K9/6256 , G06Q10/06 , G06Q10/10
摘要: A system and method that facilitates and effectuates optimizing a classifier for greater performance in a specific region of classification that is of interest, such as a low false positive rate or a low false negative rate. A two-stage classification model can be trained and employed, where the first stage classification is optimized over the entire classification region and the second stage classifier is optimized for the specific region of interest. During training the entire set of training data is employed by a first stage classifier. Only data that is classified by the first stage classifier or by cross validation to fall within a region of interest is used to train the second stage classifier. During classification, data that is classified within the region of interest by the first classification is given the first stage classifier's classification value, otherwise the classification value for the instance of data from the second stage classifier is used.
摘要翻译: 促进并实现分类器在特定感兴趣区域中的更高性能的系统和方法,例如低假阳性率或低假阴性率。 可以训练和采用两阶段分类模型,其中对整个分类区域优化第一阶段分类,并针对特定的兴趣区域优化第二阶段分类器。 在训练期间,整套训练数据由第一阶段分类器采用。 仅使用由第一阶段分类器分类的数据或通过交叉验证落入感兴趣区域内的数据来训练第二阶段分类器。 在分类期间,通过第一分类对分类在感兴趣区域内的数据给予第一阶段分类器的分类值,否则使用来自第二阶段分类器的数据实例的分类值。
-
公开(公告)号:US07634810B2
公开(公告)日:2009-12-15
申请号:US11129222
申请日:2005-05-13
申请人: Joshua T. Goodman , Paul S Rehfuss , Robert L. Rounthwaite , Manav Mishra , Geoffrey J Hulten , Kenneth G Richards , Aaron H Averbuch , Anthony P. Penta , Roderic C Deyo
发明人: Joshua T. Goodman , Paul S Rehfuss , Robert L. Rounthwaite , Manav Mishra , Geoffrey J Hulten , Kenneth G Richards , Aaron H Averbuch , Anthony P. Penta , Roderic C Deyo
CPC分类号: H04L63/1416 , H04L51/12 , H04L63/1466 , H04L63/1483
摘要: Phishing detection, prevention, and notification is described. In an embodiment, a messaging application facilitates communication via a messaging user interface, and receives a communication, such as an email message, from a domain. A phishing detection module detects a phishing attack in the communication by determining that the domain is similar to a known phishing domain, or by detecting suspicious network properties of the domain. In another embodiment, a Web browsing application receives content, such as data for a Web page, from a network-based resource, such as a Web site or domain. The Web browsing application initiates a display of the content, and a phishing detection module detects a phishing attack in the content by determining that a domain of the network-based resource is similar to a known phishing domain, or that an address of the network-based resource from which the content is received has suspicious network properties.
摘要翻译: 描述网络钓鱼检测,预防和通知。 在一个实施例中,消息收发应用促进通过消息收发用户界面的通信,并从域接收诸如电子邮件消息之类的通信。 钓鱼检测模块通过确定域与已知的网络钓鱼域相似,或通过检测域的可疑网络属性来检测通信中的网络钓鱼攻击。 在另一个实施例中,Web浏览应用程序从基于网络的资源(诸如网站或域)接收诸如网页的数据的内容。 Web浏览应用程序启动内容的显示,并且网络钓鱼检测模块通过确定基于网络的资源的域类似于已知的网络钓鱼域来检测内容中的网络钓鱼攻击,或者网络 - 收到内容的基于资源的资源具有可疑的网络属性。
-
公开(公告)号:US07660865B2
公开(公告)日:2010-02-09
申请号:US10917077
申请日:2004-08-12
申请人: Geoffrey J. Hulten , Joshua T. Goodman , Robert L. Rounthwaite , Manav Mishra , Elissa E. Murphy , John D. Mehr
发明人: Geoffrey J. Hulten , Joshua T. Goodman , Robert L. Rounthwaite , Manav Mishra , Elissa E. Murphy , John D. Mehr
CPC分类号: H04L51/12 , H04L63/0227 , H04L63/123
摘要: Disclosed are signature-based systems and methods that facilitate spam detection and prevention at least in part by calculating hash values for an incoming message and then determining a probability that the hash values indicate spam. In particular, the signatures generated for each incoming message can be compared to a database of both spam and good signatures. A count of the number of matches can be divided by a denominator value. The denominator value can be an overall volume of messages sent to the system per signature for example. The denominator value can be discounted to account for different treatments and timing of incoming messages. Furthermore, secure hashes can be generated by combining portions of multiple hashing components. A secure hash can be made from a combination of multiple hashing components or multiple combinations thereof. The signature based system can also be integrated with machine learning systems to optimize spam prevention.
摘要翻译: 公开了基于签名的系统和方法,其至少部分地通过计算输入消息的散列值,然后确定散列值指示垃圾邮件的概率来促进垃圾邮件检测和预防。 特别地,为每个传入消息生成的签名可以与垃圾邮件和良好签名的数据库进行比较。 匹配次数的计数可以除以分母值。 分母值可以是例如每个签名发送到系统的消息的总体积。 分母值可以折扣,以解决传入消息的不同处理和时间。 此外,可以通过组合多个散列分量的部分来生成安全散列。 可以从多个散列组件或其多个组合的组合形成安全散列。 基于签名的系统也可以与机器学习系统集成,以优化垃圾邮件防范。
-
公开(公告)号:US08291065B2
公开(公告)日:2012-10-16
申请号:US11537641
申请日:2006-09-30
申请人: Joshua T. Goodman , Paul S Rehfuss , Robert L. Rounthwaite , Manav Mishra , Geoffrey J Hulten , Kenneth G Richards , Aaron H Averbuch , Anthony P. Penta , Roderict C. Deyo
发明人: Joshua T. Goodman , Paul S Rehfuss , Robert L. Rounthwaite , Manav Mishra , Geoffrey J Hulten , Kenneth G Richards , Aaron H Averbuch , Anthony P. Penta , Roderict C. Deyo
IPC分类号: G06F15/173
CPC分类号: H04L63/1408 , H04L63/1441 , H04L63/1483
摘要: Phishing detection, prevention, and notification is described. In an embodiment, a messaging application facilitates communication via a messaging user interface, and receives a communication, such as an email message, from a domain. A phishing detection module detects a phishing attack in the communication by determining that the domain is similar to a known phishing domain, or by detecting suspicious network properties of the domain. In another embodiment, a Web browsing application receives content, such as data for a Web page, from a network-based resource, such as a Web site or domain. The Web browsing application initiates a display of the content, and a phishing detection module detects a phishing attack in the content by determining that a domain of the network-based resource is similar to a known phishing domain, or that an address of the network-based resource from which the content is received has suspicious network properties.
摘要翻译: 描述网络钓鱼检测,预防和通知。 在一个实施例中,消息收发应用促进通过消息收发用户界面的通信,并从域接收诸如电子邮件消息之类的通信。 钓鱼检测模块通过确定域与已知的网络钓鱼域相似,或通过检测域的可疑网络属性来检测通信中的网络钓鱼攻击。 在另一个实施例中,Web浏览应用程序从基于网络的资源(诸如网站或域)接收诸如网页的数据的内容。 Web浏览应用程序启动内容的显示,并且网络钓鱼检测模块通过确定基于网络的资源的域类似于已知的网络钓鱼域来检测内容中的网络钓鱼攻击,或者网络 - 收到内容的基于资源的资源具有可疑的网络属性。
-
公开(公告)号:US08065370B2
公开(公告)日:2011-11-22
申请号:US11265842
申请日:2005-11-03
申请人: Geoffrey J Hulten , Gopalakrishnan Seshadrinathan , Joshua T. Goodman , Manav Mishra , Robert C J Pengelly , Robert L. Rounthwaite , Ryan C Colvin
发明人: Geoffrey J Hulten , Gopalakrishnan Seshadrinathan , Joshua T. Goodman , Manav Mishra , Robert C J Pengelly , Robert L. Rounthwaite , Ryan C Colvin
IPC分类号: G06F15/16
摘要: Embodiments of proofs to filter spam are presented herein. Proofs are utilized to indicate a sender used a set amount of computer resources in sending a message in order to demonstrate the sender is not a “spammer”. Varying the complexity of the proofs, or the level of resources used to send the message, will indicate to the recipient the relative likelihood the message is spam. Higher resource usage indicates that the message may not be spam, while lower resource usage increases the likelihood a message is spam. Also, if the recipient requires a higher level of proof than received, the receiver may request the sender send additional proof to verify the message is not spam.
摘要翻译: 这里介绍了过滤垃圾邮件的示例的实施例。 证明用于指示发送者在发送消息时使用一定数量的计算机资源,以证明发件人不是“垃圾邮件发送者”。 改变证据的复杂性或用于发送消息的资源的级别将向接收者指示消息是垃圾邮件的相对可能性。 更高的资源使用率表示该邮件可能不是垃圾邮件,而较低的资源使用量增加了邮件是垃圾邮件的可能性。 另外,如果接收方需要比接收的更高级别的证明,则接收者可以请求发送者发送附加证明来验证该消息不是垃圾邮件。
-
公开(公告)号:US08135728B2
公开(公告)日:2012-03-13
申请号:US11619230
申请日:2007-01-03
CPC分类号: G06F17/241 , G06F17/27 , G06F17/30 , G06F17/30616
摘要: Extraction analysis techniques biased, in part, by query frequency information from a query log file and/or search engine cache are employed along with machine learning processes to determine candidate keywords and/or phrases of web documents. Web oriented features associated with the candidate keywords and/or phrases are also utilized to analyze the web documents. A keyword and/or phrase extraction mechanism can be utilized to score keywords and/or phrases in a web document and estimate a likelihood that the keywords and/or phrases are relevant, for example, in an advertising system and the like.
摘要翻译: 提取分析技术部分地通过来自查询日志文件和/或搜索引擎高速缓冲存储器的查询频率信息以及机器学习过程来偏移来确定web文档的候选关键字和/或短语。 与候选关键字和/或短语相关联的面向Web的功能也用于分析网络文档。 可以使用关键字和/或短语提取机制来评估网络文档中的关键字和/或短语,并估计关键词和/或短语相关的可能性,例如在广告系统等中。
-
公开(公告)号:US20080109425A1
公开(公告)日:2008-05-08
申请号:US11591937
申请日:2006-11-02
CPC分类号: G06F17/30719
摘要: Document summarization is performed by scoring individual words in sentences in a document or document cluster. Sentences from the document or document cluster are selected to form a summary based on the scores of the words contained in those sentences.
摘要翻译: 通过在文档或文档集群中的句子中的单个单词进行评分来执行文档摘要。 选择文档或文档集合中的句子,以便根据这些句子中包含的单词的分数来形成一个摘要。
-
-
-
-
-
-
-
-
-
搜索结果
107 条记录 (耗时 0.031 秒)
