公开(公告)号：US20090187990A1

公开(公告)日：2009-07-23

申请号：US12414508

申请日：2009-03-30

申请人： Chris Lalonde ,  Quang Pham ,  Kevin Black ,  Andrew Brown ,  Mathew Henley

发明人： Chris Lalonde ,  Quang Pham ,  Kevin Black ,  Andrew Brown ,  Mathew Henley

IPC分类号： G06F21/00 ,  G06F17/30

CPC分类号： G06F21/563 ,  G06F2221/2119

摘要： A method and system to verify active content included within a markup language document store multiple instances of publication information (e.g., an e-commerce listing or e-mail message) in a database associated with a server system. The stored publication information includes active content (e.g., web pages that include an executable script or point to an executable script). Selected active content is retrieved from the database, and subject to a verification process. The verification process is to verify that the selected active content is not malicious. The selected active content is selectively published based on an outcome of the verification process.

摘要翻译： 验证包括在标记语言文档中的活动内容的方法和系统存储与服务器系统相关联的数据库中的发布信息（例如，电子商务列表或电子邮件消息）的多个实例。 存储的发布信息包括活动内容（例如，包括可执行脚本或指向可执行脚本的网页）。 从数据库中检索所选的活动内容，并进行验证过程。 验证过程是验证所选的活动内容不是恶意的。 基于验证过程的结果选择性地发布所选择的活动内容。

公开(公告)号：US20060041508A1

公开(公告)日：2006-02-23

申请号：US10923064

申请日：2004-08-20

申请人： Quang Pham ,  Mathew Henley ,  Andrew Brown ,  Jeremy Edberg

发明人： Quang Pham ,  Mathew Henley ,  Andrew Brown ,  Jeremy Edberg

IPC分类号： G06F17/60

CPC分类号： H04L63/1433 ,  G06Q20/4016 ,  H04L63/102 ,  H04L63/14 ,  H04L63/1408 ,  H04L63/1483

摘要： A method and system for tracking potentially fraudulent activities associated with one or more web sites is disclosed. The system includes a fraud tracking server connected to a fraud tracking database. The fraud tracking server includes a communications module to facilitate the exchange of data between the server and multiple client devices. The fraud tracking server receives data from one or more client devices that identifies a potential spoof site. The fraud tracking server also includes control logic to generate a spoof site tracking record in the fraud tracking database. The spoof site tracking record includes the data identifying the potential spoof site. After the spoof site tracking record has been created, the fraud tracking server notifies an administrator of the potential spoof site by communicating the data received and stored in the fraud tracking database to an administrator.

摘要翻译： 公开了一种用于跟踪与一个或多个网站相关联的潜在欺诈活动的方法和系统。 该系统包括连接到欺诈跟踪数据库的欺诈跟踪服务器。 欺诈跟踪服务器包括通信模块，以便于服务器与多个客户端设备之间的数据交换。 欺诈跟踪服务器从识别潜在欺骗站点的一个或多个客户端设备接收数据。 欺诈跟踪服务器还包括在欺诈跟踪数据库中产生欺骗性站点跟踪记录的控制逻辑。 欺骗网站跟踪记录包括识别潜在欺骗网站的数据。 在欺骗站点跟踪记录被创建之后，欺诈跟踪服务器通过将接收并存储在欺诈跟踪数据库中的数据传送给管理员来向管理员通知潜在的欺骗站点。

公开(公告)号：US20060021031A1

公开(公告)日：2006-01-26

申请号：US10883454

申请日：2004-06-30

申请人： Scott Leahy ,  Jeffrey Taylor ,  Chris Lalonde ,  Ajay Agrawal ,  Kevin Embree ,  Jeffrey King ,  Andy Brown ,  Mathew Henley

发明人： Scott Leahy ,  Jeffrey Taylor ,  Chris Lalonde ,  Ajay Agrawal ,  Kevin Embree ,  Jeffrey King ,  Andy Brown ,  Mathew Henley

IPC分类号： G06F12/14

CPC分类号： H04L63/1441 ,  A61K2039/5154 ,  A61K2039/57 ,  C12N5/0636 ,  C12N2501/51 ,  C12N2501/515 ,  C12N2531/00 ,  C12N2533/40 ,  H04L29/12594 ,  H04L61/30 ,  H04L63/1483 ,  H04L67/02 ,  Y10S707/99943

摘要： A method and system to protect users against potentially fraudulent activities associated with spoof web sites are described. According to one aspect of the present invention, the URL of a document downloaded via a web browser client is compared to the URLs in a list of URLs for known spoof sites. If the URL for the downloaded document is found in the list of URLs for known spoof sites, a security indicator is displayed to the user to indicate to the user that the downloaded document is associated with a known spoof site. According to another aspect of the invention, a security server maintains a master black list and periodically communicates updates of the master black list to the local list of a client security application.

公开(公告)号：US20060156389A1

公开(公告)日：2006-07-13

申请号：US11027783

申请日：2004-12-30

申请人： Andrew Brown ,  Mathew Henley ,  Chris Lalonde

发明人： Andrew Brown ,  Mathew Henley ,  Chris Lalonde

IPC分类号： H04L9/32

CPC分类号： G06F21/552 ,  H04L63/10 ,  H04L63/102 ,  H04L63/1408 ,  H04L2463/102

摘要： A system for identifying perpetrators of fraudulent activity includes location logic for locating, extracting, or capturing identifying information from a client communication received from a client device. For example, the location logic may locate, or extract, a variety of message headers from an HTTP client request. The system may also include analyzer logic to analyze the identifying information, for example, by comparing the identifying information with previously captured identifying information from a previously received client communication. Finally, the system may include account identifier logic to identify user accounts associated with the previous client communication in which the same identifying information was extracted.

公开(公告)号：US20050283835A1

公开(公告)日：2005-12-22

申请号：US10875443

申请日：2004-06-23

申请人： Chris Lalonde ,  Quang Pham ,  Kevin Black ,  Andrew Brown ,  Mathew Henley

发明人： Chris Lalonde ,  Quang Pham ,  Kevin Black ,  Andrew Brown ,  Mathew Henley

IPC分类号： G06F11/30 ,  G06F12/14 ,  G06F21/00 ,  H04L9/00 ,  H04L9/32

CPC分类号： G06F21/563 ,  G06F2221/2119

摘要： A method and system to verify active content included within a markup language document store multiple instances of publication information (e.g., an e-commerce listing or e-mail message) in a database associated with a server system. The stored publication information includes active content (e.g., web pages that include an executable script or point to an executable script). Selected active content is retrieved from the database, and subject to a verification process. The verification process is to verify that the selected active content is not malicious. The selected active content is selectively published based on an outcome of the verification process.

摘要翻译： 验证包括在标记语言文档中的活动内容的方法和系统存储与服务器系统相关联的数据库中的发布信息（例如，电子商务列表或电子邮件消息）的多个实例。 存储的发布信息包括活动内容（例如，包括可执行脚本或指向可执行脚本的网页）。 从数据库中检索所选的活动内容，并进行验证过程。 验证过程是验证所选的活动内容不是恶意的。 基于验证过程的结果选择性地发布所选择的活动内容。

公开(公告)号：US07971245B2

公开(公告)日：2011-06-28

申请号：US10876134

申请日：2004-06-23

申请人： Chris Lalonde ,  Quang Pham ,  Kevin Black ,  Andrew Brown ,  Mathew Henley

发明人： Chris Lalonde ,  Quang Pham ,  Kevin Black ,  Andrew Brown ,  Mathew Henley

IPC分类号： H04L29/14

CPC分类号： G06F21/563 ,  G06F2221/2119 ,  H04L63/145

摘要： A method and system to verify active content in a server system include receiving a communication (e.g., an e-mail message or an e-commerce listing) that includes active content to be made accessible by the server system. A reference (e.g., a URL) within the active content is identified, the reference pointing to further data that is not included within the communication. This further data is to be retrieved when the active content is rendered. The reference is stored at the server system, and the further data, to which the reference points, is repetitively and periodically retrieved. Subsequent to each retrieval of the further data, a determination is made as to whether the further data is malicious.

摘要翻译： 一种用于验证服务器系统中的活动内容的方法和系统包括接收包括由服务器系统可访问的活动内容的通信（例如，电子邮件消息或电子商务列表）。 识别活动内容内的参考（例如，URL），该参考指向未包括在通信内的另外的数据。 当呈现活动内容时，将进一步检索此数据。 参考存储在服务器系统中，并且重复地和周期性地检索参考点的其他数据。 在每次检索另外的数据之后，确定进一步的数据是否是恶意的。

公开(公告)号：US20050283833A1

公开(公告)日：2005-12-22

申请号：US10876336

申请日：2004-06-23

申请人： Chris Lalonde ,  Andrew Brown ,  Mathew Henley ,  Quang Pham ,  Kevin Black

发明人： Chris Lalonde ,  Andrew Brown ,  Mathew Henley ,  Quang Pham ,  Kevin Black

IPC分类号： G06F17/00 ,  G06F21/00 ,  H04L29/06

CPC分类号： G06F21/56 ,  G06F21/50 ,  G06F21/51 ,  G06F21/566 ,  G06F21/60 ,  G06F2221/2115 ,  G06F2221/2119 ,  G06F2221/2151 ,  H04L63/1441

摘要： A method and system to verify active content at a server system include receiving, at the server system a communication (e.g., an e-mail message or e-commerce listing) that includes active content that is to be made accessible via the server system. At the server system, the active content is rendered to generate rendered active content. The rendered active content presents a representation of information and processes to which an end user will be subject. At the server system, the rendered active content is verified as not being malicious.

摘要翻译： 用于验证服务器系统的活动内容的方法和系统包括在服务器系统处接收包括可通过服务器系统访问的活动内容的通信（例如，电子邮件消息或电子商务列表）。 在服务器系统中，渲染活动内容以生成渲染的活动内容。 渲染的活动内容呈现最终用户将要受到的信息和过程的表示。 在服务器系统中，渲染的活动内容被验证为不是恶意的。

公开(公告)号：US08032938B2

公开(公告)日：2011-10-04

申请号：US12414508

申请日：2009-03-30

申请人： Chris Lalonde ,  Quang Pham ,  Kevin Black ,  Andrew Brown ,  Mathew Henley

发明人： Chris Lalonde ,  Quang Pham ,  Kevin Black ,  Andrew Brown ,  Mathew Henley

IPC分类号： G06F12/14

CPC分类号： G06F21/563 ,  G06F2221/2119

摘要： A method and system to compare rendered publication data. The publication data are accessed from a database and then rendered to produce rendered publication data. The rendered publication data are stored to provide a reference version. After a periodic time interval, the publication data are accessed again and rendered to product a second version of rendered publication data. The reference version and the second version of rendered publication data are compared and a notification is generated when a difference exists.

摘要翻译： 比较渲染发布数据的方法和系统。 从数据库访问发布数据，然后进行渲染以产生渲染出版数据。 存储呈现的发布数据以提供参考版本。 在周期性时间间隔之后，再次访问发布数据，并将其呈现给呈现发布数据的第二版本。 比较渲染发布数据的参考版本和第二版本，并且当存在差异时生成通知。

公开(公告)号：US07526810B2

公开(公告)日：2009-04-28

申请号：US10875443

申请日：2004-06-23

申请人： Chris Lalonde ,  Quang Pham ,  Kevin Black ,  Andrew Brown ,  Mathew Henley

发明人： Chris Lalonde ,  Quang Pham ,  Kevin Black ,  Andrew Brown ,  Mathew Henley

IPC分类号： G06F12/14

CPC分类号： G06F21/563 ,  G06F2221/2119

摘要： A method and system to verify active content included within a markup language document store multiple instances of publication information (e.g., an e-commerce listing or e-mail message) in a database associated with a server system. The stored publication information includes active content (e.g., web pages that include an executable script or point to an executable script). Selected active content is retrieved from the database, and subject to a verification process. The verification process is to verify that the selected active content is not malicious. The selected active content is selectively published based on an outcome of the verification process.

摘要翻译： 验证包括在标记语言文档中的活动内容的方法和系统存储与服务器系统相关联的数据库中的发布信息（例如，电子商务列表或电子邮件消息）的多个实例。 存储的发布信息包括活动内容（例如，包括可执行脚本或指向可执行脚本的网页）。 从数据库中检索所选的活动内容，并进行验证过程。 验证过程是验证所选的活动内容不是恶意的。 基于验证过程的结果选择性地发布所选择的活动内容。

公开(公告)号：US20050283836A1

公开(公告)日：2005-12-22

申请号：US10876134

申请日：2004-06-23

申请人： Chris Lalonde ,  Quang Pham ,  Kevin Black ,  Andrew Brown ,  Mathew Henley

发明人： Chris Lalonde ,  Quang Pham ,  Kevin Black ,  Andrew Brown ,  Mathew Henley

IPC分类号： G06F11/30 ,  G06F12/14 ,  G06F21/00 ,  H04L9/00 ,  H04L9/32

CPC分类号： G06F21/563 ,  G06F2221/2119 ,  H04L63/145

摘要： A method and system to verify active content in a server system include receiving a communication (e.g., an e-mail message or an e-commerce listing) that includes active content to be made accessible by the server system. A reference (e.g., a URL) within the active content is identified, the reference pointing to further data that is not included within the communication. This further data is to be retrieved when the active content is rendered. The reference is stored at the server system, and the further data, to which the reference points, is repetitively and periodically retrieved. Subsequent to each retrieval of the further data, a determination is made as to whether the further data is malicious.

摘要翻译： 一种用于验证服务器系统中的活动内容的方法和系统包括接收包括由服务器系统可访问的活动内容的通信（例如，电子邮件消息或电子商务列表）。 识别活动内容内的参考（例如，URL），该参考指向未包括在该通信内的另外的数据。 当呈现活动内容时，将进一步检索此数据。 参考存储在服务器系统中，并且重复地和周期性地检索参考点的其他数据。 在每次检索另外的数据之后，确定进一步的数据是否是恶意的。