公开(公告)号：US07958555B1

公开(公告)日：2011-06-07

申请号：US11906022

申请日：2007-09-28

申请人： Chih Sheng Chen ,  Shr-An Su ,  Yi-Chan Hung

发明人： Chih Sheng Chen ,  Shr-An Su ,  Yi-Chan Hung

IPC分类号： G06F11/00

CPC分类号： H04L63/1441 ,  G06F21/554 ,  G06F2221/2119 ,  H04L63/1483

摘要： Protecting computer users from online frauds, such as phishing and pharming. A client computer may include a page signature extractor and a policy enforcer. The page signature extractor may encode a web page to generate its signature, which may be provided to a remote server computer for comparison with signatures of phishing pages. The client computer and the server computer may communicate using the DNS protocol. The policy enforcer may perform one or more predetermined actions when a match is found. Examples of such actions include replacing the web page with a blocking page, displaying a warning message, or both. The policy enforcer may be configured to determine if the web page is part of a phishing or pharming attack by comparing the URL of the web page to URLs of legitimate web pages.

摘要翻译： 保护计算机用户免受在线欺诈，如网络钓鱼和制药。 客户端计算机可以包括页面签名提取器和策略执行器。 页面签名提取器可以编码网页以生成其签名，其可以提供给远程服务器计算机以与钓鱼页面的签名进行比较。 客户端计算机和服务器计算机可以使用DNS协议进行通信。 当发现匹配时，策略执行者可以执行一个或多个预定动作。 此类操作的示例包括用阻止页面替换网页，显示警告消息或两者。 策略执行者可以被配置为通过将网页的URL与合法网页的URL进行比较来确定网页是否是网络钓鱼或制药攻击的一部分。

公开(公告)号：US07854001B1

公开(公告)日：2010-12-14

申请号：US11771712

申请日：2007-06-29

申请人： Chih-Sheng Chen ,  Yao-Tang Chang ,  Shr-An Su

发明人： Chih-Sheng Chen ,  Yao-Tang Chang ,  Shr-An Su

IPC分类号： G06F11/00 ,  G06F15/16

CPC分类号： H04L63/1441 ,  H04L41/00 ,  H04L63/1483

摘要： A computer-implemented method for reducing phishing attacks that employ malicious websites is provided. The computer-implemented method includes gathering information about potentially malicious websites from a plurality of sources. The computer-implemented method also includes reducing the number of potentially malicious websites gathered; thereby creating a malicious website database that tracks at least a subset of the potentially malicious websites. In addition, the computer-implemented method includes generating a malicious website blacklist from the malicious website database, each website in the malicious website blacklist satisfying inclusion criteria, wherein the malicious website blacklist is employed to decide whether an access request to a given website is permitted.

摘要翻译： 提供了一种用于减少使用恶意网站的网络钓鱼攻击的计算机实现的方法。 计算机实现的方法包括从多个源收集关于潜在恶意网站的信息。 计算机实现的方法还包括减少收集的潜在恶意网站的数量; 从而创建一个恶意网站数据库，跟踪潜在恶意网站的至少一个子集。 此外，计算机实现的方法包括从恶意网站数据库生成恶意网站黑名单，恶意网站黑名单中的每个网站满足入围标准，其中采用恶意网站黑名单来决定是否允许对给定网站的访问请求 。

公开(公告)号：US08443447B1

公开(公告)日：2013-05-14

申请号：US12536725

申请日：2009-08-06

申请人： Chih-Sheng Chen ,  Shr-An Su ,  Yao-Tang Chang

发明人： Chih-Sheng Chen ,  Shr-An Su ,  Yao-Tang Chang

IPC分类号： H04L12/26

CPC分类号： H04L63/145

摘要： One embodiment relates to a computer-implemented method for detecting malware-infected electronic mail messages. A server computer monitors an email account which is associated with a unique email address for receipt of an email message, the unique email address being associated with a unique contact in an address book on a client computer. The server computer determines that an email message addressed to the unique email address has been received and performs automated analysis to confirm that the email message contains malware. Other embodiments, aspects and features are also disclosed.

摘要翻译： 一个实施例涉及用于检测恶意软件感染的电子邮件消息的计算机实现的方法。 服务器计算机监视与用于接收电子邮件消息的唯一电子邮件地址相关联的电子邮件帐户，该唯一电子邮件地址与客户端计算机上的地址簿中的唯一联系人相关联。 服务器计算机确定已收到寻址到唯一电子邮件地址的电子邮件，并执行自动分析以确认该电子邮件包含恶意软件。 还公开了其它实施例，方面和特征。

公开(公告)号：US09811664B1

公开(公告)日：2017-11-07

申请号：US13209807

申请日：2011-08-15

申请人： Cheng-Hsin Hsu ,  Peng-Shih Pu ,  Chih-Chia Chen ,  Shr-An Su

发明人： Cheng-Hsin Hsu ,  Peng-Shih Pu ,  Chih-Chia Chen ,  Shr-An Su

IPC分类号： G06F21/00 ,  G06F21/56 ,  H04L29/06

CPC分类号： G06F21/563 ,  G06F21/564 ,  H04L63/1416 ,  H04L63/145

摘要： Unwanted web contents are detected in an endpoint computer. The endpoint computer receives a web page from a website. The reputation of the website is determined and the web page is scanned for malicious codes to protect the endpoint computer from web threats. To further protect the endpoint computer from web threats including mutating unwanted web contents, page structure traits of the web page are generated and compared to page structure traits of other web pages detected to contain unwanted web contents.

公开(公告)号：US08924546B1

公开(公告)日：2014-12-30

申请号：US13425638

申请日：2012-03-21

申请人： Shu-Ying Liao ,  Peng-Shih Pu ,  Shr-An Su

发明人： Shu-Ying Liao ,  Peng-Shih Pu ,  Shr-An Su

IPC分类号： G06F15/173

CPC分类号： H04L12/1435 ,  H04L67/02 ,  H04L67/2819 ,  H04M15/8038 ,  H04M15/8214 ,  H04M15/83 ,  H04M15/835 ,  H04M15/8351 ,  H04M15/844 ,  H04M15/846 ,  H04M15/852 ,  H04M15/853 ,  H04M15/88 ,  H04W4/18

摘要： A mobile computing device includes a roaming bandwidth advisor for determining size information of web data (e.g., webpage, streaming media) before the web data is received in the mobile computing device. The mobile computing device may cooperatively work with a cloud computing system to obtain size information of the web data. Roaming fee information (e.g., the size of the web data and/or associated roaming fee) for receiving the web data is displayed on the mobile computing device before a request for the web data is sent out of the mobile computing device.

摘要翻译： 移动计算设备包括用于在移动计算设备中接收到web数据之前确定web数据（例如，网页，流媒体）的大小信息的漫游带宽顾问。 移动计算设备可以与云计算系统协同工作以获得网络数据的大小信息。 在从移动计算设备发送对web数据的请求之前，在移动计算设备上显示用于接收网络数据的漫游费用信息（例如，网络数据的大小和/或相关联的漫游费用）。