公开(公告)号：US20170118225A1

公开(公告)日：2017-04-27

申请号：US15400876

申请日：2017-01-06

Applicant: Facebook, Inc.

Inventor： Ryan McGeehan ,  Lev Timourovich Popov ,  Christopher William Palow ,  Robert J. Read ,  Pedram Keyani

IPC: H04L29/06

CPC classification number: H04L63/107 ,  G06F21/316 ,  G06F2221/2111 ,  H04L63/08 ,  H04L63/1483

Abstract: User sessions are authenticated based on locations associated with a user account used for sending a request for creating a session. Examples of locations of a source of a request include a geographical location, a network address, or a machine cookie associated with a device sending the request. Locations of the request are compared with stored safe locations associated with the user account and a suspiciousness index is determined for the session. The level of authentication required for the session is determined based on the suspiciousness index. Locations are associated with a reputation based on past history of sessions originating from the locations. A location associated with a history of creating suspicious session is considered an unsafe location. Reputation of the location originating the session is used to determine the level of authentication required for the session.

公开(公告)号：US10165065B1

公开(公告)日：2018-12-25

申请号：US13796149

申请日：2013-03-12

Applicant: Facebook, Inc.

Inventor： Srinath Anantharaju ,  Ryan McGeehan ,  Michael Podobnik

IPC: G06F15/16 ,  H04L29/08

Abstract: The disclosed techniques provide systems and methods for detecting malicious or otherwise abusive access of private end-user data in social networking systems. More specifically, various malicious action detection procedures are described for identifying a target user account that is examined via a private data access, generating a relationship scorecard including various social factors that together indicate a measure of social connectedness between a source user that initiates the private data access and the target user whose account is examined via the private data access, and making a determination as to whether the private data access is potentially abusive based on the social connectedness.

公开(公告)号：US09900346B2

公开(公告)日：2018-02-20

申请号：US15093697

申请日：2016-04-07

Applicant: Facebook, Inc.

Inventor： Ryan McGeehan

IPC: G06F21/55 ,  H04L29/06

CPC classification number: H04L63/1483 ,  G06F21/55 ,  H04L63/1441 ,  H04L63/1491

Abstract: A system, a method, and computer program product identify a website that is a forgery of a primary website. Client side executable code is included in a page of the primary website, which page is copied in the forged website. The client side code, when executed by a client device, determines whether the domain from which the page is served is an authorized domain. Where the serving domain is not authorized, the client device is configured to alter the execute countermeasures against the forged website, such as altering operation of the forged page.

公开(公告)号：US09853983B2

公开(公告)日：2017-12-26

申请号：US15400876

申请日：2017-01-06

Applicant: Facebook, Inc.

Inventor： Ryan McGeehan ,  Lev Timourovich Popov ,  Christopher William Palow ,  Robert J. Read ,  Pedram Keyani

IPC: H04L29/06

CPC classification number: H04L63/107 ,  G06F21/316 ,  G06F2221/2111 ,  H04L63/08 ,  H04L63/1483

Abstract: User sessions are authenticated based on locations associated with a user account used for sending a request for creating a session. Examples of locations of a source of a request include a geographical location, a network address, or a machine cookie associated with a device sending the request. Locations of the request are compared with stored safe locations associated with the user account and a suspiciousness index is determined for the session. The level of authentication required for the session is determined based on the suspiciousness index. Locations are associated with a reputation based on past history of sessions originating from the locations. A location associated with a history of creating suspicious session is considered an unsafe location. Reputation of the location originating the session is used to determine the level of authentication required for the session.

公开(公告)号：US20160226908A1

公开(公告)日：2016-08-04

申请号：US15093697

申请日：2016-04-07

Applicant: Facebook, Inc.

Inventor： Ryan McGeehan

IPC: H04L29/06

CPC classification number: H04L63/1483 ,  G06F21/55 ,  H04L63/1441 ,  H04L63/1491

Abstract: A system, a method, and computer program product identify a website that is a forgery of a primary website. Client side executable code is included in a page of the primary website, which page is copied in the forged website. The client side code, when executed by a client device, determines whether the domain from which the page is served is an authorized domain. Where the serving domain is not authorized, the client device is configured to alter the execute countermeasures against the forged website, such as altering operation of the forged page.

Abstract translation: 系统，方法和计算机程序产品标识作为主要网站伪造的网站。 客户端可执行代码包含在主网站的页面中，该页面被复制在伪造的网站中。 客户端代码在由客户端设备执行时确定该页面被服务的域是否是授权域。 如果服务域未被授权，则客户端设备被配置为改变针对伪造网站的执行对策，例如改变伪造页面的操作。

公开(公告)号：US08943604B2

公开(公告)日：2015-01-27

申请号：US13777258

申请日：2013-02-26

Applicant: Facebook, Inc.

Inventor： Daniel Gregory Muriello ,  Jacob Andrew Brill ,  Siddharth Kar ,  Alexander Steven Rice ,  Ryan McGeehan

IPC: H04L29/06 ,  G06F21/60 ,  G06F21/31

CPC classification number: G06F21/60 ,  G06F21/31 ,  G06F2221/2133 ,  H04L63/08 ,  H04L63/10 ,  H04L63/20

Abstract: An online services system includes a mechanism for providing user confidence information to an external data consumer, and for determining user contribution quality. Using stored information about user actions and interactions, user confidence is evaluated for one or more parameters associated with the validity of the user's account and/or quality of the user's contributions to the online services system. Confidence values are assigned to each parameter, and the values are exposed to external data consumers. Using stored information, user actions and interactions are correlated with contribution quality to produce a metric indicative of user contribution quality. Users with low quality parameter metrics may have their contributions shown to a smaller audience or have a lower prominence in a news feed.

Abstract translation: 在线服务系统包括用于向外部数据消费者提供用户信心信息并确定用户贡献质量的机制。 使用存储的关于用户操作和交互的信息，评估与用户帐户的有效性和/或用户对在线服务系统的贡献的质量相关联的一个或多个参数的用户信心。 将置信度值分配给每个参数，并将这些值暴露给外部数据消费者。 使用存储的信息，用户动作和交互与贡献质量相关联，以产生指示用户贡献质量的度量。 具有低质量参数指标的用户可能会向较小的受众显示其贡献，或者在新闻Feed中具有较低的突出显着性。

公开(公告)号：US20140057596A1

公开(公告)日：2014-02-27

申请号：US13590806

申请日：2012-08-21

Applicant: Facebook Inc.

Inventor： Jacob Andrew Brill ,  Ryan McGeehan ,  Daniel Gregory Muriello

IPC: H04W12/06

CPC classification number: H04W12/06 ,  G06F21/316 ,  G06F2221/2101 ,  G06F2221/2111 ,  H04L63/126

Abstract: An online system determines whether a request for creating a session with the online system is suspicious. The online system associates a user account with a mobile key of a mobile device and geographical locations of the mobile device. The mobile key comprises unique identifier of the mobile device that is permanently stored on the mobile device. Upon receiving a request to create a session for the user account, the online system compares information associated with the user request with information describing the mobile device. For example, information associated with the user request can be a location determined by mapping internet protocol addresses obtained from the request. The online system determines whether the request is suspicious based on the comparison. If the online system determines that the request is suspicious, the online system may require enhanced authentication before granting the request.

Abstract translation: 在线系统确定与在线系统建立会话的请求是否可疑。 在线系统将用户帐户与移动设备的移动密钥和移动设备的地理位置相关联。 移动密钥包括永久存储在移动设备上的移动设备的唯一标识符。 在接收到为用户帐户创建会话的请求时，在线系统将与用户请求相关联的信息与描述移动设备的信息进行比较。 例如，与用户请求相关联的信息可以是通过映射从请求获得的互联网协议地址来确定的位置。 在线系统基于比较来确定请求是否可疑。 如果在线系统确定请求是可疑的，则在授予请求之前，在线系统可能需要增强认证。

公开(公告)号：US20130247212A1

公开(公告)日：2013-09-19

申请号：US13777258

申请日：2013-02-26

Applicant: FACEBOOK, INC

Inventor： Daniel Gregory Muriello ,  Jacob Andrew Brill ,  Siddharth Kar ,  Alexander Steven Rice ,  Ryan McGeehan

IPC: G06F21/60

CPC classification number: G06F21/60 ,  G06F21/31 ,  G06F2221/2133 ,  H04L63/08 ,  H04L63/10 ,  H04L63/20

Abstract: An online services system includes a mechanism for providing user confidence information to an external data consumer, and for determining user contribution quality. Using stored information about user actions and interactions, user confidence is evaluated for one or more parameters associated with the validity of the user's account and/or quality of the user's contributions to the online services system. Confidence values are assigned to each parameter, and the values are exposed to external data consumers. Using stored information, user actions and interactions are correlated with contribution quality to produce a metric indicative of user contribution quality. Users with low quality parameter metrics may have their contributions shown to a smaller audience or have a lower prominence in a news feed.

Abstract translation: 在线服务系统包括用于向外部数据消费者提供用户信心信息并确定用户贡献质量的机制。 使用存储的关于用户操作和交互的信息，评估与用户帐户的有效性和/或用户对在线服务系统的贡献的质量相关联的一个或多个参数的用户信心。 将置信度值分配给每个参数，并将这些值暴露给外部数据消费者。 使用存储的信息，用户动作和交互与贡献质量相关联，以产生指示用户贡献质量的度量。 具有低质量参数指标的用户可能会向较小的受众显示其贡献，或者在新闻Feed中具有较低的突出显着性。