952 results about "Blacklist" patented technology

Cookie files received from cookie file sources (e.g., Internet websites) are screened based upon the recommendations of a service provider which downloads privacy protection criteria in the form of a “watch list” to a subscriber's client machine. A user-friendly interface allows the subscriber to optionally modify the watch list prior to it being used at the subscriber's client machine by assigning known cookie file sources to either a “trustlist” or a “blacklist.” A “composite list” is then generated and used by the client machine to screen cookie files. The subscriber receives updates from the service provider on either a periodic or “as-needed” basis using a “quick update algorithm.” A “privacy scanning algorithm” runs on the client machine and has two different modes of operation. The first is a continuous mode where unwanted cookie files are blocked from being stored at the client machine. The second is a periodic mode where the client machine is “scrubbed” of unwanted cookie files according to the privacy protection criteria.

Provided herein is an electronic message management platform that enables management and execution of electronic message campaigns while appropriately managing challenges presented by spam filters, black lists, and domain blocking technologies, and that includes elements for managing an electronic message campaign based on dynamic conditions, quality measures, engagement factors, and other measures, factors and conditions.

A phishing filter employs a plurality of heuristics or rules (in one embodiment, 12 rules) to detect and filter phishing attempts solicited by electronic mail. Generally, the rules fall within the following categories: (1) identification and analysis of the login URL (i.e., the “actual” URL) in the email, (2) analysis of the email headers, (3) analysis across URLs and images in the email other than the login URL, and (4) determining if the URL is accessible. The phishing filter does not need to be trained, does not rely on black or white lists and does not perform keyword analysis. The filter may be implemented as an alternative or supplemental to prior art spam detection filters.

The present disclosure provides a method for blocking crank calls by using cloud computing and a system thereof. In the method, a client(s) uploads a blacklist to a server; the server makes statistic according to blacklist data uploaded by the client(s) and determines a particular phone number be a crank phone number, generates an anti-crank policy and updates the generated anti-crank policy to the client(s); when receiving a call or a message from the crank phone number, the client executes the anti-crank policy.

The present disclosure relates to traffic monitoring through one or more access control servers configured configured for (i) routing server resource request messages to resource server(s), (ii) extracting information identifying a target server resource from data packets corresponding to one or more received server resource request messages, and (iii) selectively transmitting the received server resource request message to a resource server. The security server(s) is configured to receive a server resource request message data extracted from a server resource request message and initiate a first security response, wherein the initiated first security response is dependent on analysis of the server resource request message data. Responsive to identifying an indicator of compromise or that an originating terminal corresponding to the server resource request is identified within a blacklist, the first security response comprises non-transmission of at least one server resource request message by the access control server to a resource server.

In one method and apparatus for blocking unwanted calls in a callback system, parameters associated with a callback request (e.g., the user device to which the call is to be directed, the IP address from which the request originated or an identifier of the source computer from which the callback request originated, the party from whom the call is requested) are tracked for each call. A decision to automatically block the requested callback is made based on one or more criteria based on a combination of these parameters, which may be a total over a period of time. In a second method, one or both of the parties to the callback is queried as to whether the callback is unwanted and, if so, one or more parameters associated with the request are blacklisted.

The invention belongs to the technical field of computer defense and particularly discloses a method and a system for grading detection and prompt of a fishing website. The method includes transmitting uniform resource locator (URL) of a user current visit website to a server end, searching whether the URL is in the preset blacklist database or a white list database, allowing users to visit the current website if the URL in the white list database, preventing the users from visiting the current website and transmitting corresponding risk prompt information if the URL is in the blacklist database, obtaining page content information according to the URL if the URL is not in the blacklist database or the white list database, matching phishing website reference characteristics in a preset phishing website characteristic database with webpage content information and transmitting different risk prompt information according to different matching results. Risk prompt with different grades can be given according to characteristics of different websites, so that using safety of users can be further guaranteed.

A rootkit monitoring agent (RMA) built into an operating system (OS) kernel for detecting a kernel-based rootkit and preventing subsequent effects of the rootkit. The RMA is activated as a kernel process subsequent to the OS initialization and stores a good state of OS kernel data structures including the System Service Descriptor Table (SSDT) and Interrupt Descriptor Table (IDT). The RMA monitors the SSDT and IDT and detects that a hook previously stored in the good state is changed by an installation of suspect software. The RMA determines the suspect software is a kernel-based rootkit by determining a whitelist does not indicate the changed hook. The RMA restores the changed hook to its good state. The RMA updates a blacklist to reference the changed hook.

The invention relates to a method for defending against a denial of service attack based on a cloud computation platform, which solves the problem of the HTTP (HyperText Transfer Protocol) denial of service attack on a concrete application. A CPU (Central Processing Unit), a network throughput rate and the like are analyzed to determine whether the denial of service attack exists, and after the existence of an attack behavior is determined, access data is first intercepted; access users are subjected to redirected accesses, and identifying code technology with 4-digit random numbers/letters plus mathematical problems with fixed answers is adopted at Cookie; meanwhile, the number of the redirected accesses is defined to discriminate a legal user from an attacker, and therefore, the IP of the attacker is added to a blacklist, and is banned from accessing so as to filter the attacker; as for the attacks which are disguised as the legal user and continue to attack a server, the inherent elastic performance of the cloud computation platform is utilized to dynamically increase a network bandwidth and the number of virtual servers; and after a system is stabilized, an original system state is recovered, the bandwidth is recovered, and the virtual servers are removed so as to effectively defending against the denial of service attack.

The invention relates to the technical field of electric power industry information web page tamper prevention, in particular to a web page tamper prevention device based on web server cache matching and a method of the device. According to the web page tamper prevention device based on web server cache matching, a feature value of a suspected Trojan program in an IP response message is extracted, whether the feature value is matched with a black list database or not is judged through fuzzy matching, then the feature values of all information of an accessed web page are extracted to be precisely matched with web server cache data, and whether a web page accessed by a client side is tampered or not is judged. Fuzzy matching processing is carried out through a first detection module, the Trojan program and other malicious programs in the web page are detected, precise matching processing is carried out through a second detection module, the feature values of all the information of the accessed web page are compared with the web server cache data, the problem that existing web page tamper detection efficiency is low is solved, the web page can be effectively prevented from being tampered by a blacker, and website safety is greatly improved.

The invention relates to a system and method to filter the wasted mails on internet. At present there is a lot of wasted mails, human use keywords to filter it, build black name list, and set regulation to prevent, but the result is unobvious, hard to maintain, high requirement for professional skill. The invention consists of hardware, software which is installed on hardware and supported network, the software includes Linux operating system, analyzing engine for wasted mails, extended black name list, internet library and management interface. The periphery supporting network includes complain device for wasted mails, analyzing system for wasted mails, which can work as transparent gateway before LAN or mail sever, take over MX interface to work before mail sever. The method includes the hardware connection, telnet management, management of wasted mails and anti-waste setting, and the operation is convenient, easy to maintain, high identifying rate, high stability, low misjudgment rate, and plug and play.

The invention relates to a multi-stage phishing website detection method and detection system based on supervised learning. A first detection layer performs phishing website judgment based on a blacklist database or a white list database, the to-be-detected website is directly output if the website is matched with the blacklist database or the white list database; or a second detection layer extracts features of the to-be-detected website URL and constructs a classifier model to perform detection according to the URL features of the known phishing website; if the website is detected as a suspicious website, a third detection layer downloads the page of the to-be-detected website to acquire the page content features, and the classifier model is constructed according to the known phishing website content features so as to perform the detection; an output end outputs the result that to-be-detected website is the phishing website or the normal website, and adds the data to the blacklist database and the white list database. The primary black-white list judges the known website and reduces the detection cost; the secondary URL detects and distinguish the clear phishing website or the normal website; and the third-stage page content detection identifies the suspicious website of the secondary detection, the judgment result is precise; an identification result is accurate, and the detection time is short.

The invention provides a short message auditing system and method, and a method for constructing a short message auditing model. The auditing system includes a URL detection module, an error correction matching module, a URL blacklist and white list module, a URL content module, a real-time capture module, an auditing model, a model training module and a background management module. The auditingmethod comprises the following steps: capturing the URL in a short message by using the crawler technology in real time, modeling by combining the contents of the short message with webpage contents,and classifying the properties of to-be-audited short message contents via a machine learning algorithm, and finally determining to release or intercept the short message. Compared with the traditional auditing method according to the short message contents and the URL, the auditing method has the advantages of greatly improving the accuracy, shortening the URL by short URL service during the auditing, an performing personalized auditing according to different URL after skipping instead of single manner just like that in the traditional manner.

The invention provides a personalized recommendation method and system for friends and applications. The method comprises the steps that A, a recommendation score S is calculated; B, recommended content is displayed according to the recommendation score; C, a recommendation weight vector is adjusted according to feedback information about the recommended content from a user; D, the recommended content is updated according to the adjusted user recommendation weight vector. The personalized recommendation method and system have the advantages that the application range is wider, recommendation results are more accurate, the calculating speed is higher, calculation at idle time is achieved, a blacklist mechanism is adopted, the accuracy of information recommendation can be effectively improved, calculation cost is saved, and a good recommendation effect is achieved.

Provided herein is an electronic message management platform that enables management and execution of electronic message campaigns while appropriately managing challenges presented by spam filters, black lists, and domain blocking technologies, and that includes elements for managing an electronic message campaign based on dynamic conditions, quality measures, engagement factors, and other measures, factors and conditions.

The invention is applicable to communication technical field and provides a system for blacklist processing, a method and a device therefor. The method comprises the following steps: a. the report information is received and the reported number is obtained from the report information; b. the reported times of the reported number are counted in unit time, and the reported number is confirmed whether to be the blacklist number according to the statistical result, if yes, go to step c; and c. the reported number is sent to the mobile phone to be served as the blacklist number. The technical scheme provided in the invention effectively controls the bad communication behaviors and leads the services of the mobile phone side to be safer, more intelligent and more humanized.

The invention provides an attack request determination method. The method comprises the steps of receiving an access request; extracting first request information in the access request and matching the first request information with information in various preset blacklists supporting various matching parameters; and determining that the access request is an attack request when the information matches the information in any type of blacklist successfully. Through application of the technical scheme provided by the invention, the problem that in the prior art, a mode of determining the attack request only through the access times of an IP (Internet Protocol) address does not adapt to a CC (Challenge Collapsar) attack type of which access frequency for the IP address is not high, various CC attacks cannot be precisely identified and a manslaughter rate is high is solved; the access request can be judged based on various matching parameters; the judgment dimensionality is relatively wide;a judgment mode is relatively flexible; and a judgment result is relatively accurate.

The invention belongs to the field of mobile phone client side application software and internet. As mobile phone number information is traded and disclosed constantly, mobile phone harassing advertisements become more and more. The invention is used for blocking advertisements not concerned by mobile phone users. The system launches mobile phone users to upload harassing numbers, server side software automatically analyzes and confirms the harassing numbers, the collection and organization of harassing number blacklists and corresponding attributes at the server side are realized, and the harassing number blacklists and corresponding attributes are issued to the user mobile phone client side through a wired/wireless network. Therefore, the mobile phone users can automatically acquire batches of number blacklists, and the purpose of conveniently blocking and sending a large amount of harassing advertisements is achieved. Users can block harassing advertisements with specific attributes by setting the mobile phone client side.