JP2010516007A - コンピュータ不正行為を検出するための方法及び装置 - Google Patents

コンピュータ不正行為を検出するための方法及び装置 Download PDF

Info

Publication number
JP2010516007A
JP2010516007A JP2009545843A JP2009545843A JP2010516007A JP 2010516007 A JP2010516007 A JP 2010516007A JP 2009545843 A JP2009545843 A JP 2009545843A JP 2009545843 A JP2009545843 A JP 2009545843A JP 2010516007 A JP2010516007 A JP 2010516007A
Authority
JP
Japan
Prior art keywords
destination
candidate destination
graphical representation
candidate
text version
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
JP2009545843A
Other languages
English (en)
Japanese (ja)
Other versions
JP2010516007A5 (enExample
Inventor
ルーマン、ジョン
フェルマ、ディネシュ
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
International Business Machines Corp
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Publication of JP2010516007A publication Critical patent/JP2010516007A/ja
Publication of JP2010516007A5 publication Critical patent/JP2010516007A5/ja
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1483Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • H04L61/4505Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
    • H04L61/4511Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Automation & Control Theory (AREA)
  • Information Transfer Between Computers (AREA)
  • Burglar Alarm Systems (AREA)
  • Debugging And Monitoring (AREA)
  • Hardware Redundancy (AREA)
  • Computer And Data Communications (AREA)
JP2009545843A 2007-01-16 2007-12-12 コンピュータ不正行為を検出するための方法及び装置 Pending JP2010516007A (ja)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/623,516 US9521161B2 (en) 2007-01-16 2007-01-16 Method and apparatus for detecting computer fraud
PCT/EP2007/063845 WO2008086924A1 (en) 2007-01-16 2007-12-12 Method and apparatus for detecting computer fraud

Publications (2)

Publication Number Publication Date
JP2010516007A true JP2010516007A (ja) 2010-05-13
JP2010516007A5 JP2010516007A5 (enExample) 2010-09-09

Family

ID=39345456

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2009545843A Pending JP2010516007A (ja) 2007-01-16 2007-12-12 コンピュータ不正行為を検出するための方法及び装置

Country Status (11)

Country Link
US (2) US9521161B2 (enExample)
EP (1) EP2104901B1 (enExample)
JP (1) JP2010516007A (enExample)
KR (1) KR20090108000A (enExample)
AT (1) ATE497620T1 (enExample)
BR (1) BRPI0720343B1 (enExample)
CA (1) CA2673322C (enExample)
DE (1) DE602007012369D1 (enExample)
ES (1) ES2359466T3 (enExample)
IL (1) IL200487A (enExample)
WO (1) WO2008086924A1 (enExample)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2014197375A (ja) * 2013-03-04 2014-10-16 株式会社オプティム セキュリティサーバ、ユーザ端末、ウェブページ鑑定方法、セキュリティサーバ用プログラム
WO2015098253A1 (ja) * 2013-12-26 2015-07-02 株式会社ニコン 電子機器
WO2018066426A1 (ja) * 2016-10-07 2018-04-12 国立研究開発法人産業技術総合研究所 偽ウェブページ判別装置、偽ウェブページ判別システム、偽ウェブページ判別方法及び偽ウェブページ判別プログラム
JP2018190374A (ja) * 2017-05-08 2018-11-29 デジタルア−ツ株式会社 情報処理装置、情報処理システム、プログラム、記録媒体及び情報処理方法
WO2020021811A1 (ja) * 2018-07-25 2020-01-30 日本電信電話株式会社 解析装置、解析方法及び解析プログラム

Families Citing this family (64)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9412123B2 (en) 2003-07-01 2016-08-09 The 41St Parameter, Inc. Keystroke analysis
US10999298B2 (en) 2004-03-02 2021-05-04 The 41St Parameter, Inc. Method and system for identifying users and detecting fraud by use of the internet
US11301585B2 (en) 2005-12-16 2022-04-12 The 41St Parameter, Inc. Methods and apparatus for securely displaying digital images
US8938671B2 (en) 2005-12-16 2015-01-20 The 41St Parameter, Inc. Methods and apparatus for securely displaying digital images
US8151327B2 (en) 2006-03-31 2012-04-03 The 41St Parameter, Inc. Systems and methods for detection of session tampering and fraud prevention
US8220047B1 (en) 2006-08-09 2012-07-10 Google Inc. Anti-phishing system and method
US7725585B2 (en) * 2006-08-31 2010-05-25 Red Hat, Inc. Methods and systems for alerting a user interface with full destination information
US20080162449A1 (en) * 2006-12-28 2008-07-03 Chen Chao-Yu Dynamic page similarity measurement
US7958555B1 (en) * 2007-09-28 2011-06-07 Trend Micro Incorporated Protecting computer users from online frauds
US8315951B2 (en) * 2007-11-01 2012-11-20 Alcatel Lucent Identity verification for secure e-commerce transactions
US9325731B2 (en) * 2008-03-05 2016-04-26 Facebook, Inc. Identification of and countermeasures against forged websites
US8850569B1 (en) * 2008-04-15 2014-09-30 Trend Micro, Inc. Instant messaging malware protection
US8307431B2 (en) * 2008-05-30 2012-11-06 At&T Intellectual Property I, L.P. Method and apparatus for identifying phishing websites in network traffic using generated regular expressions
GB0813668D0 (en) * 2008-07-25 2008-09-03 Ixico Ltd Image data fraud detection systems
GB2462456A (en) * 2008-08-08 2010-02-10 Anastasios Bitsios A method of determining whether a website is a phishing website, and apparatus for the same
US8346754B2 (en) * 2008-08-19 2013-01-01 Yahoo! Inc. Generating succinct titles for web URLs
US8255997B2 (en) 2008-09-29 2012-08-28 At&T Intellectual Property I, L.P. Contextual alert of an invasion of a computer system
US8904540B1 (en) * 2008-12-17 2014-12-02 Symantec Corporation Method and apparatus for evaluating hygiene of a computer
US9112850B1 (en) 2009-03-25 2015-08-18 The 41St Parameter, Inc. Systems and methods of sharing information through a tag-based consortium
US9027100B2 (en) * 2010-01-05 2015-05-05 Yahoo! Inc. Client-side ad caching for lower ad serving latency
US8566950B1 (en) * 2010-02-15 2013-10-22 Symantec Corporation Method and apparatus for detecting potentially misleading visual representation objects to secure a computer
CN102457500B (zh) * 2010-10-22 2015-01-07 北京神州绿盟信息安全科技股份有限公司 一种网站扫描设备和方法
US9122870B2 (en) 2011-09-21 2015-09-01 SunStone Information Defense Inc. Methods and apparatus for validating communications in an open architecture system
AU2012312319B2 (en) * 2011-09-21 2016-03-31 Sunstone Information Defense, Inc Methods and apparatus for validating communications in an open architecture system
US8700913B1 (en) * 2011-09-23 2014-04-15 Trend Micro Incorporated Detection of fake antivirus in computers
US10754913B2 (en) 2011-11-15 2020-08-25 Tapad, Inc. System and method for analyzing user device information
US9633201B1 (en) 2012-03-01 2017-04-25 The 41St Parameter, Inc. Methods and systems for fraud containment
US9521551B2 (en) 2012-03-22 2016-12-13 The 41St Parameter, Inc. Methods and systems for persistent cross-application mobile device identification
US9432401B2 (en) 2012-07-06 2016-08-30 Microsoft Technology Licensing, Llc Providing consistent security information
WO2014022813A1 (en) 2012-08-02 2014-02-06 The 41St Parameter, Inc. Systems and methods for accessing records via derivative locators
KR101723099B1 (ko) * 2012-08-06 2017-04-04 엠파이어 테크놀로지 디벨롭먼트 엘엘씨 브라우저 공격에 대한 방어
WO2014078569A1 (en) 2012-11-14 2014-05-22 The 41St Parameter, Inc. Systems and methods of global identification
US9215242B2 (en) * 2012-12-19 2015-12-15 Dropbox, Inc. Methods and systems for preventing unauthorized acquisition of user information
US11386181B2 (en) * 2013-03-15 2022-07-12 Webroot, Inc. Detecting a change to the content of information displayed to a user of a website
US20150067853A1 (en) * 2013-08-27 2015-03-05 Georgia Tech Research Corporation Systems and methods for detecting malicious mobile webpages
US10902327B1 (en) 2013-08-30 2021-01-26 The 41St Parameter, Inc. System and method for device identification and uniqueness
US10554682B2 (en) 2014-07-31 2020-02-04 Namogoo Technologies Ltd. Detecting and removing injected elements from content interfaces
US10091312B1 (en) 2014-10-14 2018-10-02 The 41St Parameter, Inc. Data structures for intelligently resolving deterministic and probabilistic device identifiers to device profiles and/or groups
US9473531B2 (en) * 2014-11-17 2016-10-18 International Business Machines Corporation Endpoint traffic profiling for early detection of malware spread
US11023117B2 (en) * 2015-01-07 2021-06-01 Byron Burpulis System and method for monitoring variations in a target web page
RU2622626C2 (ru) * 2015-09-30 2017-06-16 Акционерное общество "Лаборатория Касперского" Система и способ обнаружения фишинговых сценариев
US9954877B2 (en) * 2015-12-21 2018-04-24 Ebay Inc. Automatic detection of hidden link mismatches with spoofed metadata
GB201605004D0 (en) * 2016-03-24 2016-05-11 Secr Defence A method of protecting a user from messages with links to malicious websites
US10097580B2 (en) 2016-04-12 2018-10-09 Microsoft Technology Licensing, Llc Using web search engines to correct domain names used for social engineering
US10193923B2 (en) * 2016-07-20 2019-01-29 Duo Security, Inc. Methods for preventing cyber intrusions and phishing activity
US20190019058A1 (en) * 2017-07-13 2019-01-17 Endgame, Inc. System and method for detecting homoglyph attacks with a siamese convolutional neural network
US10601866B2 (en) 2017-08-23 2020-03-24 International Business Machines Corporation Discovering website phishing attacks
WO2019089418A1 (en) * 2017-10-31 2019-05-09 Wood Michael C Computer security system and method based on user-intended final destination
US10943067B1 (en) * 2018-04-25 2021-03-09 Amazon Technologies, Inc. Defeating homograph attacks using text recognition
US10289836B1 (en) 2018-05-18 2019-05-14 Securitymetrics, Inc. Webpage integrity monitoring
US10984274B2 (en) * 2018-08-24 2021-04-20 Seagate Technology Llc Detecting hidden encoding using optical character recognition
KR102877312B1 (ko) 2018-09-12 2025-10-29 삼성전자주식회사 전자 장치 및 그의 제어 방법
US10885373B2 (en) * 2018-12-28 2021-01-05 Citrix Systems, Inc. Systems and methods for Unicode homograph anti-spoofing using optical character recognition
US11368477B2 (en) * 2019-05-13 2022-06-21 Securitymetrics, Inc. Webpage integrity monitoring
US11240267B1 (en) * 2019-12-19 2022-02-01 Massachusetts Mutual Life Insurance Company Identifying and blocking fraudulent websites
US10755095B1 (en) * 2020-01-02 2020-08-25 Capital One Services, Llc System for scanning solicitations for fraud detection
US11637863B2 (en) 2020-04-03 2023-04-25 Paypal, Inc. Detection of user interface imitation
US11985133B1 (en) * 2020-04-28 2024-05-14 Equinix, Inc. Gating access to destinations on a network
US20220191177A1 (en) * 2020-12-10 2022-06-16 Kalibro Technologies Ltd. System and method for securing messages
US11882152B2 (en) 2021-07-30 2024-01-23 Bank Of America Corporation Information security system and method for phishing website identification based on image hashing
CN113923011B (zh) * 2021-09-30 2023-10-17 北京恒安嘉新安全技术有限公司 一种网络诈骗的预警方法、装置、计算机设备及存储介质
US12184691B2 (en) * 2021-12-09 2024-12-31 Blackberry Limited Identifying a phishing attempt
US20240064170A1 (en) * 2022-08-17 2024-02-22 International Business Machines Corporation Suspicious domain detection for threat intelligence
US12424009B1 (en) * 2022-11-30 2025-09-23 Whatfix Private Limited Processing techniques for fast and accurate identification of application screens using optical character recognition

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060179315A1 (en) * 2005-02-08 2006-08-10 Fujitsu Limited System and method for preventing fraud of certification information, and recording medium storing program for preventing fraud of certification information
WO2006120368A1 (en) * 2005-01-14 2006-11-16 Streamshield Networks Limited An anti-phishing system

Family Cites Families (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4468809A (en) 1981-12-23 1984-08-28 Ncr Corporation Multiple font OCR reader
WO2001069386A2 (en) 2000-03-14 2001-09-20 Speed-Trap.Com Ltd. Monitoring operation of and interaction with services provided over a network
US6813645B1 (en) 2000-05-24 2004-11-02 Hewlett-Packard Development Company, L.P. System and method for determining a customer associated with a range of IP addresses by employing a configurable rule engine with IP address range matching
US20020143814A1 (en) 2001-03-27 2002-10-03 The Code Corporation Systems and methods for automatic insertion of machine-readable graphical codes into printable documents
CA2414205C (en) 2002-10-15 2008-10-14 Electronic Imaging Systems Corporation System and method for detecting cheque fraud
US7624110B2 (en) 2002-12-13 2009-11-24 Symantec Corporation Method, system, and computer program product for security within a global computer network
US20090043765A1 (en) 2004-08-20 2009-02-12 Rhoderick John Kennedy Pugh Server authentication
WO2006026921A2 (en) 2004-09-07 2006-03-16 Metaswarm (Hongkong) Ltd. System and method to detect phishing and verify electronic advertising
US20060080735A1 (en) * 2004-09-30 2006-04-13 Usa Revco, Llc Methods and systems for phishing detection and notification
US20060282383A1 (en) * 2005-06-09 2006-12-14 Ncr Corporation Payment methods and systems enhanced with image comparison for detecting fraudulent checks
US20070068402A1 (en) 2005-09-26 2007-03-29 Pitney Bowes Incorporated Method and apparatus for printing images having fraud detection features
US8763113B2 (en) 2005-11-28 2014-06-24 Threatmetrix Pty Ltd Method and system for processing a stream of information from a computer network using node based reputation characteristics
US20070136213A1 (en) * 2005-12-08 2007-06-14 Pitney Bowes Incorporated Inline system to detect and show proof of indicia fraud
US8201259B2 (en) 2005-12-23 2012-06-12 International Business Machines Corporation Method for evaluating and accessing a network address
US20080046738A1 (en) * 2006-08-04 2008-02-21 Yahoo! Inc. Anti-phishing agent
US20080162449A1 (en) * 2006-12-28 2008-07-03 Chen Chao-Yu Dynamic page similarity measurement
US7882177B2 (en) * 2007-08-06 2011-02-01 Yahoo! Inc. Employing pixel density to detect a spam image
US8189924B2 (en) * 2008-10-15 2012-05-29 Yahoo! Inc. Phishing abuse recognition in web pages
US8448245B2 (en) * 2009-01-17 2013-05-21 Stopthehacker.com, Jaal LLC Automated identification of phishing, phony and malicious web sites

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006120368A1 (en) * 2005-01-14 2006-11-16 Streamshield Networks Limited An anti-phishing system
US20060179315A1 (en) * 2005-02-08 2006-08-10 Fujitsu Limited System and method for preventing fraud of certification information, and recording medium storing program for preventing fraud of certification information
JP2006221242A (ja) * 2005-02-08 2006-08-24 Fujitsu Ltd 認証情報詐取防止システム、プログラム及び方法

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2014197375A (ja) * 2013-03-04 2014-10-16 株式会社オプティム セキュリティサーバ、ユーザ端末、ウェブページ鑑定方法、セキュリティサーバ用プログラム
WO2015098253A1 (ja) * 2013-12-26 2015-07-02 株式会社ニコン 電子機器
WO2018066426A1 (ja) * 2016-10-07 2018-04-12 国立研究開発法人産業技術総合研究所 偽ウェブページ判別装置、偽ウェブページ判別システム、偽ウェブページ判別方法及び偽ウェブページ判別プログラム
JPWO2018066426A1 (ja) * 2016-10-07 2019-06-24 国立研究開発法人産業技術総合研究所 偽ウェブページ判別装置、偽ウェブページ判別システム、偽ウェブページ判別方法及び偽ウェブページ判別プログラム
JP2018190374A (ja) * 2017-05-08 2018-11-29 デジタルア−ツ株式会社 情報処理装置、情報処理システム、プログラム、記録媒体及び情報処理方法
WO2020021811A1 (ja) * 2018-07-25 2020-01-30 日本電信電話株式会社 解析装置、解析方法及び解析プログラム
JPWO2020021811A1 (ja) * 2018-07-25 2021-02-15 日本電信電話株式会社 解析装置、解析方法及び解析プログラム

Also Published As

Publication number Publication date
BRPI0720343B1 (pt) 2019-05-28
CA2673322A1 (en) 2008-07-24
KR20090108000A (ko) 2009-10-14
EP2104901A1 (en) 2009-09-30
BRPI0720343A2 (pt) 2018-12-04
US9521161B2 (en) 2016-12-13
US20080172741A1 (en) 2008-07-17
CA2673322C (en) 2017-04-11
DE602007012369D1 (de) 2011-03-17
US20120304295A1 (en) 2012-11-29
ES2359466T3 (es) 2011-05-23
IL200487A (en) 2013-05-30
US9083735B2 (en) 2015-07-14
IL200487A0 (en) 2010-04-29
ATE497620T1 (de) 2011-02-15
EP2104901B1 (en) 2011-02-02
WO2008086924A1 (en) 2008-07-24

Similar Documents

Publication Publication Date Title
US9521161B2 (en) Method and apparatus for detecting computer fraud
US12347212B2 (en) Visual domain detection systems and methods
Mahajan et al. Phishing website detection using machine learning algorithms
Suzuki et al. ShamFinder: An automated framework for detecting IDN homographs
US8943588B1 (en) Detecting unauthorized websites
Pan et al. Anomaly based web phishing page detection
US20130263263A1 (en) Web element spoofing prevention system and method
KR100935776B1 (ko) 네트워크 어드레스 평가 방법, 컴퓨터 판독 가능한 기록 매체, 컴퓨터 시스템, 네트워크 어드레스 액세스 방법, 컴퓨터 인프라를 활용하는 방법 및 기업의 네트워크 통신 트래픽의 분석을 수행하는 방법
RU2637477C1 (ru) Система и способ обнаружения фишинговых веб-страниц
Deshpande et al. Detection of phishing websites using Machine Learning
US8707426B1 (en) Method and apparatus for resolving a cousin domain name to detect web-based fraud
KR20090019451A (ko) 피싱 및 파밍 알림 방법 및 장치
KR20090090685A (ko) 웹 어플리케이션의 취약성 판단 방법 및 시스템
US10984274B2 (en) Detecting hidden encoding using optical character recognition
US12041076B2 (en) Detecting visual similarity between DNS fully qualified domain names
CN112948725A (zh) 基于机器学习的钓鱼网站url检测方法及系统
CN116366338B (zh) 一种风险网站识别方法、装置、计算机设备及存储介质
Samarasinghe et al. On cloaking behaviors of malicious websites
Tharani et al. Understanding phishers' strategies of mimicking uniform resource locators to leverage phishing attacks: A machine learning approach
CN113992390A (zh) 一种钓鱼网站的检测方法及装置、存储介质
JP2012088803A (ja) 悪性ウェブコード判別システム、悪性ウェブコード判別方法および悪性ウェブコード判別用プログラム
Piredda et al. Deepsquatting: Learning-based typosquatting detection at deeper domain levels
Sonowal What Does a Phishing URL Look Like?
KR102645870B1 (ko) 인공지능 알고리즘을 이용하여 피싱 사이트와 연관된 url을 검출하는 방법 및 장치
EP4174684A1 (en) Domain search program, method of searching domain, and information processing apparatus

Legal Events

Date Code Title Description
A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20100722

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20100722

A871 Explanation of circumstances concerning accelerated examination

Free format text: JAPANESE INTERMEDIATE CODE: A871

Effective date: 20100722

A975 Report on accelerated examination

Free format text: JAPANESE INTERMEDIATE CODE: A971005

Effective date: 20100817

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20100824

A02 Decision of refusal

Free format text: JAPANESE INTERMEDIATE CODE: A02

Effective date: 20110201