416 results about "Internet security" patented technology

Systems, program product, and methods related to dynamic Internet security and risk assessment and management, are provided. For example, a system, program product, and method of identifying and servicing actual customer requests to a defended or protected computer or server can include the steps / operations of receiving by the defended computer, a service request from each of a plurality of IP addresses associated with a separate one of a plurality of service requesting computers, sending an inspection code adapted to perform a virtual attack on each existing service requesting computers at each respective associated IP address, and restricting provision of services from the defended computer to a subset of the service requesting computers identified for restriction when a security feature of the respective service requesting computer is determined to have been defeated by the virtual attack.

Disclosed is a system and method for distributing connections among a plurality of servers at an Internet site. All connections are made to a single IP address and a local director selects the server from among the plurality of servers which is to receive the connection. Thus, the DNS server is not relied upon to distribute connections, and the connection distribution scheme is not avoided when DNS is bypassed. In one embodiment, a session distribution scheme is implemented such that connections are distributed to the server in the group of servers which has the fewest connections of the group. In other embodiments, other session distribution schemes which route connections based on the predicted response times of the servers or according to a round robin scheme are used.

Several ways of identifying users and collecting demographic information and market information are disclosed, including branding a browser with a unique identification in each user request, identifying a user by his key strokes or mouse clicks, gathering demographic information using multiple data sets and by monitoring network traffic. Additionally, user requested content is distinguished from other, non-user content, and the performance of a server can be monitor and analyzed from a client a client perspective. Further, an Internet user's Internet data is routed to a known domain on the Internet, from which it is routed on to the intended recipient. The domain includes proxy servers which proxy the user's data requests to the domain, and database servers, which filter and build a database of the user's Internet usage. Particular data concerning certain behaviors of interest, such as purchasing data, is filtered into the database, and can form the basis for numerous market measures.

Methods and systems for flow processing and switching, security, and other network applications, including a facility that processes a data flow to address patterns relevant to a variety of conditions are directed at internal network security, virtualization, and web connection security are described. Such flow processing facilities may be used for inspecting network traffic packet payloads to detect security threats and intrusions across accessible layers of the network IP stack by applying content matching and behavioral anomaly detection techniques based on regular expression matching and self-organizing maps. Exposing threats and intrusions within packet payload at or near real-time rates enhances network security from both external and internal sources while ensuring security policy is rigorously applied to data and system resources.

Systems, program product, and methods related to dynamic Internet security and risk assessment and management, are provided. For example, a system, program product, and method of identifying and servicing actual customer requests to a defended or protected computer or server can include the steps / operations of receiving by the defended computer, a service request from each of a plurality of IP addresses associated with a separate one of a plurality of service requesting computers, sending an inspection code adapted to perform a virtual attack on each existing service requesting computers at each respective associated IP address, and restricting provision of services from the defended computer to a subset of the service requesting computers identified for restriction when a security feature of the respective service requesting computer is determined to have been defeated by the virtual attack.

Redirection of user entered data to an unauthenticated website (“phishing”) is checked by, at redirection, detecting the presence of data entry fields in a user web page and, if any are present, authenticating the redirection address against lists of approved websites or the redirection web site certificate. If the new address is not authenticated, the user may still opt to be redirected.

Method and system for improving the security of storing digital data in a memory or its delivery as a message over the Internet from a sender to a receiver using one or more hops is disclosed. The message is split at the sender into multiple overlapping or non-overlapping slices according to a slicing scheme, and the slices are encapsulated in packets each destined to a different relay server as an intermediate node according to a delivery scheme. The relay servers relay the received slices to another other relay server or to the receiver. Upon receiving all the packets containing all the slices, the receiver combines the slices reversing the slicing scheme, whereby reconstructing the message sent.

This invention comprises a method and system for estimating unique visitors for Internet sites that is more accurate than the existing unique cookie / unique address counting methods. The invented method relies on the count of unique user identifiers (such as network addresses or preferably cookies)—I—that can be obtained from an existing cookie tracking / user access logging system. The number of unique visitors U is calculated substantially as a ratio of the count of unique cookies (or unique network addresses) to the number of visits N times the inflation factor X plus constant on that is approximately one (exactly one in the case of cookies). The number of visits is calculated by multiplying the sampling period t to the visitation frequency T1 minus one. The resulting estimate of the unique visitors is stable and does not diverge with sampling time unlike estimates directly obtained from the unique network address or unique cookie counts. The method is also applicable when there are multiple dominant visitation frequencies by accounting to the sum by all significant visitation frequencies. All key parameters of the method can be established before hand by mining a multitude of the site's historical visit logs and / or third party site access logs; the parameters can be corrected / calculated dynamically by mining the site's current access log (or current third party logs) while focusing on unambiguously identified visitors (such as return visitors identified by their login ID or unchanged cookie value).

A system and method are provided for performing file transfers using an HTTP- or HTTPS-based Supplier Transport Gateway to connect Customer and Supplier Repositories located behind their respective firewalls. In some embodiments, the Transport Gateway is placed outside the Supplier firewall, and a Supplier Transport Proxy inside the firewall connects the Transport Gateway to the internal Supplier Repositories. In other embodiments, the Transport Gateway and Transport Proxy are reversed, the Proxy residing outside the Supplier firewall and relaying Customer HTTP / HTTPS traffic to the Transport Gateway inside the firewall, which then connects to the internal Supplier Repositories. In either case, the HTTP- or HTTPS-based Customer Repository connects through a Customer Proxy to the Supplier's Transport Gateway to request file upload / download operations. In turn, the Transport Gateway implements the Supplier's request validation policy, and Supplier Repository routing rules that abstract the Supplier Repository topology to the Customer. The Transport Gateway then performs a corresponding upload / download operation against the selected Supplier Repository using HTTP, HTTPS, FTP, or a similar protocol.

A system and method for billing web services provided by a service provider to a user. A server of the service provider is connected to a computerized terminal of the user, and to a telecommunication device of the user via a communication link. The system and method generate codes related to each user, web service and price for using the web service. The server sends the code and receives the code from the telecommunication device. Upon reception the server provides the web service to the user, and bill the price from the account of the telecommunication device.