Patent application number | Description | Published |
20130166571 | EVALUATING TYPEABILITY OF DOMAIN NAMES - Methods and systems are disclosed for assessing an identifier. The method comprises receiving, via an interface, a string of characters making up the identifier and determining a keyboard type for a keyboard. The method further comprises calculating, by a calculator module, a typeability score for the identifier based on the string of characters and the keyboard type, wherein the typeability score signifies a difficulty of typing the identifier on the determined keyboard type. In certain embodiments, the method further comprises determining a finger positioning corresponding to a position of a typer's fingers on the keyboard, and the typeability score is further based on the finger positioning. In some embodiments, the finger positioning is based on the typer's typing habits. | 06-27-2013 |
20130173676 | COMPRESSION OF SMALL STRINGS - A method for compressing a set of small strings may include calculating n-gram frequencies for a plurality of n-grams over the set of small strings, selecting a subset of n-grams from the plurality of n-grams based on the calculated n-gram frequencies, defining a mapping table that maps each n-gram of the subset of n-grams to a unique code, and compressing the set of small strings by replacing n-grams within each small string in the set of small strings with corresponding unique codes from the mapping table. The method may use linear optimization to select a subset of n-grams that achieves a maximum space saving amount over the set of small strings for inclusion in the mapping table. The unique codes may be variable-length one or two byte codes. The set of small strings may be domain names. | 07-04-2013 |
20130174253 | SYSTEMS AND METHODS FOR DETECTING SIMILARITIES IN NETWORK TRAFFIC - A system, computer-readable medium, and method for identifying similarities in network traffic are provided. Hash values are calculated from Internet Protocol (IP) addresses in a group of IP addresses that request a domain name, a hash signature is generated from the hash values and paired with the domain name, and the domain name is then clustered with another domain name having a paired hash of the same value. The clustered domain names are then extracted and used in a similarity calculation. | 07-04-2013 |
20130320100 | SECURE BARCODES - Methods and systems for generating and authenticating barcodes and in particular generating secure barcodes are disclosed. In one embodiment, a method, performed by a certificate authority for creating a trusted content, comprises receiving, via a receiver, a target content and verifying the target content to determine whether the target content is safe or appropriate. Further, the method comprises, based on a result of the verifying, generating and storing, in a storage medium, response data; generating, via a processor, and storing in the storage medium an identifier corresponding to the response data; generating, via the processor, resolution data, the resolution data including the identifier and an address of the certificate authority; and transmitting, via a transmitter, the resolution data as the trusted content. | 12-05-2013 |
20130332109 | METHODS AND SYSTEMS FOR STATISTICAL ABERRANT BEHAVIOR DETECTION OF TIME-SERIES DATA - Methods and systems for detecting aberrant behavior in time-series observation data, such as non-existent domain data, are disclosed. The methods and systems analyze the time-series observation data to determine time-series prediction data. The time-series observation data and time-series prediction data are used to determine a threshold that is based on the standard deviation of deviation values between the time-series observation data and time-series prediction data. The threshold may be used to detect aberrant behavior in subsequently obtained time-series observation data. | 12-12-2013 |
20150047033 | DETECTING CO-OCCURRENCE PATTERNS IN DNS - Techniques for inferring the existence of suspicious software by detecting multiple name server requests for the same sets of non-existent domains. Implementations can allow for detecting the existence of malware or other suspicious software without requiring reverse engineering of the malware's domain generation algorithm. | 02-12-2015 |
20150263903 | EVALUATION OF DNS PRE-REGISTRATION DATA TO PREDICT FUTURE DNS TRAFFIC - Methods and systems analyze historical NXD traffic to predict future DNS traffic. In one embodiment, a system may count NXD responses generated by an Authoritative DNS server during a particular time period and calculate the variance in NXD traffic for domains over time. The system may then generate a coefficient of variance (CoV) value for each domain observed. Finally, the system may predict positive domain traffic based upon the calculated CoV data. In other embodiments, the system may also base the prediction on the classification of domains as “original” domains or “re-registered” domains. In another embodiment, the system may also base the prediction on the “size” of name servers. Additionally, or alternatively, the system may determine the number of unique name servers for a domain and base the prediction on the number of unique name servers for a particular domain name. | 09-17-2015 |
20150365305 | DOMAIN NAME SYSTEM TRAFFIC ANALYSIS - Systems, apparatus, and methods for selecting a domain name from a plurality of domain names. A set of network traffic data for a plurality of domain names is accessed. A change in network traffic is determined based on the set of network traffic data. The change in network traffic of each of the plurality of domain names is compared with each other. At least one domain name of the plurality of domain names is selected based on the comparing of the change in network traffic of each of the plurality of domain names with each other. An action relating to the domain name of the plurality of domain names that was selected is performed. | 12-17-2015 |