Abstract: The techniques described herein use training data to train classification models to detect malicious Uniform Resource Locators (URLs) that target authentic resources (e.g., Web page, Web site, or other network locations accessed via a URL). The techniques train the classification models using one or more machine learning algorithms. The training data may include known benign URLs and known malicious URLs (e.g., training URLs) that are associated with a target authentic resource. The techniques then use the trained classification models to determine whether an unknown URL is a malicious URL. The malicious URL determination may be based on one or more lexical features (e.g., brand name edit distances for a domain and path of the URL) and/or site/page features (e.g., a domain age and a domain confidence level) extracted.

Abstract: Techniques for an image-based CAPTCHA for object recognition are described. The disclosure describes adding images to a database by collecting images by querying descriptive keywords to an image search engine or crawling images from the Internet. The disclosure describes generating the image-based CAPTCHA. The image is retrieved from the database, along with objects having significant values. An object is cropped from its image. The portion on the image where the object has been cropped is filled with image inpainting. The process obtains other objects from the database. The object is mixed among the other objects to from a set of candidate objects. A user is asked to select “the object” from the set of candidate objects that fits or matches the image. The image-based CAPTCHA evaluates whether a response, the selection, is from a human or a bot.

Abstract: A cooperative rendering cache browser (CRC-Browser) for a mobile device may cooperatively manage cached content with a proxy server to reduce redundant transmissions of processed Web data. Additionally, the CRC-Browser may provide stateful, thin-client Web browsing to maintain synchronized information about rendering objects of a Web page. Further, the CRC-Browser may cache only stable and/or visible document object model (DOM) elements and communicate a list of IDs of the cached elements to the proxy. Such stateful thin-client browsers may be useful for reducing battery drain, poor responsiveness, and high wireless network costs of mobile Web browsing.

Abstract: This document describes techniques for using features extracted from a URL to detect a malicious URL and categorize the malicious URL as one of a phishing URL, a spamming URL, a malware URL or a multi-type attack URL. The techniques employ one or more machine learning algorithms to train classification models using a set of training data which includes a known set of benign URLs and a known set of malicious URLs. The classification models are then employed to detect and/or categorize a malicious URL.

Abstract: The text-to-speech audio HIP technique described herein in some embodiments uses different correlated or uncorrelated words or sentences generated via a text-to-speech engine as audio HIP challenges. The technique can apply different effects in the text-to-speech synthesizer speaking a sentence to be used as a HIP challenge string. The different effects can include, for example, spectral frequency warping; vowel duration warping; background addition; echo addition; and varying the time duration between words, among others. In some embodiments the technique varies the set of parameters to prevent using Automated Speech Recognition tools from using previously used audio HIP challenges to learn a model which can then be used to recognize future audio HIP challenges generated by the technique. Additionally, in some embodiments the technique introduces the requirement of semantic understanding in HIP challenges.

Abstract: A trust level of an account is determined at least partly based on a degree of the memorability of an email address associated with the account. Additional features such as those based on the domain of the email address and those from the additional information such as name, phone number, and address associated with the account may also be used to determine the trust level of the account. A machine learning process may be used to learn a classification model based on one or more features that distinguish a malicious account from a benign account from training data. The classification model is used to determine a trust level of the account, and/or if the account is malicious or benign, and may be continuously improved by incrementally adapting or improving the model with new accounts.

Abstract: A security module generates a random image having a plurality of password-element indicators therein. The random image is provided to a user. The user selects portions of the random image. The security module determines whether the selected portions of the random image correspond to a password for the user. The security module grants access if the selected portions of the random image correspond to the user's password. However, if the selected portions of the random image do not correspond to the user's password, the security module may generate another random image having a plurality of password-element indicators therein, wherein each of the random images are computationally de-correlated.

Abstract: Technologies for a human computation framework suitable for answering common sense questions that are difficult for computers to answer but easy for humans to answer. The technologies support solving general common sense problems without a priori knowledge of the problems; support for determining whether an answer is from a bot or human so as to screen out spurious answers from bots; support for distilling answers collected from human users to ensure high quality solutions to the questions asked; and support for preventing malicious elements in or out of the system from attacking other system elements or contaminating the solutions produced by the system, and preventing users from being compensated without contributing answers.

Abstract: The HIP creation technique described herein pertains to a technique for creating a human interactive proof (HIP) by applying tearing and/or a conformal transformation to a string of characters while maintaining readability of text. In one embodiment, the technique tears a character string into two or more pieces and applies conformal transformation to warp the pieces in order to create a HIP. The transformation changes the shape and orientation of the characters but preserves angles of the characters which makes it easy for humans to recognize the characters after the transformation. Other embodiments of the technique create HIPs by applying tearing only to a string of characters, or by applying conformal transformation only to the character string.

Abstract: Techniques for generating, updating, and transmitting a structure-based data representation of a document are described herein. The structure-based adaptive document caching techniques may effectively eliminate redundancy in data transmission by exploiting structures of the document to be transmitted. The described techniques partitions a document into a sequence of structures, differentiate between cache-worthy structures and cache-unworthy structures, and generating a structure-based data representation of the document. The techniques may transmit updated structures and instructions, instead of all data of the document, to update previously cached structures at a client device; thereby resulting in higher cache hit rates.

Abstract: This document describes tools associated with symbol entry control functions. In some implementations, the tools identify a first finger that is in tactile contact with a touch screen. The first finger can select a subset of symbols from a plurality of symbols that can be entered via the touch screen. The tools can also identify whether one or more other fingers are in concurrent tactile contact with the first finger on the touch screen. The tools can select an individual symbol from the subset based on whether the one or more other fingers are in concurrent tactile contact with the first finger on the touch screen.

Abstract: Technologies for a human computation framework suitable for answering common sense questions that are difficult for computers to answer but easy for humans to answer. The technologies support solving general common sense problems without a priori knowledge of the problems; support for determining whether an answer is from a bot or human so as to screen out spurious answers from bots; support for distilling answers collected from human users to ensure high quality solutions to the questions asked; and support for preventing malicious elements in or out of the system from attacking other system elements or contaminating the solutions produced by the system, and preventing users from being compensated without contributing answers.

Abstract: Techniques for generating a human user test for online applications or services may include splitting the visual objects in an image into multiple partial images, and forming one or more alignment positions. At each of the alignment positions, some of the visual objects appear recognizable while some bogus visual objects also appear to prevent robots from recognizing the alignment positions. A user is requested to find the multiple alignment positions to return recognizable visual objects. A system determines that the user is a human user if the recognizable visual objects input by the user match the visual objects in the image.

Abstract: A cooperative rendering cache browser (CRC-Browser) for a mobile device may cooperatively manage cached content with a proxy server to reduce redundant transmissions of processed Web data. Additionally, the CRC-Browser may provide stateful, thin-client Web browsing to maintain synchronized information about rendering objects of a Web page. Further, the CRC-Browser may cache only stable and/or visible document object model (DOM) elements and communicate a list of IDs of the cached elements to the proxy. Such stateful thin-client browsers may be useful for reducing battery drain, poor responsiveness, and high wireless network costs of mobile Web browsing.

Abstract: Technologies for distributed single sign-on operable to provide user access to a plurality of services via authentication to a single entity. The distributed single sion-on technologies provide a set of authentication servers and methods for privacy protection based on splitting secret keys and user profiles into secure shares and periodically updating shares among the authentication servers without affecting the underlying secrets. The correctness of the received partial token or partial profiles can be verified with non-interactive zero-knowledge proofs.

Abstract: Technologies for distributed single sign-on operable to provide user access to a plurality of services via authentication to a single entity. The distributed single sign-on technologies provide a set of authentication servers and methods for privacy protection based on splitting secret, keys and user profiles into secure shares and periodically updating shares among the authentication servers without affecting the underlying secrets. The correctness of the received partial token or partial profiles can be verified with non-interactive zero-knowledge proofs.

Abstract: This document describes techniques for using features extracted from a URL to detect a malicious URL and categorize the malicious URL as one of a phishing URL, a spamming URL, a malware URL or a multi-type attack URL. The techniques employ one or more machine learning algorithms to train classification models using a set of training data which includes a known set of benign URLs and a known set of malicious URLs. The classification models are then employed to detect and/or categorize a malicious URL.

Abstract: Technologies for distributed single sign-on operable to provide user access to a plurality of services via authentication to a single entity. The distributed single sign-on technologies provide a set of authentication servers and methods for privacy protection based on splitting secret, keys and user profiles into secure shares and periodically updating shares among the authentication servers without affecting the underlying secrets. The correctness of the received partial token or partial profiles can be verified with non-interactive zero-knowledge proofs.

Abstract: Technologies for distributed single sign-on operable to provide user access to a plurality of services via authentication to a single entity. The distributed single sign-on technologies provide a set of authentication servers and methods for privacy protection based on splitting secret, keys and user profiles into secure shares and periodically updating shares among the authentication servers without affecting the underlying secrets. The correctness of the received partial token or partial profiles can be verified with non-interactive zero-knowledge proofs.

Abstract: Technologies for a Consumer Privacy Digital Rights Management system based on stable partially blind signatures that enable a license server to provide licenses for delivery to users without knowing the corresponding digital contents that users access with the license. Therefore consumer privacy is protected during license acquisition. Further, if the client DRM module in the DRM system does not disclose any information about a user's digital content access, and the messages that the client DRM module sends out are in plain text enabling verification that the client DRM module is not disclosing such information, then consumer privacy is fully protected by the DRM system.