Patents by Inventor Angus Xianen Qiu

Angus Xianen Qiu has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 10419460
    Abstract: The present teaching generally relates to detecting abnormal user activity associated with an entity. In a non-limiting embodiment, baseline distribution data representing a baseline distribution characterizing normal user activities for an entity may be obtained. Information related to online user activities with respect to the entity may be received, distribution data representation a dynamic distribution may be determined based, at least in part, on the information. One or more measures characterizing a difference between the baseline distribution and the dynamic distribution may be computed, and in real-time it may be assessed whether the information indicates abnormal user activity. If the first information indicates abnormal user activity, then output data including the distribution data and the one or more measures may be generated.
    Type: Grant
    Filed: July 21, 2017
    Date of Patent: September 17, 2019
    Assignee: Oath, Inc.
    Inventors: Liang Wang, Angus Xianen Qiu, Chun Han, Liang Peng
  • Publication number: 20190205926
    Abstract: The present teaching generally relates to identifying fraudulent content provider-user device pairs. In one embodiment, an initial user risk value and an initial content provider risk value may be determined. A first functional representation of a user risk value may be generated based on the initial user risk value and relational data. A second functional representation of a content provider risk value may be generated based on the initial content provider risk value and the relational data. A converged user risk value and a converged content provider risk value associated with the first and second representations converging may be determined. A pair risk value may be determined based on the converged user risk value and the converged content provider risk value. A fraudulent label may then be applied to interaction events detected by the content provider from the user in response to the risk pair value satisfying a condition.
    Type: Application
    Filed: December 29, 2017
    Publication date: July 4, 2019
    Inventors: Angus Xianen Qiu, Liang Wang, Liang Peng
  • Publication number: 20190188593
    Abstract: The present teaching generally relates to removing perturbations from predictive scoring. In one embodiment, data representing a plurality of events detected by a content provider may be received, the data indicating a time that a corresponding event occurred and whether the corresponding event was fraudulent. First category data may be generated by grouping each event into one of a number of categories, each category being associated with a range of times. A first measure of risk for each category may be determined, where the first measure of risk indicates a likelihood that a future event occurring at a future time is fraudulent. Second category data may be generated by processing the first category data and a second measure of risk for each category may be determined. Measure data representing the second measure of risk for each category and the range of times associated with that category may be stored.
    Type: Application
    Filed: December 19, 2017
    Publication date: June 20, 2019
    Inventors: Liang Wang, Angus Xianen Qiu, Shengjun Pan
  • Publication number: 20190130440
    Abstract: The present teaching relates to a fraud detecting system and method for providing protection against fraudulent advertisement requests. Upon receiving a request for an advertisement, the system extracts an identifier, associated with a source from which the request originates, included in the request. The system determines whether the extracted identifier is included in a list of designated identifiers, and when the identifier is included in the list, the system denies the request for the advertisement. When the identifier is not included in the list of designated identifiers, the system provides the advertisement in response to the request, and extracts a set of features from the request and other requests that originate from the source to determine whether the identifier associated with the source is to be included in the list of designated identifiers based on the set of features in accordance with one or more models.
    Type: Application
    Filed: October 26, 2017
    Publication date: May 2, 2019
    Inventors: Angus Xianen Qiu, Liang Wang, Chun Han, Jaime Morales
  • Publication number: 20190114649
    Abstract: The present teaching generally relates to detecting fraudulent networks. First data associated with a plurality of entities may be obtained, and a representation characterizing similarities among the plurality may be generated. Based on the representation, at least one entity cluster may be identified as corresponding to a candidate fraud network. A score associated with each of the at least one entity cluster may be determined, where the score indicates a likelihood that a corresponding entity cluster represents a fraud network, and at least some of the at least one entity cluster may be identified as a fraud network based on the score.
    Type: Application
    Filed: October 12, 2017
    Publication date: April 18, 2019
    Inventors: Liang Wang, Angus Xianen Qiu, Chun Han, Teppo Salonen
  • Publication number: 20190028489
    Abstract: The present teaching generally relates to detecting abnormal user activity associated with an entity. In a non-limiting embodiment, baseline distribution data representing a baseline distribution characterizing normal user activities for an entity may be obtained. Information related to online user activities with respect to the entity may be received, distribution data representation a dynamic distribution may be determined based, at least in part, on the information. One or more measures characterizing a difference between the baseline distribution and the dynamic distribution may be computed, and in real-time it may be assessed whether the information indicates abnormal user activity. If the first information indicates abnormal user activity, then output data including the distribution data and the one or more measures may be generated.
    Type: Application
    Filed: July 21, 2017
    Publication date: January 24, 2019
    Inventors: Liang Wang, Angus Xianen Qiu, Chun Han, Liang Peng
  • Publication number: 20160350815
    Abstract: The present teaching, which includes methods, systems and computer-readable media, relates to providing a representation of a relationship between entities related to online content interaction. The disclosed techniques may include receiving data related to online content interactions between a set of first entities and a set of second entities, and based on the received data, determining, for each one of the set of first entities, a set of first interaction frequency values each corresponding to one of the set of second entities, and determining, for each one of the set of second entities, a second interaction frequency value. Further, for each one of the set of first entities, a set of relation values may be determined based on the set of first interaction frequency values for that first entity and the second interaction frequency values, each relation value indicating an interaction relationship between that first entity and one second entity.
    Type: Application
    Filed: May 29, 2015
    Publication date: December 1, 2016
    Inventors: Angus Xianen Qiu, Haiyang Xu, Zhangang Lin
  • Publication number: 20160350800
    Abstract: The present teaching, which includes methods, systems and computer-readable media, relates to detecting online coalition fraud. The disclosed techniques may include grouping visitors that interact with online content into clusters, obtaining traffic features for each visitor, wherein the traffic features are based at least on data representing the corresponding visitor's interaction with the online content; determining, for each cluster, cluster metrics based on (one or more statistical values of) the traffic features of the visitors in that cluster; and determining whether a cluster is fraudulent based on the cluster metrics of the first cluster. For example, determining whether a cluster is fraudulent may include determining whether a first statistical value of the traffic features related to the first cluster is greater than a first threshold value, and/or determining whether a second statistical value of the traffic features related to the first cluster is lower than a second threshold value.
    Type: Application
    Filed: May 29, 2015
    Publication date: December 1, 2016
    Inventors: Angus Xianen Qiu, Haiyang Xu, Zhangang Lin