Abstract: A network device that operates as an analysis platform for analysis of event data records that can provide a flexible approach to event data record aggregation. For example, aggregation can be flexibly turned on or off and dynamically adjusted based on event record volume and other factors such as network capacity or throughput. Devices that are instructed to aggregate records can also be instructed to archive the raw records, e.g., to maintain a full fidelity log of events. Devices can further be instructed to utilize a mixed queue approach to determine an order to deliver those records that includes both older records and newer records.

Abstract: A network device that operates as an analysis platform for analysis of event data records that can provide a flexible approach to event data record aggregation. For example, aggregation can be flexibly turned on or off and dynamically adjusted based on event record volume and other factors such as network capacity or throughput. Devices that are instructed to aggregate records can also be instructed to archive the raw records, e.g., to maintain a full fidelity log of events. Devices can further be instructed to utilize a mixed queue approach to determine an order to deliver those records that includes both older records and newer records.

Abstract: A network device that operates as an analysis platform for analysis of event data records that can provide a flexible approach to event data record aggregation. For example, aggregation can be flexibly turned on or off and dynamically adjusted based on event record volume and other factors such as network capacity or throughput. Devices that are instructed to aggregate records can also be instructed to archive the raw records, e.g., to maintain a full fidelity log of events. Devices can further be instructed to utilize a mixed queue approach to determine an order to deliver those records that includes both older records and newer records.

Abstract: A network device that operates as an analysis platform for analysis of event data records that can provide a flexible approach to event data record aggregation. For example, aggregation can be flexibly turned on or off and dynamically adjusted based on event record volume and other factors such as network capacity or throughput. Devices that are instructed to aggregate records can also be instructed to archive the raw records, e.g., to maintain a full fidelity log of events. Devices can further be instructed to utilize a mixed queue approach to determine an order to deliver those records that includes both older records and newer records.

Abstract: A method for detecting potential phishing URLs includes extracting a URL from a document, analyzing the URL context, and comparing the URL to stored trusted URLs and stored known phishing URLs. The URL context includes anchor text and surrounding content associated with the URL. The method further includes generating a phishing alert based on the comparing and the analyzing.

Abstract: A method for detecting potential phishing URLs includes extracting a URL from a document, analyzing the URL context, and comparing the URL to stored trusted URLs and stored known phishing URLs. The URL context includes anchor text and surrounding content associated with the URL. The method further includes generating a phishing alert based on the comparing and the analyzing.

Abstract: A method for detecting potential phishing URLs includes extracting a URL from a document, analyzing the URL context, and comparing the URL to stored trusted URLs and stored known phishing URLs. The URL context includes anchor text and surrounding content associated with the URL. The method further includes generating a phishing alert based on the comparing and the analyzing.

Abstract: Requested content is monitored and metadata for the content is accessed and reported to an administrator communication device. The reported metadata may be indicative of a classification of the requested content, an address of the requested content, a title of the requested content, or portions (e.g., video images) of the requested content. Administrators are enabled to receive dynamic updates regarding requested and received content in real time and may block viewer requested content or send messages to the viewer that are related to the content.

Abstract: A method for detecting potential phishing URLs includes extracting a URL from a document, analyzing the URL context, and comparing the URL to stored trusted URLs and stored known phishing URLs. The URL context includes anchor text and surrounding content associated with the URL. The method further includes generating a phishing alert based on the comparing and the analyzing.

Abstract: A disclosed method for implementing anti-tracking measures for a web browser includes refreshing anti-tracking data structure responsive to satisfying at least one of a set of anti-tracking refresh criteria. The anti-tracking data structure may include opt-out cookie data indicative of a set of opt-out cookies, uniform resource locator (URL) anti-tracking data indicative of a set of URLs associated with URL tracking, and Referer header field anti-tracking data indicative of a set of URLs susceptible to Referer header field tracking. Responsive to a web browser of a user device generating a request for a third-party web page specified by a browser URL, at least a portion of the browser URL is compared against the anti-tracking data structure. If a match in the URL anti-tracking data or the Referer header field anti-tracking data is detected, the browser URL may be modified. The refreshing of anti-tracking data may include pulling a current anti-tracking data structure from an anti-tracking server.

Abstract: An anti-tracking server includes a rendering engine for URL tracking and/or an opt-out cookie web crawler. The rendering engine is configured for emulating a browser visiting a plurality of web sites and processing elements of web content in web pages of the visited web sites. Web communication traffic generated as a result of said processing is captured and analyzed to identify URL tracking patterns. A URL tracking database reflecting identified URL tracking patterns is maintained. The opt-out cookie web crawlers are configured for visiting a second plurality of web sites, identifying hyperlinks pertaining to opt-out cookies in the second plurality of web sites, and following the identified hyperlinks to determine definitive uniform resource locators (URLs) for the opt-out cookies. An opt-out cookie database containing the definitive opt-out cookie URLs is maintained.

Abstract: A method for detecting potential phishing URLs includes extracting a URL from a document, analyzing the URL context, and comparing the URL to stored trusted URLs and stored known phishing URLs. The URL context includes anchor text and surrounding content associated with the URL. The method further includes generating a phishing alert based on the comparing and the analyzing.

Abstract: Requested content is monitored and metadata for the content is accessed and reported to an administrator communication device. The reported metadata may be indicative of a classification of the requested content, an address of the requested content, a title of the requested content, or portions (e.g., video images) of the requested content. Administrators are enabled to receive dynamic updates regarding requested and received content in real time and may block viewer requested content or send messages to the viewer that are related to the content.