Abstract: The problem of abuse of privileges at cloud-hosted service sites is addressed by connecting a single individual or “actor” with multiple user accounts and/or other online identities, thereby creating a “consolidated profile.” In this way a confidence level can be established that a particular user account, IP address or other identifying attribute is associated with a particular actor. Different confidence levels may suffice depending on the remediary action to be taken; for example, holding a message for human review is obviously less draconian than rejecting the actor's registration at sign-up, and would therefore require a lower degree of confidence.

Abstract: The problem of abuse of privileges at cloud-hosted service sites is addressed by associating each user, preferably across multiple cloud-hosted service sites, with an individual “suspiciousness” score that may vary over time as additional user actions are detected and evaluated. Knowledge of the user is employed to better analyze the appropriateness or acceptability of user actions on the site.

Abstract: The problem of abuse of privileges at cloud-hosted service sites is addressed at the sign-up stage by identifying suspicious or abusive users and preventing them from signing up in the first place. This approach may utilize a relatively small initial data set based on the recognition that while abusers' profiles are mutable and difficult to characterize stably—abusers will deliberately shift their usage patterns to evade detection—a site's legitimate users tend to have similar and stable characteristics; that is, such characteristics are “cohesive” across cloud-hosted service (e.g., social media) sites and their users. The information gleaned from analysis of this small data set can be applied to a much larger, unsorted data set to obtain profiling criteria based on a large population for statistical reliability.

Abstract: The problem of abuse of privileges at cloud-hosted service sites is addressed by associating each user, preferably across multiple cloud-hosted service sites, with an individual “suspiciousness” score that may vary over time as additional user actions are detected and evaluated. Knowledge of the user is employed to better analyze the appropriateness or acceptability of user actions on the site.

Abstract: The invention provides for at least three processes for detecting the probability of abusive use of a message account for sending large amounts of unsolicited messages, such as spam, to other message accounts. For example, information provided at registration for a new message account can be processed to determine the likelihood of abusive use of that message account. Also, inbound messages can be processed to determine if the message account that sent the inbound message is abusing the use of that message account. Additionally, outbound messages can be processed to determine if the message account that is attempting to send an outbound message is abusing the use of that message account. Each of these three processes can operate separately or in any combination with each other to further improve the probability that abusive use of a message account will be detected promptly and accurately.

Abstract: The invention provides for at least three processes for detecting the probability of abusive use of a message account for sending large amounts of unsolicited messages, such as spam, to other message accounts. For example, information provided at registration for a new message account can be processed to determine the likelihood of abusive use of that message account. Also, inbound messages can be processed to determine if the message account that sent the inbound message is abusing the use of that message account. Additionally, outbound messages can be processed to determine if the message account that is attempting to send an outbound message is abusing the use of that message account. Each of these three processes can operate separately or in any combination with each other to further improve the probability that abusive use of a message account will be detected promptly and accurately.

Abstract: The problem of abuse of privileges at cloud-hosted service sites is addressed at the sign-up stage by identifying suspicious or abusive users and preventing them from signing up in the first place. This approach may utilize a relatively small initial data set based on the recognition that while abusers' profiles are mutable and difficult to characterize stably abusers will deliberately shift their usage patterns to evade detection—a site's legitimate users tend to have similar and stable characteristics; that is, such characteristics are “cohesive” across cloud-hosted service (e.g., social media) sites and their users. The information gleaned from analysis of this small data set can be applied to a much larger, unsorted data set to obtain profiling criteria based on a large population for statistical reliability.

Abstract: The problem of abuse of privileges at cloud-hosted service sites is addressed by connecting a single individual or “actor” with multiple user accounts and/or other online identities, thereby creating a “consolidated profile.” In this way a confidence level can be established that a particular user account, IP address or other identifying attribute is associated with a particular actor. Different confidence levels may suffice depending on the remediary action to be taken; for example, holding a message for human review is obviously less draconian than rejecting the actor's registration at sign-up, and would therefore require a lower degree of confidence.

Abstract: The problem of abuse of privileges at cloud-hosted service sites is addressed by associating each user, preferably across multiple cloud-hosted service sites, with an individual “suspiciousness” score that may vary over time as additional user actions are detected and evaluated. Knowledge of the user is employed to better analyze the appropriateness or acceptability of user actions on the site.

Abstract: The invention provides for at least three processes for detecting the probability of abusive use of a message account for sending large amounts of unsolicited messages, such as spam, to other message accounts. For example, information provided at registration for a new message account can be processed to determine the likelihood of abusive use of that message account. Also, inbound messages can be processed to determine if the message account that sent the inbound message is abusing the use of that message account. Additionally, outbound messages can be processed to determine if the message account that is attempting to send an outbound message is abusing the use of that message account. Each of these three processes can operate separately or in any combination with each other to further improve the probability that abusive use of a message account will be detected promptly and accurately.

Abstract: The invention provides for at least three processes for detecting the probability of abusive use of a message account for sending large amounts of unsolicited messages, such as spam, to other message accounts. For example, information provided at registration for a new message account can be processed to determine the likelihood of abusive use of that message account. Also, inbound messages can be processed to determine if the message account that sent the inbound message is abusing the use of that message account. Additionally, outbound messages can be processed to determine if the message account that is attempting to send an outbound message is abusing the use of that message account. Each of these three processes can operate separately or in any combination with each other to further improve the probability that abusive use of a message account will be detected promptly and accurately.

Abstract: A method of using advertisements in a Completely Automatic Public Turing test to tell Computers and Humans Apart (CAPTCHA) challenge/response transaction. In accordance with one aspect, a server allows access to some resource if the response to the ad/CAPTCHA challenge is an acceptable response.