Abstract: A computer-implemented method for generating a first set of longest common sequences from a plurality of known malicious webpages, the first set of longest common sequences representing input data from which a human generates a set of regular expressions for detecting phishing webpages. There is included obtaining HTML source strings from the plurality of known malicious webpages and transforming the HTML source strings to reduce the number of at least one of stop words and repeated tags, thereby obtaining a set of transformed source strings. There is further included performing string alignment on the set of transformed source strings, thereby obtaining at least a scoring matrix. There is additionally included obtaining a second set of longest common sequences responsive to the performing the string alignment. There is further included filtering the second set of longest common sequences, thereby obtaining the first set of longest common sequences.

Abstract: Embodiments of the present invention relate to a method, system and computer program product for compacting data in a distributed storage system. According to the method, a query request is received from a client, wherein the query request comprises information of a previous query request of the client. A first query result of the query request and a second query result of the previous query request are retrieved. A delta data and a first indicator are sent to the client in response to the first query result being different from the second query result, wherein the delta data is the data of the first query result excluding the data comprised in both first and second query results, and the first indicator indicates the data comprised in both the first and the second query results.

Abstract: Embodiments of the present invention relate to a method, system, and computer program product for query system management. In a method, a question that is to be processed by a group of query systems is received. A group of answers to the question are received from the group of query systems, wherein the group of answers comprise an answer to the question from each of the query systems associated with the group of query systems. An association relationship is determined between the question and a query system from the group of query systems, wherein the association relationship is determined based on user feedback to the answer that is provided by the query system, and wherein the association relationship includes an association between the query and the query system and is used for selecting the query system for answering the question and further questions that are determined to be similar.

Abstract: Embodiments of the present invention relate to a method, system and computer program product for compacting data in a distributed storage system. According to the method, a query request is received from a client, wherein the query request comprises information of a previous query request of the client. A first query result of the query request and a second query result of the previous query request are retrieved. A delta data and a first indicator are sent to the client in response to the first query result being different from the second query result, wherein the delta data is the data of the first query result excluding the data comprised in both first and second query results, and the first indicator indicates the data comprised in both the first and the second query results.

Abstract: A computer-implemented method for generating a first set of longest common sequences from a plurality of known malicious webpages, the first set of longest common sequences representing input data from which a human generates a set of regular expressions for detecting phishing webpages. There is included obtaining HTML source strings from the plurality of known malicious webpages and transforming the HTML source strings to reduce the number of at least one of stop words and repeated tags, thereby obtaining a set of transformed source strings. There is further included performing string alignment on the set of transformed source strings, thereby obtaining at least a scoring matrix. There is additionally included obtaining a second set of longest common sequences responsive to the performing the string alignment. There is further included filtering the second set of longest common sequences, thereby obtaining the first set of longest common sequences.

Abstract: Unwanted web contents are detected in an endpoint computer. The endpoint computer receives a web page from a website. The reputation of the website is determined and the web page is scanned for malicious codes to protect the endpoint computer from web threats. To further protect the endpoint computer from web threats including mutating unwanted web contents, page structure traits of the web page are generated and compared to page structure traits of other web pages detected to contain unwanted web contents.

Abstract: A mobile computing device includes a roaming bandwidth advisor for determining size information of web data (e.g., webpage, streaming media) before the web data is received in the mobile computing device. The mobile computing device may cooperatively work with a cloud computing system to obtain size information of the web data. Roaming fee information (e.g., the size of the web data and/or associated roaming fee) for receiving the web data is displayed on the mobile computing device before a request for the web data is sent out of the mobile computing device.

Abstract: One embodiment relates to a computer-implemented method for detecting malware-infected electronic mail messages. A server computer monitors an email account which is associated with a unique email address for receipt of an email message, the unique email address being associated with a unique contact in an address book on a client computer. The server computer determines that an email message addressed to the unique email address has been received and performs automated analysis to confirm that the email message contains malware. Other embodiments, aspects and features are also disclosed.

Abstract: Protecting computer users from online frauds, such as phishing and pharming. A client computer may include a page signature extractor and a policy enforcer. The page signature extractor may encode a web page to generate its signature, which may be provided to a remote server computer for comparison with signatures of phishing pages. The client computer and the server computer may communicate using the DNS protocol. The policy enforcer may perform one or more predetermined actions when a match is found. Examples of such actions include replacing the web page with a blocking page, displaying a warning message, or both. The policy enforcer may be configured to determine if the web page is part of a phishing or pharming attack by comparing the URL of the web page to URLs of legitimate web pages.

Abstract: A computer-implemented method for reducing phishing attacks that employ malicious websites is provided. The computer-implemented method includes gathering information about potentially malicious websites from a plurality of sources. The computer-implemented method also includes reducing the number of potentially malicious websites gathered; thereby creating a malicious website database that tracks at least a subset of the potentially malicious websites. In addition, the computer-implemented method includes generating a malicious website blacklist from the malicious website database, each website in the malicious website blacklist satisfying inclusion criteria, wherein the malicious website blacklist is employed to decide whether an access request to a given website is permitted.