Eliot C. Gillum - Mountain View CA, US Qifa Ke - Cupertino CA, US Yinglian Xie - Cupertino CA, US Fang Yu - Sunnyvale CA, US Yao Zhao - Chicago IL, US
Assignee:
Microsoft Corporation - Redmond WA
International Classification:
G06F 15/16
US Classification:
709206, 709224, 709225
Abstract:
Computer implemented methods are disclosed for detecting bot-user groups that send spam email over a web-based email service. Embodiments of the present system employ a two-prong approach to detecting bot-user groups. The first prong employs a historical-based approach for detecting anomalous changes in user account information, such as aggressive bot-user signups. The second prong of the present system entails constructing a large user-user relationship graph, which identifies bot-user sub-graphs through finding tightly connected subgraph components.
Yinglian Xie - Cupertino CA, US Fang Yu - Sunnyvale CA, US Martin Abadi - Palo Alto CA, US
Assignee:
Microsoft Corporation - Redmond WA
International Classification:
G06F 17/30
US Classification:
709220, 709224, 709227, 726 23
Abstract:
An IP (Internet Protocol) address is a directly observable identifier of host network traffic in the Internet and a host's IP address can dynamically change. Analysis of traffic (e. g. , network activity or application request) logs may be performed and a host tracking graph may be generated that shows hosts and their bindings to IP addresses over time. A host tracking graph may be used to determine host accountability. To generate a host tracking graph, a host is represented. Host representations may be application-dependent. In an implementation, application-level identifiers (IDs) such as user email IDs, messenger login IDs, social network IDs, or cookies may be used. Each identifier may be associated with a human user. These unreliable IDs can be used to track the activity of the corresponding hosts.
Surface Plasmon Resonance (Srp) Microscopy Systems, Method Of Fabrication Thereof, And Methods Of Use Thereof
Richard Neil Zare - Stanford CA, US Yiqi Luo - Mountain View CA, US Fang Yu - Mountain View CA, US
Assignee:
Stanford University - Palo Alto CA
International Classification:
G01N 21/55
US Classification:
356445
Abstract:
Surface plasmon resonance (SPR) microscopy systems, methods of making SPR microscopy systems, methods of measuring and detecting the presence of one or more compounds present in a sample using the SPR microscopy system, and the like, are disclosed. In an embodiment, a surface plasmon resonance (SPR) microscopy system can include an integrated microfluidic chip that includes a plurality of layers, an SPR imaging system, and a pressure manifold to actuate flow control components in the integrated microfluidic chip.
Yinglian Xie - Cupertino CA, US Fang Yu - Sunnyvale CA, US Martin Abadi - Palo Alto CA, US
Assignee:
Microsoft Corporation - Redmond WA
International Classification:
G06F 12/14 G06F 12/16
US Classification:
726 24, 726 25
Abstract:
An IP (Internet Protocol) address is a directly observable identifier of host network traffic in the Internet and a host's IP address can dynamically change. Analysis of traffic (e. g. , network activity or application request) logs may be performed and a host tracking graph may be generated that shows hosts and their bindings to IP addresses over time. A host tracking graph may be used to determine host accountability. This can enable host-based blacklisting instead of the traditional IP address based blacklisting. Host tracking results can be leveraged for forensic analysis to understand an attacker's traces and identify malicious activities in a postmortem fashion. The host tracking information may be used to build a tracklist which can block future attacks.
Yinglian Xie - Cupertino CA, US Fang Yu - Sunnyvale CA, US Martin Abadi - Palo Alto CA, US Eliot C. Gillum - Mountain View CA, US Junxian Huang - Ann Arbor MI, US Zhuoqing Morley Mao - Ann Arbor MI, US Jason D. Walter - San Jose CA, US Krishna Vitaldevara - Fremont CA, US
Assignee:
Microsoft Corporation - Redmond WA
International Classification:
H04L 29/06
US Classification:
726 22, 726 4, 726 14, 726 18, 713154, 709206
Abstract:
Detection of user accounts associated with spammer attacks may be performed by constructing a social graph of email users. Biggest connected components (BCC) of the social graph may be used to identify legitimate user accounts, as the majority of the users in the biggest connected components are legitimate users. BCC users may be used to identify more legitimate users. Using degree-based detection techniques and PageRank based detection techniques, the hijacked user accounts and spammer user accounts may be identified. The users' email sending and receiving behaviors may also be examined, and the subgraph structure may be used to detect stealthy attackers. From the social graph analysis, legitimate user accounts, malicious user accounts, and compromised user accounts can be identified.
Martin Abadi - Palo Alto CA, US Yinglian Xie - Cupertino CA, US Fang Yu - Sunnyvale CA, US John Payyappillil John - Seattle WA, US
Assignee:
Microsoft Corporation - Redmond WA
International Classification:
G06F 11/00 G06F 12/14 G06F 12/16 G08B 23/00
US Classification:
726 24
Abstract:
A framework identifies malicious queries contained in search logs to uncover relationships between the malicious queries and the potential attacks launched by attackers submitting the malicious queries. A small seed set of malicious queries may be used to identify an IP address in the search logs that submitted the malicious queries. The seed set may be expanded by examining all queries in the search logs submitted by the identified IP address. Regular expressions may be generated from the expanded set of queries and used for detecting yet new malicious queries. Upon identifying the malicious queries, the framework may be used to detect attacks on vulnerable websites, spamming attacks, and phishing attacks.
Automatic Identification Of Travel And Non-Travel Network Addresses
Fang Yu - Sunnyvale CA, US Yinglian Xie - Cupertino CA, US Martin Abadi - Palo Alto CA, US Stefan Roberts Savage - Carlsbad CA, US Geoffrey Michael Voelker - Del Mar CA, US
Assignee:
Microsoft Corporation - Redmond WA
International Classification:
G06F 15/16
US Classification:
709245, 709224, 709226
Abstract:
A system to automatically classify types of IP addresses associated with a user. Information, such as user names, machine information, IP address, etc. , may be obtained from logs. For each user or host in the logs, home IP addresses are identified from IP addresses where the user or host shows a predetermined level of activity. Travel IP addresses are identified, which are IP addresses at locations greater than a predetermined distance from the home IP addresses, as determined from geolocation data. A pattern analysis may be performed to determine which of the home IP addresses are work IP addresses associated with the user or host. The system may thus provide a classification of a user's or host's associated IP addresses as being one of travel, home, and work IP addresses. From this classification, mobility patterns may be derived, as well as applications to enhance security, advertising, search and network management.
Automatically Identifying Dynamic Internet Protocol Addresses
Kannan Achan - Mountain View CA, US Eliot Gillum - Mountain View CA, US Yinglian Xie - Cupertino CA, US Fang Yu - San Jose CA, US
Assignee:
Microsoft Corporation - Redmond WA
International Classification:
G06F 15/177
US Classification:
709222
Abstract:
Dynamic IP addresses may be automatically identified and their dynamics patterns may be analyzed. Multi-user IP address blocks are determined as candidates for further analysis. An entropy score is determined for each IP address in every candidate block to distinguish between a dynamic IP and a static IP shared by multiple users. IP addresses with high entropy scores are grouped, and then analyzed, and may be used in various applications, such as spam filtering.
Irvine Gastroenterology 15825 Laguna Cyn Rd STE 106, Irvine, CA 92618 (949)6790000 (phone), (949)6790976 (fax)
Education:
Medical School Natl Defense Med Ctr, Taipei, Taiwan (385 03 Pr 1/71) Graduated: 1982
Procedures:
Colonoscopy Upper Gastrointestinal Endoscopy
Conditions:
Benign Polyps of the Colon Constipation Diverticulitis Diverticulosis Esophagitis
Languages:
Chinese English
Description:
Dr. Yu graduated from the Natl Defense Med Ctr, Taipei, Taiwan (385 03 Pr 1/71) in 1982. He works in Irvine, CA and specializes in Gastroenterology and Hepatology. Dr. Yu is affiliated with Orange County Global Medical Center and Saddleback Memorial Medical Center.
Radiology Imaging Associates 230 W Dares Bch Rd STE 100, Prince Frederick, MD 20678 (301)8559754 (phone), (301)8551367 (fax)
Education:
Medical School China Med Univ, Shenyang City, Liaoning, China Graduated: 1997
Languages:
English Spanish
Description:
Dr. Yu graduated from the China Med Univ, Shenyang City, Liaoning, China in 1997. She works in Prince Frederick, MD and specializes in Diagnostic Radiology.
Western International School of Shanghai [email protected]
Tetra Pack 利乐包装 Accenture 埃森哲 Achieva China
Ar, Accountant, Account Supervisor
Education:
Acca 2012 - 2020
East China Normal University 2009 - 2012
Bachelors, Teaching, Chinese
Skills:
Teacher Training Accounting Microsoft Excel Curriculum Development Educational Leadership Financial Accounting Public Speaking Classroom Management Teaching
Qualcomm
Senior Engineer
University of Arkansas Jun 2016 - Dec 2016
Research Associate
Auburn University Aug 2011 - May 2016
Ph.d Candidate
Education:
Auburn University 2011 - 2014
Doctorates, Doctor of Philosophy, Computer Engineering, Philosophy, Electronics
Skills:
Materials Science Matlab Labview C++ Semiconductors Design of Experiments Electrical Engineering Electronics C Power Electronics Manufacturing Product Development Engineering Simulink Testing Simulations Pcb Design Electricians
Ohio State University - Computer Science & Engineering, University at Albany, The State University of New York - Computer Science & Applied Mathematics