Patent · US Active

Techniques for detecting malicious behavior using an accomplice model

US10505981B2 · kind B2 · utility

3Cited by

1References

20Claims

0Family size

Assignee

RiskIQ, Inc. · US

Inventors

Adam Hunt · El Cerrito, US
Joseph Linn · Emeryville, US
Nick Goodman · San Mateo, US
Elias Manousos · San Francisco, US
Chris Kiernan · San Francisco, US
David Pon · Sunnyvale, US
Jonas Edgeworth · San Francisco, US

Key dates

Filing date	Nov 3, 2017
Grant date	Dec 10, 2019
Priority date	—
Expiry date	Jun 7, 2038

Classification

Technology area (CPC H)Electricity
CPC primaryH04L67/306
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

The present disclosure generally relates to web page analysis, and more particularly to detecting malicious behavior using an accomplice model. In certain embodiments, the accomplice model may determine that a URI is associated with malicious behavior based upon the URI being associated with an attribute determined to be related to malicious behavior. Examples of an attribute include a host system, a domain, or an element of a document used to render the web page. Examples of an element of a document used to render the web page may include an active/dynamic element (e.g., a function, a script, etc.) or an inactive/static element (e.g., a string, a number, a frame, a tracking username, a social networking username, etc.).

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.