Method to identify malicious web domain names thanks to their dynamics
US10681070B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | May 26, 2017 |
| Grant date | Jun 9, 2020 |
| Priority date | — |
| Expiry date | Feb 16, 2038 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L61/4511
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Methods and systems for detecting malicious domains. The method comprises storing domain data for a plurality of domains and selecting a relationship parameter which represents a relationship between at least two of the domains. The method further comprises generating a graph for the domains by identifying a plurality of domain nodes, connecting the domain nodes with a plurality of edges and calculating an edge weight for each edge. The method further comprises identifying at least one domain node as a known malicious domain node and the other domain nodes as candidate domain nodes, calculating a malicious score for each candidate domain node based on the edge weights and identifying a domain in the plurality of domains as malicious if the malicious score is within a predetermined range.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.