Patent · US Active

Phishing domain detection systems and methods

US11546377B2 · kind B2 · utility

5Cited by

3References

15Claims

0Family size

Assignee

QATAR FOUNDATION FOR EDUCATION, SCIENCE AND COMMUNITY DEVELOPMENT · QA

Inventors

Yazan Boshmaf · Doha, QA
Mashael Al Sabah · Doha, QA
Mohamed Nabeel · Doha, QA

Key dates

Filing date	Apr 13, 2021
Grant date	Jan 3, 2023
Priority date	—
Expiry date	Apr 13, 2041

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/2119
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

The main objective of Certificate Transparency (CT) is to detect mis-issued certificates or rouge certificate authorities. It has been observed that phishing sites have been increasingly acquiring certificates to look more legitimate and reach more victims, thus providing an opportunity to predict phishing domains early. The present disclosure provides systems and methods for early detection of phishing and benign domain traces in CT logs. The provided system may predict phishing domains early even before content is available via time-, issuer-, and certificate-based characteristics that are used to identify sets of CT-based inexpensive and novel features. The CT-features are augmented with other features including passive DNS (pDNS) and domain-based lexical features.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.