Patent · US Active

Creating a malware domain sinkhole by domain clustering

US11663331B2 · kind B2 · utility

0Cited by

4References

15Claims

0Family size

Assignee

International Business Machines Corporation · US

Inventors

Cheng-Ta Lee · Taipei, TW
Bo-Yu Kuo · Kaohsiung, TW
Gideon Zenz · Kassel, DE
Andrii Iesiev · Florence, US
Jacobus P. Lodewijkx · Oakton, US

Key dates

Filing date	Feb 10, 2020
Grant date	May 30, 2023
Priority date	—
Expiry date	Dec 29, 2041

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/2127
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A computer-implemented method, a computer program product, and a computer system for creating malware domain sinkholes by domain clustering. The computer system clusters malware domains into domain clusters. The computer system collects domain metrics in the domain clusters. The computer system sorts clustered malware domains in the respective ones of the domain clusters, based on the domain metrics. The computer system selects, from the clustered malware domains in the respective ones of the domain clusters, a predetermined number of top domains as candidates of respective domain sinkholes, wherein the respective domain sinkholes are created for the respective ones of the domain clusters.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.