Security certificate identity analysis
US11720718B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Jul 31, 2019 |
| Grant date | Aug 8, 2023 |
| Priority date | — |
| Expiry date | Sep 29, 2041 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1483
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
The technology described herein uses data in certificate transparency (CT) logs to identify security certificates that are likely to be used for phishing or brand violation. The technology described uses machine vision technology to analyze the domain name in a CT log as a user would view it. The domain name in the CT log is rendered as it might appear in a web browser's address bar. The rendered domain name is then converted to a text string using optical character recognition (OCR). The text string generated by OCR is then analyzed by a brand detection system to determine whether the text string matches a brand name. When a known brand is detected, a trust analysis is performed to determine whether the security certificate in the CT log is actually associated with the brand.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.