Security threat detection based on indications in big data of access to newly registered domains
US8826434B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Jul 31, 2013 |
| Grant date | Sep 2, 2014 |
| Priority date | — |
| Expiry date | Jul 31, 2033 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L67/02
- WIPO fieldMedical technology
- WIPO sectorInstruments
Abstract
Domain names are determined for each computational event in a set, each event detailing requests or posts of webpages. A number of events or accesses associated with each domain name within a time period is determined. A registrar is further queried to determine when the domain name was registered. An object is generated that includes a representation of the access count and an age since registration for each domain names. A client can interact with the object to explore representations of domain names associated with high access counts and recent registrations. Upon determining that a given domain name is suspicious, a rule can be generated to block access to the domain name.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.