Systems and methods for detecting suspicious internet addresses
US9332022B1 · kind B1 · utility
Assignee
Inventor
Key dates
| Filing date | Jul 7, 2014 |
| Grant date | May 3, 2016 |
| Priority date | — |
| Expiry date | Aug 28, 2034 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/168
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
The disclosed computer-implemented method for detecting suspicious Internet addresses may include (1) monitoring Internet communications of an entity (e.g., an organization or individual), (2) compiling an Internet-address history for the entity that includes one or more Internet addresses involved in the Internet communications of the entity, (3) detecting, after compiling the Internet-address history for the entity, an additional Internet address that may be used in future Internet communications involving the entity, (4) computing a similarity metric between the additional Internet address and at least one Internet-address in the Internet-address history, (5) determining that the similarity metric indicates that the additional Internet address is suspicious, and (6) performing a security action in response to determining that the similarity metric indicates that the additional Internet address is suspicious. Various other methods, systems, and computer-readable media are also disclosed.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.