Patent · US Active

Detecting malicious HTTP redirections using user browsing activity trees

US9531736B1 · kind B1 · utility

70Cited by

0References

20Claims

0Family size

Assignee

Narus, Inc. · US

Inventors

Ruben Torres · Sunnyvale, US
Hesham Mekky · Falcon Heights, US
Zhi-Li Zhang · Minneapolis, US
Sabyasachi Saha · Sunnyvale, US
Antonio Nucci · San Jose, US

Key dates

Filing date	Dec 24, 2012
Grant date	Dec 27, 2016
Priority date	—
Expiry date	Mar 5, 2033

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/2119
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A method for detecting malicious HTTP redirections. The method includes obtaining, based on a single client IP address, HTTP flows triggered by visiting a website, extracting a sequence of URLs where a downstream URL is extracted from a child HTTP request that is triggered by a parent HTTP request containing an immediate upstream URL, analyzing the URL sequence to generate a statistical feature, and classifying, based on the statistical feature, the HTTP flows as containing at least one malicious HTTP redirection triggered by visiting the website.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.