Patent · US Active

Identifying malicious web infrastructures

US9578042B2 · kind B2 · utility

8Cited by

2References

8Claims

0Family size

Assignee

International Business Machines Corporation · US

Inventors

Xin Hu · White Plains, US
Jiyong Jang · Ossining, US
Ting Wang · White Plains, US
Jialong Zhang · White Plains, US

Key dates

Filing date	Jun 18, 2015
Grant date	Feb 21, 2017
Priority date	—
Expiry date	Jun 18, 2035

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1441
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Identifying malicious servers is provided. Malicious edges between server vertices corresponding to visible servers and invisible servers involved in network traffic redirection chains are determined based on determined graph-based features within a bipartite graph corresponding to invisible server vertices involved in the network traffic redirection chains and determined distance-based features corresponding to the invisible server vertices involved in the network traffic redirection chains. Malicious server vertices are identified in the bipartite graph based on the determined malicious edges between the server vertices corresponding to the visible servers and invisible servers involved in the network traffic redirection chains. Access by client devices is blocked to malicious servers corresponding to the identified malicious server vertices in the bipartite graph.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.