Patent · US Active

System and method for detecting malicious links in electronic messages

US9888019B1 · kind B1 · utility

158Cited by

221References

35Claims

0Family size

Assignee

FireEye, Inc. · US

Inventors

Vinay Pidathala · San Jose, US
Henry Uyeno · Sunnyvale, US

Key dates

Filing date	Mar 28, 2016
Grant date	Feb 6, 2018
Priority date	—
Expiry date	Mar 28, 2036

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1475
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

According to one embodiment, in response to receiving a plurality of uniform resource locator (URL) links for malicious determination, any known URL links are removed from the URL links based on a list of known link signatures. For each of remaining URL links that are unknown, a link analysis is performed on the URL link based on link heuristics to determine whether the URL link is suspicious. For each of the suspicious URL links, a dynamic analysis is performed on a resource of the suspicious URL link. It is classified whether the suspicious URL link is a malicious link based on a behavior of the resource during the dynamic analysis.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.