-
1.发明授权Method and apparatus for identifying phishing websites in network traffic using generated regular expressions 有权用于使用生成的正则表达式来识别网络流量中的网络钓鱼网站的方法和装置公开(公告)号:US08776224B2
公开(公告)日:2014-07-08
申请号:US13644055
申请日:2012-10-03
Applicant: AT&T Intellectual Property I, L.P.
Inventor: Balachander Krishnamurthy , Oliver Spatscheck , Jacobus Van Der Merwe , Anirudh Ramachandran
IPC: G06F11/00
CPC classification number: G06F21/552 , G06F21/566 , H04L63/10 , H04L63/1441 , H04L63/1483
Abstract: According to an aspect of this invention, a method to detect phishing URLs involves: creating a whitelist of URLs using a first regular expression; creating a blacklist of URLs using a second regular expression; comparing a URL to the whitelist; and if the URL is not on the whitelist, comparing the URL to the blacklist. False negatives and positives may be avoided by classifying Internet domain names for the target organization as “legitimate”. This classification leaves a filtered set of URLs with unknown domain names which may be more closely examined to detect a potential phishing URL. Valid domain names may be classified without end-user participation.
Abstract translation: 根据本发明的一个方面,一种检测网络钓鱼URL的方法包括:使用第一正则表达式创建URL的白名单; 使用第二个正则表达式创建URL黑名单; 将网址与白名单进行比较; 如果该网址不在白名单中,请将该URL与黑名单进行比较。 通过将目标组织的互联网域名分类为“合法”,可以避免虚假的否定和积极性。 此类别会留下一组经过筛选的未知域名的URL,可以更仔细地检查以检测潜在的网络钓鱼URL。 有效的域名可能没有最终用户的参与分类。
-
2.发明申请Method and Apparatus for Identifying Phishing Websites in Network Traffic Using Generated Regular Expressions 有权使用生成的正则表达式识别网络流量中的网络钓鱼网站的方法和装置公开(公告)号:US20130031630A1
公开(公告)日:2013-01-31
申请号:US13644055
申请日:2012-10-03
Applicant: AT&T INTELLECTUAL PROPERTY I, L.P.
Inventor: Balachander Krishnamurthy , Oliver Spatscheck , Jacobus Van Der Merwe , Anirudh Ramachandran
IPC: G06F21/00
CPC classification number: G06F21/552 , G06F21/566 , H04L63/10 , H04L63/1441 , H04L63/1483
Abstract: According to an aspect of this invention, a method to detect phishing URLs involves: creating a whitelist of URLs using a first regular expression; creating a blacklist of URLs using a second regular expression; comparing a URL to the whitelist; and if the URL is not on the whitelist, comparing the URL to the blacklist. False negatives and positives may be avoided by classifying Internet domain names for the target organization as “legitimate”. This classification leaves a filtered set of URLs with unknown domain names which may be more closely examined to detect a potential phishing URL. Valid domain names may be classified without end-user participation.
Abstract translation: 根据本发明的一个方面,一种检测网络钓鱼URL的方法包括:使用第一正则表达式创建URL的白名单; 使用第二个正则表达式创建URL黑名单; 将网址与白名单进行比较; 如果该网址不在白名单中,请将该URL与黑名单进行比较。 通过将目标组织的互联网域名分类为合法,可以避免虚假的否定和积极性。 此类别会留下一组经过筛选的未知域名的URL,可以更仔细地检查以检测潜在的网络钓鱼URL。 有效的域名可能没有最终用户的参与分类。
-
Search Results
2
records
(took 0.013 seconds)
