Invention Grant
US08307431B2 Method and apparatus for identifying phishing websites in network traffic using generated regular expressions
有权
使用生成的正则表达式识别网络流量中的网络钓鱼网站的方法和装置
- Patent Title: Method and apparatus for identifying phishing websites in network traffic using generated regular expressions
- Patent Title (中): 使用生成的正则表达式识别网络流量中的网络钓鱼网站的方法和装置
-
Application No.: US12156341Application Date: 2008-05-30
-
Publication No.: US08307431B2Publication Date: 2012-11-06
- Inventor: Balachander Krishnamurthy , Oliver Spatscheck , Jacobus Van Der Merwe , Anirudh Ramachandran
- Applicant: Balachander Krishnamurthy , Oliver Spatscheck , Jacobus Van Der Merwe , Anirudh Ramachandran
- Applicant Address: US GA Atlanta
- Assignee: AT&T Intellectual Property I, L.P.
- Current Assignee: AT&T Intellectual Property I, L.P.
- Current Assignee Address: US GA Atlanta
- Main IPC: G06F11/00
- IPC: G06F11/00
Abstract:
According to an aspect of this invention, a method to detect phishing URLs involves: creating a whitelist of URLs using a first regular expression; creating a blacklist of URLs using a second regular expression; comparing a URL to the whitelist; and if the URL is not on the whitelist, comparing the URL to the blacklist. False negatives and positives may be avoided by classifying Internet domain names for the target organization as “legitimate”. This classification leaves a filtered set of URLs with unknown domain names which may be more closely examined to detect a potential phishing URL. Valid domain names may be classified without end-user participation.
Public/Granted literature
Information query
