SG11201811343SA - System and methods for detecting online fraud - Google Patents

System and methods for detecting online fraud

Info

Publication number
SG11201811343SA
SG11201811343SA SG11201811343SA SG11201811343SA SG11201811343SA SG 11201811343S A SG11201811343S A SG 11201811343SA SG 11201811343S A SG11201811343S A SG 11201811343SA SG 11201811343S A SG11201811343S A SG 11201811343SA SG 11201811343S A SG11201811343S A SG 11201811343SA
Authority
SG
Singapore
Prior art keywords
fraudulent
international
domains
domain
pct
Prior art date
Application number
SG11201811343SA
Inventor
Alin-Octavian Damian
Original Assignee
Bitdefender Ipr Man Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Bitdefender Ipr Man Ltd filed Critical Bitdefender Ipr Man Ltd
Publication of SG11201811343SA publication Critical patent/SG11201811343SA/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1483Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/953Querying, e.g. by the use of web search engines
    • G06F16/9535Search customisation based on user profiles and personalisation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • H04L61/4505Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
    • H04L61/4511Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0236Filtering by address, protocol, port number or service, e.g. IP-address or URL
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Databases & Information Systems (AREA)
  • Computing Systems (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Data Mining & Analysis (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Information Transfer Between Computers (AREA)
  • Computer And Data Communications (AREA)

Abstract

INTERNATIONAL APPLICATION PUBLISHED UNDER THE PATENT COOPERATION TREATY (PCT) (19) World Intellectual Property 111111101111 0 HEIN 3E1 0 0 111111 0130101101 111111011011 # Organization International Bureau (10) International Publication Number (43) International Publication Date ......'\"\" WO 2018/011104 Al 18 January 2018 (18.01.2018) W I PO I PCT (51) International Patent Classification: KR, KW, KZ, LA, LC, LK, LR, LS, LU, LY, MA, MD, ME, GOOF 21/55 (2013.01) H04L 29/06 (2006.01) MG, MK, MN, MW, MX, MY, MZ, NA, NG, NI, NO, NZ, (21) International Application Number: OM, PA, PE, PG, PH, PL, PT, QA, RO, RS, RU, RW, SA, PCT/EP2017/067192 SC, SD, SE, SG, SK, SL, SM, ST, SV, SY, TH, TJ, TM, TN, TR, TT, TZ, UA, UG, US, UZ, VC, VN, ZA, ZM, ZW. (22) International Filing Date: (84) Designated States (unless otherwise indicated, for every 10 July 2017 (10.07.2017) kind of regional protection available): ARIPO (BW, GH, (25) Filing Language: English GM, KE, LR, LS, MW, MZ, NA, RW, SD, SL, ST, SZ, TZ, (26) Publication Language: English UG, ZM, ZW), Eurasian (AM, AZ, BY, KG, KZ, RU, TJ, TM), European (AL, AT, BE, BG, CH, CY, CZ, DE, DK, (30) Priority Data: EE, ES, FI, FR, GB, GR, HR, HU, IE, IS, IT, LT, LU, LV, 15/206,761 11 July 2016 (11.07.2016) US MC, MK, MT, NL, NO, PL, PT, RO, RS, SE, SI, SK, SM, TR), OAPI (BF, BJ, CF, CG, CI, CM, GA, GN, GQ, GW, (71) Applicant: BITDEFENDER IPR MANAGEMENT KM, ML, MR, NE, SN, TD, TG). LTD [CY/CY]; Kreontos 12, Nicosia, 1076 (CY). (72) Inventor: DAMIAN, Alin-Octavian; Bld. Unirii, bl. 8H, Published: et. 6, ap. 24, Judetul Buzau, 120191 Buzau (RO). — with international search report (Art. 21(3)) (74) Agent: TULUCA, Doina; Bd. Lacul Tei 56, bl. 19, sc. B, ap. 52, sector 2, 020392 BUCURESTI (RO). (81) Designated States (unless otherwise indicated, for every = kind of national protection available): AE, AG, AL, AM, AO, AT, AU, AZ, BA, BB, BG, BH, BN, BR, BW, BY, BZ, =_ CA, CH, CL, CN, CO, CR, CU, CZ, DE, DJ, DK, DM, DO, DZ, EC, EE, EG, ES, FI, GB, GD, GE, GH, GM, GT, HN, — HR, HU, ID, IL, IN, IR, IS, JO, JP, KE, KG, KH, KN, KP, = (54) Title: SYSTEM AND METHODS FOR DETECTING ONLINE FRAUD = _ 42 Security server = 10 = Client .... Document indicator 14 = system — 44 10 • = i l l MI = = Assessment indicator 15 FIG. 4 domain database Il ..11 ll• 0 Il 1-1 (57) : Described systems and methods enable a swift and efficient detection of fraudulent 1-1 O used to host or distribute fraudulent electronic documents such as fraudulent webpages and electronic . 15 use a reverse IP analysis to select a set of fraud candidates from among a set of domains hosted 1-1 fraudulent domain. The candidate set is further filtered according to domain registration data. N candidate domain is further analyzed to identify truly fraudulent domains. A security module may then prevent users from accessing a content of such domains. %MO Fraudulent at the same IP address as a known Online content Internet messages. domains, i.e., domains Some embodiments hosted at each filtered
SG11201811343SA 2016-07-11 2017-07-10 System and methods for detecting online fraud SG11201811343SA (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US15/206,761 US10171497B2 (en) 2016-07-11 2016-07-11 Systems and methods for detecting online fraud
PCT/EP2017/067192 WO2018011104A1 (en) 2016-07-11 2017-07-10 System and methods for detecting online fraud

Publications (1)

Publication Number Publication Date
SG11201811343SA true SG11201811343SA (en) 2019-01-30

Family

ID=59384138

Family Applications (1)

Application Number Title Priority Date Filing Date
SG11201811343SA SG11201811343SA (en) 2016-07-11 2017-07-10 System and methods for detecting online fraud

Country Status (12)

Country Link
US (2) US10171497B2 (en)
EP (1) EP3482334B1 (en)
JP (1) JP6871357B2 (en)
KR (1) KR102130122B1 (en)
CN (1) CN109690547B (en)
AU (1) AU2017295738B2 (en)
CA (1) CA3027470C (en)
ES (1) ES2874148T3 (en)
IL (1) IL265307B (en)
RU (1) RU2744671C2 (en)
SG (1) SG11201811343SA (en)
WO (1) WO2018011104A1 (en)

Families Citing this family (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10977363B2 (en) * 2015-03-25 2021-04-13 Equifax Inc. Detecting synthetic online entities
US10860715B2 (en) * 2016-05-26 2020-12-08 Barracuda Networks, Inc. Method and apparatus for proactively identifying and mitigating malware attacks via hosted web assets
US20180077227A1 (en) * 2016-08-24 2018-03-15 Oleg Yeshaya RYABOY High Volume Traffic Handling for Ordering High Demand Products
US10498753B1 (en) * 2016-12-08 2019-12-03 Jpmorgan Chase Bank, N.A. System and method for identifying potentially fraudulent domain name and identifiers
US11036767B2 (en) * 2017-06-26 2021-06-15 Jpmorgan Chase Bank, N.A. System and method for providing database abstraction and data linkage
DK3800856T3 (en) * 2018-02-20 2023-08-28 Darktrace Holdings Ltd Cyber security appliance for a cloud infrastructure
JP7182764B2 (en) * 2018-08-29 2022-12-05 Bbソフトサービス株式会社 Fraudulent web page detection device, control method and control program for fraudulent web page detection device
US11252127B2 (en) 2018-12-11 2022-02-15 Level 3 Communications, Llc Systems and methods for processing requests for content of a content distribution network
JP6998294B2 (en) * 2018-12-12 2022-01-18 Kddi株式会社 Detection device, detection method and detection program
US10887278B2 (en) 2019-01-10 2021-01-05 Proofpoint, Inc. Systems and methods for discovery of brand-registered domain names
US11411991B2 (en) * 2019-07-09 2022-08-09 Mcafee, Llc User activity-triggered URL scan
JP7069090B2 (en) * 2019-08-19 2022-05-17 Kddi株式会社 Analysts, detectors, systems and programs
KR102051350B1 (en) * 2019-09-05 2019-12-03 (주)에스투더블유랩 Method and system for data acquisition for analyzing transaction of cryptocurrency
US10755095B1 (en) * 2020-01-02 2020-08-25 Capital One Services, Llc System for scanning solicitations for fraud detection
WO2021155388A2 (en) * 2020-05-21 2021-08-05 Futurewei Technologies, Inc. Domain name system (dns) services for variable-length address (vla) networks
US11699156B2 (en) * 2020-09-15 2023-07-11 Capital One Services, Llc Advanced data collection using browser extension application for internet security
CN112818278B (en) * 2021-02-07 2022-06-03 国网湖南省电力有限公司 Method and system for checking internet hosting website
CN113115311B (en) * 2021-04-12 2022-12-06 江苏通付盾科技有限公司 Support vector machine model-based fraud behavior identification method and system
CN112995357B (en) * 2021-04-21 2021-07-23 腾讯科技(深圳)有限公司 Domain name management method, device, medium and electronic equipment based on cloud hosting service

Family Cites Families (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8661539B2 (en) * 2000-07-10 2014-02-25 Oracle International Corporation Intrusion threat detection
US8984640B1 (en) * 2003-12-11 2015-03-17 Radix Holdings, Llc Anti-phishing
US8769671B2 (en) 2004-05-02 2014-07-01 Markmonitor Inc. Online fraud solution
US7457823B2 (en) * 2004-05-02 2008-11-25 Markmonitor Inc. Methods and systems for analyzing data related to possible online fraud
US8056128B1 (en) * 2004-09-30 2011-11-08 Google Inc. Systems and methods for detecting potential communications fraud
US8032449B2 (en) * 2007-03-08 2011-10-04 Soft Route Corporation Method of processing online payments with fraud analysis and management system
US20160012223A1 (en) * 2010-10-19 2016-01-14 Cyveillance, Inc. Social engineering protection appliance
US9985978B2 (en) 2008-05-07 2018-05-29 Lookingglass Cyber Solutions Method and system for misuse detection
US8381292B1 (en) 2008-12-30 2013-02-19 The Uab Research Foundation System and method for branding a phishing website using advanced pattern matching
JP2011193343A (en) * 2010-03-16 2011-09-29 Kddi Corp Communications network monitoring system
JP2011237979A (en) * 2010-05-10 2011-11-24 Kddi Corp Terminal, device, method and program for website determination
CN102291268B (en) * 2011-09-23 2014-11-26 杜跃进 Safety domain name server and hostile domain name monitoring system and method based on same
US9189746B2 (en) * 2012-01-12 2015-11-17 Microsoft Technology Licensing, Llc Machine-learning based classification of user accounts based on email addresses and other account information
US8813239B2 (en) * 2012-01-17 2014-08-19 Bitdefender IPR Management Ltd. Online fraud detection dynamic scoring aggregation systems and methods
CA2905996C (en) * 2013-03-13 2022-07-19 Guardian Analytics, Inc. Fraud detection and analysis
US20150067853A1 (en) * 2013-08-27 2015-03-05 Georgia Tech Research Corporation Systems and methods for detecting malicious mobile webpages
JP5813810B2 (en) * 2014-03-19 2015-11-17 日本電信電話株式会社 Blacklist expansion device, blacklist expansion method, and blacklist expansion program
US11188916B2 (en) * 2014-03-28 2021-11-30 First Data Resources, Llc Mitigation of fraudulent transactions conducted over a network
US20150350229A1 (en) * 2014-05-29 2015-12-03 Singularity Networks, Inc. Network Threat Detection and Mitigation Using a Domain Name Service and Network Transaction Data
US20170041332A1 (en) * 2015-08-07 2017-02-09 Cisco Technology, Inc. Domain classification based on domain name system (dns) traffic
US9654492B2 (en) * 2015-09-15 2017-05-16 Mimecast North America, Inc. Malware detection system based on stored data
US10178121B2 (en) * 2015-10-01 2019-01-08 Michael Klatt Domain reputation evaluation process and method
US10178107B2 (en) * 2016-04-06 2019-01-08 Cisco Technology, Inc. Detection of malicious domains using recurring patterns in domain names

Also Published As

Publication number Publication date
IL265307B (en) 2021-12-01
CN109690547A (en) 2019-04-26
AU2017295738A1 (en) 2019-01-03
US20180013789A1 (en) 2018-01-11
US10171497B2 (en) 2019-01-01
ES2874148T3 (en) 2021-11-04
RU2019103228A (en) 2020-08-11
US20190132357A1 (en) 2019-05-02
WO2018011104A1 (en) 2018-01-18
JP6871357B2 (en) 2021-05-12
CA3027470A1 (en) 2018-01-18
RU2019103228A3 (en) 2020-11-03
EP3482334A1 (en) 2019-05-15
KR102130122B1 (en) 2020-07-06
AU2017295738B2 (en) 2021-07-01
CA3027470C (en) 2021-11-30
KR20190026691A (en) 2019-03-13
IL265307A (en) 2019-05-30
CN109690547B (en) 2023-05-05
JP2019528509A (en) 2019-10-10
EP3482334B1 (en) 2021-03-17
RU2744671C2 (en) 2021-03-12
US11388193B2 (en) 2022-07-12

Similar Documents

Publication Publication Date Title
SG11201811343SA (en) System and methods for detecting online fraud
SG11201811426UA (en) Distributed electronic record and transaction history
SG11201804190YA (en) Method and system for blockchain variant using digital signatures
SG11201900116RA (en) Communication flow for verification and identification check
SG11201809963XA (en) Application framework using blockchain-based asset ownership
SG11201904942YA (en) Blockchain-based service execution method and apparatus, and electronic device
SG11201901180WA (en) Systems and methods for providing identity assurance for decentralized applications
SG11201906755VA (en) Digital certificate management method, apparatus, and system
SG11201907320YA (en) Trusted login method, server, and system
SG11201807307VA (en) System and method for aerial system discrimination and action
SG11201909420QA (en) Picture-based vehicle loss assessment method and apparatus, and electronic device
SG11201903519UA (en) Methods and systems for barcoding nucleic acid molecules from individual cells or cell populations
SG11201804327TA (en) Dual memory introspection for securing multiple network endpoints
SG11201808737YA (en) Unique token authentication cryptogram
SG11201909404TA (en) Anonymity and traceability of digital property transactions on a distributed transaction consensus network
SG11201908554PA (en) Methods and devices for acquiring and recording tracking information on blockchain
SG11201906753UA (en) Digital certificate management method and apparatus, and electronic device
SG11201909950QA (en) Identifying entities in electronic medical records
SG11201805390WA (en) System and methods for auditing a virtual machine
SG11201805566XA (en) A system and method for document information authenticity verification
SG11201805648PA (en) Crypto multiple security asset creation and redemption platform
SG11201804506RA (en) Systems and methods for rendering multiple levels of detail
SG11201806723PA (en) Security system
SG11201803785RA (en) Distributed systems for secure storage and retrieval of encrypted biological specimen data
SG11201906547XA (en) Systems and methods for management of asset or obligation-backed virtual receipts on a distributed system