公开(公告)号：US20240356969A1

公开(公告)日：2024-10-24

申请号：US18220065

申请日：2023-07-10

Applicant: Cisco Technology, Inc.

Inventor： Jan Brabec ,  Milos Lenoch ,  Tomas Sixta ,  Filip Srajer ,  Radek Starosta

IPC: H04L9/40 ,  G06Q10/107

CPC classification number: H04L63/1483 ,  G06Q10/107

Abstract: Techniques for an email-security system to screen emails, extract information from the emails, analyze the extracted information, assign probability scores to the emails, and classify the email as suspicious or not. A method is disclosed that includes analyzing an email and extracting a first sender attribute and a second sender attribute from the email. Identifying one or more sender-specific models associated with a sending device, and applying one or more sender-specific models to determine a first probability value associated with the first sender attribute that conveys a likelihood that the first sender attribute is a misused sender attribute. Applying one or more sender-specific models to determine a second probability value associated with the second sender attribute is a second misused sender attribute, and determining, by using the first probability value and the second probability value, an overall probability value associated with a likelihood that the email is suspicious or not.