-
公开(公告)号:US20240362643A1
公开(公告)日:2024-10-31
申请号:US18767005
申请日:2024-07-09
申请人: ROYAL BANK OF CANADA
发明人: Jamie GAMBLE , Gadi SHPITS , Ilya KOLMANOVICH , Cormac O'KEEFFE
CPC分类号: G06Q20/4016 , G06Q20/4014 , H04L63/0876 , H04L63/102
摘要: Transaction destinations are identified by identifying requests for a login page of a web server for a financial institution and determining a referring website for each of the requests; classifying the referring websites into classes, each of the classes having a risk rating; identifying logins to access the web server and determining a user associated with each login; associating each of the logins with one of the requests and the referring website for that request; for each of the users, identifying transactions occurring within a time period from when the login was initiated; for each of the transactions occurring within the time period, associating a transaction destination of that transaction with the referring website for that login; and assigning a risk rating to each of the transaction destinations based at least in part on a risk rating of the class of the associated referring website.
-
公开(公告)号:US20210160281A1
公开(公告)日:2021-05-27
申请号:US17101713
申请日:2020-11-23
申请人: ROYAL BANK OF CANADA
发明人: Matin HALLAJI , Cheng Chen LIU , Ilya KOLMANOVICH , Jamie Robert GAMBLE , Gadi SHIPTS , Cormac O'KEEFFE
摘要: A system for detecting phishing events is provided. A data receiver is configured to receive datasets representative of web traffic associated with access to or on-going usage of an application hosted on a server of a production environment by a user. A machine learning engine is configured to generate a score based at least on the datasets representative of the web traffic indicative of whether the user is a malicious user or a non-malicious user. A routing modification engine is configured to route downstream web traffic associated with access to or on-going usage of the application by the user if the score is greater than a threshold to a server of a sandbox environment that is configured to emulate a graphic user interface of the production environment.
-
公开(公告)号:US20210160280A1
公开(公告)日:2021-05-27
申请号:US17100226
申请日:2020-11-20
申请人: ROYAL BANK OF CANADA
发明人: Vikash YADAV , Jamie GAMBLE , Ilya KOLMANOVICH , Cormac O'KEEFFE
摘要: Websites, having associated features, are clustered by filtering entries that may be legitimate, determining feature similarity scores between the website features, and generating an aggregated similarity matrix containing website similarity scores between the websites. Websites are clustered into clusters or groups, based in part on the aggregated similarity matrix. Each cluster is identified by a cluster identifier and represents a centroid website and other websites at a normalized similarity score from the centroid. It is determined for each website whether the normalized similarity score is less than a threshold, and if so is identified as weakly-similar. Above the threshold, the website is labelled with the cluster identifier. Further clustering and thresholding is performed on the weakly-similar websites into additional clusters.
-
公开(公告)号:US20230379360A1
公开(公告)日:2023-11-23
申请号:US18230331
申请日:2023-08-04
申请人: ROYAL BANK OF CANADA
发明人: Matin HALLAJI , Cheng Chen LIU , Ilya KOLMANOVICH , Jamie Robert GAMBLE , Gadi SHPITS , Cormac O'KEEFFE
CPC分类号: H04L63/1483 , H04L63/1425 , H04L63/08 , G06N20/00 , H04L63/10
摘要: A system for detecting phishing events is provided. A data receiver is configured to receive datasets representative of web traffic associated with access to or on-going usage of an application hosted on a server of a production environment by a user. A machine learning engine is configured to generate a score based at least on the datasets representative of the web traffic indicative of whether the user is a malicious user or a non-malicious user. A routing modification engine is configured to route downstream web traffic associated with access to or on-going usage of the application by the user if the score is greater than a threshold to a server of a sandbox environment that is configured to emulate a graphic user interface of the production environment.
-
公开(公告)号:US20210241281A1
公开(公告)日:2021-08-05
申请号:US17162039
申请日:2021-01-29
申请人: ROYAL BANK OF CANADA
发明人: Jamie GAMBLE , Gadi SHPITS , Ilya KOLMANOVICH , Cormac O'KEEFFE
摘要: Transaction destinations are identified by identifying requests for a login page of a web server for a financial institution and determining a referring website for each of the requests; classifying the referring websites into classes, each of the classes having a risk rating; identifying logins to access the web server and determining a user associated with each login; associating each of the logins with one of the requests and the referring website for that request; for each of the users, identifying transactions occurring within a time period from when the login was initiated; for each of the transactions occurring within the time period, associating a transaction destination of that transaction with the referring website for that login; and assigning a risk rating to each of the transaction destinations based at least in part on a risk rating of the class of the associated referring website.
-
-
-
-
搜索结果
5 条记录 (耗时 0.015 秒)
