×

Determining internet-based object information using public internet search

  • US 10,104,106 B2
  • Filed: 03/31/2015
  • Issued: 10/16/2018
  • Est. Priority Date: 03/31/2015
  • Status: Active Grant
First Claim
Patent Images

1. A device, comprising:

  • a memory storing instructions; and

    one or more processors, communicably connected to the memory, to;

    intercept an object that is en route, over a network, to a client device;

    execute the object to determine first object information for the object, the first object information including object content and object metadata;

    parse the first object information into one or more strings;

    cause an Internet search, based on a string of the one or more strings, to be performed to determine Internet search results,the string being provided as one or more Internet search queries for the Internet search;

    receive the Internet search results based on causing the Internet search to be performed,the Internet search results being related to the first object information;

    perform analysis of the Internet search results, based on a set of rules, to determine a set of conclusions,the set of rules including a measure of credibility of the Internet search results, andthe set of conclusions including at least one of;

    a first conclusion of whether a top Internet search result is a malware website,a second conclusion of whether a forum post indicates that the object is malware, ora third conclusion of whether a particular Internet search result indicates that the object is malware;

    store or provide the set of conclusions to permit a determination as to whether the object is malicious; and

    modify a predictive model based on the determination as to whether the object is malicious,the predictive model being used for determining second object information for unknown objects.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×