Apparatus, method and article to facilitate automatic detection and removal of fraudulent user information in a network environment

US 10,637,959 B2
Filed: 10/12/2017
Issued: 04/28/2020
Est. Priority Date: 12/04/2013
Status: Active Grant

First Claim

Patent Images

1. A method of operation in at least a portion of a system to detect suspected fraudulently generated profiles, the system which includes at least one processor and at least one nontransitory processor-readable medium that stores at least one of processor-executable instructions or processor-executable data, the at least one nontransitory processor-readable medium communicatively coupled to the at least one processor, the method of operation comprising:

computing, by the at least one processor, a value indicative of an initial probability of a profile in a set of profiles being at least one of a fraudulent profile [p(S)] or a valid profile [p(V)] based at least in part on historical profile data;

computing, by the at least one processor, for an attribute or a combination of attributes associated with the profiles in the set of profiles, a respective value indicative of a likelihood of the attribute or the combination of attributes being associated with at least one of a fraudulent profile [p(x_i|S)] or a valid profile [p(x_i|V)]; and

for each profile in the set of profiles, computing, by the at least one processor, a value indicative of a conditional probability that the respective profile is one of either fraudulent or valid based on an attribute or a combination of attributes associated with the respective profile determined at least in part using the respective initial probabilities and likelihoods.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A fraud detection system may obtain a number of known fraudulent end-user profiles. Using statistical analysis techniques that include clustering the end-user profiles by attributes, attribute values, or both, the fraud detection system identifies on a continuous, periodic, or aperiodic basis those attribute values and/or attribute value combinations that appear in fraudulent end-user profiles. Using this data, the fraud detection system generates one or more queries to identify those end-user profiles having attribute values or combinations of attribute values that likely indicate a fraudulent or otherwise undesirable end-user profile. The fraud detection system can run these queries against incoming registrations to identify and screen fraudulent end-user profiles from entering the system and can also run these queries against stored end-user profile databases to identify and remove fraudulent or otherwise undesirable end-user profiles from the end-user database.

Citations

11 Claims

1. A method of operation in at least a portion of a system to detect suspected fraudulently generated profiles, the system which includes at least one processor and at least one nontransitory processor-readable medium that stores at least one of processor-executable instructions or processor-executable data, the at least one nontransitory processor-readable medium communicatively coupled to the at least one processor, the method of operation comprising:
- computing, by the at least one processor, a value indicative of an initial probability of a profile in a set of profiles being at least one of a fraudulent profile [p(S)] or a valid profile [p(V)] based at least in part on historical profile data;
  
  computing, by the at least one processor, for an attribute or a combination of attributes associated with the profiles in the set of profiles, a respective value indicative of a likelihood of the attribute or the combination of attributes being associated with at least one of a fraudulent profile [p(x_i|S)] or a valid profile [p(x_i|V)]; and
  
  for each profile in the set of profiles, computing, by the at least one processor, a value indicative of a conditional probability that the respective profile is one of either fraudulent or valid based on an attribute or a combination of attributes associated with the respective profile determined at least in part using the respective initial probabilities and likelihoods.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1 wherein computing a value indicative of an initial probability of profiles being at least one of a fraudulent profile [p(S)] or a valid profile [p(V)] includes computing both a value indicative of the initial probability of profiles being fraudulent [p(S)] and a value indicative of the initial probability of profiles being valid [p(V)].
  - 3. The method of claim 1 wherein computing a value indicative of a conditional probability that the respective profile is fraudulent includes computing the value indicative of a conditional probability that the respective profile is fraudulent according to:
  - 4. The method of claim 1 wherein computing a value indicative of a likelihood of the attribute or the combination of attributes being associated with at least one of a fraudulent profile [p(x_i|S)] or a valid profile [p(x_i|V)] includes computing the respective value indicative of a respective likelihood based at least in part on:
    - a Hyper Text Transfer Protocol (http) referrer associated with the respective profile;
      
      an Internet Service Provider (ISP) associated with the respective profile;
      
      an Internet Protocol (IP) of signup and last logins associated with the respective profile;
      
      an identity of one or more plugins present in a browser associated with the respective profile;
      
      a location (state/province/location) associated with a sign up for the respective profile;
      
      an electronic mail (email) address associated with the respective profile;
      
      an http via associated with the respective profile;
      
      a most recent operating system (OS) associated with the respective profile;
      
      one or more cookies used to track individual computers associated with the respective profile;
      
      a username associated with the respective profile;
      
      a user age associated with the respective profile;
      
      one or more cookies that contain a user identifier of the most recent users to log in on using a given instance of a processor-based device;
      
      a self-identified country associated with the respective profile;
      
      an IP Country associated with the respective profile;
      
      an identity of a browser used at signup associated with the respective profile;
      
      a self-identified profession associated with the respective profile;
      
      IP blocks of signup and at least two most recent logins associated with the respective profile;
      
      an IP country of at least two most recent visits associated with the respective profile;
      
      a time to create the respective profile;
      
      an electronic mail (email) domain associated with the respective profile;
      
      a self-identified postal or location code associated with the respective profile;
      
      orone or more user keystrokes and cut and paste properties used in creating the respective profile.
  - 5. The method of claim 1, further comprising:
    - ranking the profiles into groups.
  - 6. The method of claim 1, further comprising:
    - providing result to a front end system for deletion.

7. A fraudulent profile detection system to detect at least one of accounts or related profiles suspected of being fraudulently generated, the system comprising:
- at least one processor; and
  
  at least one nontransitory processor-readable medium that stores at least one of processor-executable instructions or processor-executable data, the at least one nontransitory processor-readable medium communicatively coupled to the at least one processor, wherein the at least one processor;
  
  computes a value indicative of an initial probability of a profile in a set of profiles being at least one of a fraudulent profile [p(S)] or a valid profile [p(V)] based at least in part on historical profile data;
  
  for an attribute or a combination of attributes associated with the profiles in the set of profiles, computes a respective value indicative of a likelihood of the attribute or the combination of attributes being associated with at least one of a fraudulent profile [p(x_i|S)] or a valid profile [p(x_i|V)]; and
  
  for each profile in the set of profiles, computes a value indicative of a conditional probability that the respective profile is one of either fraudulent or valid based on an attribute or a combination of attributes associated with the respective profile determined at least in part using the respective initial probabilities and likelihoods.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The system of claim 7 wherein the at least one processor computes both a value indicative of the initial probability of profiles being fraudulent [p(S)] and a value indicative of the initial probability of profiles being valid [p(V)].
  - 9. The system of claim 7 wherein the at least one processor computes a value indicative of a conditional probability that the respective profile is fraudulent includes computing the value indicative of a conditional probability that the respective profile is fraudulent according to:
  - 10. The system of claim 7 wherein the at least one processor further:
    - ranks the profiles into groups using the respective value indicative of a conditional probability that the respective profile is fraudulent.
  - 11. The system of claim 7 wherein the at least one processor further:
    - generates at least one output logically associated with each profile, the at least one output indicative of at least one of the following;
      
      a deletion indicator, a clearance indicator, or a further investigation indicator.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Plentyoffish Media ULC (Match Group, Inc.)
Original Assignee
Plentyoffish Media ULC (Match Group, Inc.)
Inventors
Levi, Thomas, Oldridge, Steve
Primary Examiner(s)
Casanova, Jorge A

Application Number

US15/782,576
Publication Number

US 20180052991A1
Time in Patent Office

929 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/552   involving long-term monitor...

G06F 21/577   Assessing vulnerabilities a...

H04L 67/306   User profiles

Apparatus, method and article to facilitate automatic detection and removal of fraudulent user information in a network environment

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatus, method and article to facilitate automatic detection and removal of fraudulent user information in a network environment

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links