Method and system for monitoring and redirecting HTTP requests away from unintended web sites

US 8,510,411 B2
Filed: 05/05/2011
Issued: 08/13/2013
Est. Priority Date: 05/06/2010
Status: Expired due to Fees

First Claim

Patent Images

1. A method of redirecting Internet traffic comprising:

defining a first list of domain names;

generating typographical variations of each domain name of the first list of domain names to define a second list of variable domain names for each domain name, wherein the typographical variations comprise at least one of;

swapping characters within the domain name, dropping at least one character from the domain name, and adding at least one character to the domain name;

determining if each domain name of the second list of variable domain names is registered to generate a list of registered second list domain names;

classifying each domain name of the registered second list as either a legitimate site or an illegitimate site to generate a classified list of domain names;

comparing a domain name included in a user domain name service (DNS) request to the classified list of domain names to determine the alternate domain name to redirect to based upon information provided at the time of the user request, wherein the information is selected from the group consisting of;

the unique user that is making the request, date and time of the request, location of the user making the request, user preference for the requested domain, and user preference for use of a service associated with the requested domain; and

substituting an alternate domain name if the domain name in the user request matches an illegitimate site on the classified list of domain names,wherein the classifying, comparing and substituting steps are performed prior to transmission of an HTTP request corresponding to the alternate domain name.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments are described for a system and method for redirecting Internet traffic away from illegitimate web sites. A redirect process includes a typo identifier engine and a direct navigation engine. The typo identifier engine generates a list of domain names based on common typographical variations of legitimate brand domains, and common direct navigation domains. A web crawler process verifies if the generated domain name are registered. The sites are classified as either legitimate or illegitimate based on a series of defined rules and analysis of parameters, such as site content, registrar identity, and owner. The direct navigation engine compares the user'"'"'s request with the list of known illegitimate domains found by the typo identifier engine. If a match is found, the system replaces the user requested domain name with a redirected domain name.

53 Citations

View as Search Results

17 Claims

1. A method of redirecting Internet traffic comprising:
- defining a first list of domain names;
  
  generating typographical variations of each domain name of the first list of domain names to define a second list of variable domain names for each domain name, wherein the typographical variations comprise at least one of;
  
  swapping characters within the domain name, dropping at least one character from the domain name, and adding at least one character to the domain name;
  
  determining if each domain name of the second list of variable domain names is registered to generate a list of registered second list domain names;
  
  classifying each domain name of the registered second list as either a legitimate site or an illegitimate site to generate a classified list of domain names;
  
  comparing a domain name included in a user domain name service (DNS) request to the classified list of domain names to determine the alternate domain name to redirect to based upon information provided at the time of the user request, wherein the information is selected from the group consisting of;
  
  the unique user that is making the request, date and time of the request, location of the user making the request, user preference for the requested domain, and user preference for use of a service associated with the requested domain; and
  
  substituting an alternate domain name if the domain name in the user request matches an illegitimate site on the classified list of domain names,wherein the classifying, comparing and substituting steps are performed prior to transmission of an HTTP request corresponding to the alternate domain name.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1 wherein defining the first list of domain names comprises selecting a plurality of common domain names associated with known trademarks referenced over the Internet.
  - 3. The method of claim 2 wherein generating variations of each domain name further comprises:
    - appending one or more relevant keywords to each domain name to create extended domain names for each domain name.
  - 4. The method of claim 3 wherein a legitimate site is a site which is not to be redirected from, and an illegitimate site is a site that is to be redirected from.
  - 5. The method of claim 4 wherein an illegitimate site comprises a site that abuses a trademark associated with at least one domain name of the first list.
  - 6. The method of claim 5 wherein the illegitimate site is one of a typosquatting site, a phishing site, a malware site, a pay-per-click site, and an affiliate fraud site.
  - 7. The method of claim 6 further comprising determining the alternate domain name to redirect to based upon information provided at the time of the user request, wherein the information is selected from the group consisting of:
    - the unique user that is making the request, date and time of the request, location of the user making the request, user preference for the requested domain, and user preference for use of a service associated with the requested domain.
  - 8. The method of claim 1 further comprising notifying the user that a redirection is occurring by displaying a message that is viewable within a web browser of a client computer operated by the user.

9. A system for redirecting Internet traffic, the system comprising:
- a processor-based application executed on a computer and configured to;
  
  define a first list of domain names;
  
  generate typographical variations of each domain name of the first list of domain names to define a second list of variable domain names for each domain name, wherein the typographical variations comprise at least one of;
  
  swapping characters within the domain name, dropping at least one character from the domain name, and adding at least one character to the domain name;
  
  determine if each domain name of the second list of variable domain names is registered to generate a list of registered second list domain names;
  
  classify each domain name of the registered second list as either a legitimate site or an illegitimate site to generate a classified list of domain names;
  
  compare a domain name included in a user DNS request to the classified list of domain names to determine the alternate domain name to redirect to based upon information provided at the time of the user request, wherein the information is selected from the group consisting of;
  
  the unique user that is making the request, date and time of the request, location of the user making the request, user preference for the requested domain, and user preference for use of a service associated with the requested domain; and
  
  substitute an alternate domain name if the domain name in the user request matches an illegitimate site on the classified list of domain names wherein the steps executed by the processor-based application are performed prior to transmission of an HTTP request corresponding to the alternate domain name.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The system of claim 9 wherein the first list of domain names comprises a plurality of common domain names associated with known trademarks referenced over the Internet.
  - 11. The system of claim 10, wherein the processor-based application is further configured to:
    - append one or more relevant keywords to each domain name to create extended domain names for each domain name.
  - 12. The system of claim 9 wherein a legitimate site is a site which is not to be redirected from, and an illegitimate site is a site that is to be redirected from, and further wherein an illegitimate site comprises a site that abuses a trademark associated with at least one domain name of the first list.
  - 13. The system of claim 12 wherein the illegitimate site is one of a typosquatting site, a phishing site, a malware site, a pay-per-click site, and an affiliate fraud site.
  - 14. The system of claim 9, wherein the processor-based application is further configured to notify the user that a redirection is occurring by displaying a message that is viewable within a web browser of a client computer operated by the user.

15. A non-transitory machine-readable medium carrying one or more sequences of instructions for redirecting Internet traffic, which instructions, when executed by one or more processors, cause the one or more processors to carry out steps comprising:
- defining a first list of domain names;
  
  generating typographical variations of each domain name of the first list of domain names to define a second list of variable domain names for each domain name, wherein the typographical variations comprise at least one of;
  
  swapping characters within the domain name, dropping at least one character from the domain name, and adding at least one character to the domain name;
  
  determining if each domain name of the second list of variable domain names is registered to generate a list of registered second list domain names;
  
  classifying each domain name of the registered second list as either a legitimate site or an illegitimate site to generate a classified list of domain names;
  
  comparing a domain name included in a user DNS request to the classified list of domain names to determine the alternate domain name to redirect to based upon information provided at the time of the user request, wherein the information is selected from the group consisting of;
  
  the unique user that is making the request, date and time of the request, location of the user making the request, user preference for the requested domain, and user preference for use of a service associated with the requested domain; and
  
  substituting an alternate domain name if the domain name in the user request matches an illegitimate site on the classified list of domain names,wherein the classifying, comparing and substituting steps are performed prior to a transmission of an HTTP request corresponding to the alternate domain name.
- View Dependent Claims (16, 17)
- - 16. The medium of claim 15 wherein defining the first list of domain names comprises selecting a plurality of common domain names associated with known trademarks referenced over the Internet, and wherein generating variations of each domain name further comprises appending one or more relevant keywords to each domain name to create extended domain names for each domain name.
  - 17. The medium of claim 16 further comprising instructions for notifying the user that a redirection is occurring by displaying a message that is viewable within a web browser of a client computer operated by the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Desvio Incorporated
Original Assignee
Desvio Incorporated
Inventors
Coulson, Patrick R., Ortenburger, Renn A., Kinghorn, Scott A., Piltch, Stuart S.
Primary Examiner(s)
Baturay, Alicia

Application Number

US13/101,950
Publication Number

US 20110276716A1
Time in Patent Office

831 Days
Field of Search

709/217
US Class Current

709/217
CPC Class Codes

G06F 16/9566   URL specific, e.g. using al...

H04L 45/745   Address table lookup; Addre...

H04L 61/301   Name conversion

H04L 61/4511   using domain name system [DNS]

H04L 63/1483   service impersonation, e.g....

H04L 67/563   Data redirection of data ne...

Method and system for monitoring and redirecting HTTP requests away from unintended web sites

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

53 Citations

17 Claims

Specification

Use Cases

Quick Links

Others

Method and system for monitoring and redirecting HTTP requests away from unintended web sites

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

53 Citations

17 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others