Method and system for monitoring and redirecting HTTP requests away from unintended web sites
First Claim
1. A method of redirecting Internet traffic comprising:
- defining a first list of domain names;
generating typographical variations of each domain name of the first list of domain names to define a second list of variable domain names for each domain name, wherein the typographical variations comprise at least one of;
swapping characters within the domain name, dropping at least one character from the domain name, and adding at least one character to the domain name;
determining if each domain name of the second list of variable domain names is registered to generate a list of registered second list domain names;
classifying each domain name of the registered second list as either a legitimate site or an illegitimate site to generate a classified list of domain names;
comparing a domain name included in a user domain name service (DNS) request to the classified list of domain names to determine the alternate domain name to redirect to based upon information provided at the time of the user request, wherein the information is selected from the group consisting of;
the unique user that is making the request, date and time of the request, location of the user making the request, user preference for the requested domain, and user preference for use of a service associated with the requested domain; and
substituting an alternate domain name if the domain name in the user request matches an illegitimate site on the classified list of domain names,wherein the classifying, comparing and substituting steps are performed prior to transmission of an HTTP request corresponding to the alternate domain name.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments are described for a system and method for redirecting Internet traffic away from illegitimate web sites. A redirect process includes a typo identifier engine and a direct navigation engine. The typo identifier engine generates a list of domain names based on common typographical variations of legitimate brand domains, and common direct navigation domains. A web crawler process verifies if the generated domain name are registered. The sites are classified as either legitimate or illegitimate based on a series of defined rules and analysis of parameters, such as site content, registrar identity, and owner. The direct navigation engine compares the user'"'"'s request with the list of known illegitimate domains found by the typo identifier engine. If a match is found, the system replaces the user requested domain name with a redirected domain name.
53 Citations
17 Claims
-
1. A method of redirecting Internet traffic comprising:
-
defining a first list of domain names; generating typographical variations of each domain name of the first list of domain names to define a second list of variable domain names for each domain name, wherein the typographical variations comprise at least one of;
swapping characters within the domain name, dropping at least one character from the domain name, and adding at least one character to the domain name;determining if each domain name of the second list of variable domain names is registered to generate a list of registered second list domain names; classifying each domain name of the registered second list as either a legitimate site or an illegitimate site to generate a classified list of domain names; comparing a domain name included in a user domain name service (DNS) request to the classified list of domain names to determine the alternate domain name to redirect to based upon information provided at the time of the user request, wherein the information is selected from the group consisting of;
the unique user that is making the request, date and time of the request, location of the user making the request, user preference for the requested domain, and user preference for use of a service associated with the requested domain; andsubstituting an alternate domain name if the domain name in the user request matches an illegitimate site on the classified list of domain names, wherein the classifying, comparing and substituting steps are performed prior to transmission of an HTTP request corresponding to the alternate domain name. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for redirecting Internet traffic, the system comprising:
-
a processor-based application executed on a computer and configured to; define a first list of domain names; generate typographical variations of each domain name of the first list of domain names to define a second list of variable domain names for each domain name, wherein the typographical variations comprise at least one of;
swapping characters within the domain name, dropping at least one character from the domain name, and adding at least one character to the domain name;determine if each domain name of the second list of variable domain names is registered to generate a list of registered second list domain names; classify each domain name of the registered second list as either a legitimate site or an illegitimate site to generate a classified list of domain names; compare a domain name included in a user DNS request to the classified list of domain names to determine the alternate domain name to redirect to based upon information provided at the time of the user request, wherein the information is selected from the group consisting of;
the unique user that is making the request, date and time of the request, location of the user making the request, user preference for the requested domain, and user preference for use of a service associated with the requested domain; andsubstitute an alternate domain name if the domain name in the user request matches an illegitimate site on the classified list of domain names wherein the steps executed by the processor-based application are performed prior to transmission of an HTTP request corresponding to the alternate domain name. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A non-transitory machine-readable medium carrying one or more sequences of instructions for redirecting Internet traffic, which instructions, when executed by one or more processors, cause the one or more processors to carry out steps comprising:
-
defining a first list of domain names; generating typographical variations of each domain name of the first list of domain names to define a second list of variable domain names for each domain name, wherein the typographical variations comprise at least one of;
swapping characters within the domain name, dropping at least one character from the domain name, and adding at least one character to the domain name;determining if each domain name of the second list of variable domain names is registered to generate a list of registered second list domain names; classifying each domain name of the registered second list as either a legitimate site or an illegitimate site to generate a classified list of domain names; comparing a domain name included in a user DNS request to the classified list of domain names to determine the alternate domain name to redirect to based upon information provided at the time of the user request, wherein the information is selected from the group consisting of;
the unique user that is making the request, date and time of the request, location of the user making the request, user preference for the requested domain, and user preference for use of a service associated with the requested domain; andsubstituting an alternate domain name if the domain name in the user request matches an illegitimate site on the classified list of domain names, wherein the classifying, comparing and substituting steps are performed prior to a transmission of an HTTP request corresponding to the alternate domain name. - View Dependent Claims (16, 17)
-
Specification