System and methods for identifying compromised personally identifiable information on the internet

US 9,235,728 B2
Filed: 02/16/2012
Issued: 01/12/2016
Est. Priority Date: 02/18/2011
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

accessing, by a computer system, stored identity-theft nomenclature;

wherein the stored identity-theft nomenclature comprises a changing set of words and phrases determined to be suggestive of at least one of;

identity theft; and

exchange of identity-theft information;

generating, by the computer system, a search-engine query from the stored identity-theft nomenclature;

querying, by the computer system, at least one search engine via the search-engine query;

identifying, by the computer system, at least one new computer-network resource responsive to the querying;

crawling, by the computer system, the at least one new computer-network resource;

collecting, by the computer system, identity-theft information from the at least one new computer-network resource;

processing, by the computer system, the identity-theft information for compromised personally-identifying information (PII); and

wherein the processing comprises;

analyzing the identity-theft information for new identity-theft nomenclature; and

storing any new identity-theft nomenclature with the stored identity-theft nomenclature.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one embodiment, a method includes generating, by a computer system, a search-engine query from stored identity-theft nomenclature. The method also includes querying, by the computer system, at least one search engine via the search-engine query. Further, the method includes crawling, by the computer system, at least one computer-network resource identified via the querying. In addition, the method includes collecting, by the computer system, identity-theft information from the at least one computer-network resource. Additionally, the method includes processing, by the computer system, the identity-theft information for compromised personally-identifying information (PII).

490 Citations

24 Claims

1. A method comprising:
- accessing, by a computer system, stored identity-theft nomenclature;
  
  wherein the stored identity-theft nomenclature comprises a changing set of words and phrases determined to be suggestive of at least one of;
  
  identity theft; and
  
  exchange of identity-theft information;
  
  generating, by the computer system, a search-engine query from the stored identity-theft nomenclature;
  
  querying, by the computer system, at least one search engine via the search-engine query;
  
  identifying, by the computer system, at least one new computer-network resource responsive to the querying;
  
  crawling, by the computer system, the at least one new computer-network resource;
  
  collecting, by the computer system, identity-theft information from the at least one new computer-network resource;
  
  processing, by the computer system, the identity-theft information for compromised personally-identifying information (PII); and
  
  wherein the processing comprises;
  
  analyzing the identity-theft information for new identity-theft nomenclature; and
  
  storing any new identity-theft nomenclature with the stored identity-theft nomenclature.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
- - 2. The method of claim 1, wherein the collecting comprises scanning the at least one new computer-network resource for at least a portion the stored identity-theft nomenclature.
  - 3. The method of claim 1, wherein the processing comprises extracting compromised PII from the identity-theft information, the extracting comprising recognizing at least one PII format.
  - 4. The method of claim 3, wherein the recognized PII format is selected from the group consisting of:
    - token-separated data, one or more columns of data lacking column headers, multi-line labeled data, and magnetic-stripe data.
  - 5. The method of claim 1, wherein the processing comprises validating the at least one new computer-network resource, the validating comprising determining whether the at least one new computer-network resource is a likely source of false positives for compromised PII.
  - 6. The method of claim 1, wherein the processing comprises normalizing the identity-theft information, the normalizing comprising storing the identity-theft information according to a standardized format.
  - 7. The method of claim 1, comprising creating and delivering at least one of an alert and a report in connection with the identity-theft information.
  - 8. The method of claim 1, wherein the identity-theft information comprises information related to new sources of compromised PII.
  - 9. The method of claim 1, wherein the stored identity-theft nomenclature comprises words that are determined to be suggestive of identity-theft information.
  - 10. The method of claim 1, comprising ranking entries within the stored identity-theft nomenclature according to a relative significance of compromised PII that is gleaned thereby.
  - 11. The method of claim 10, wherein the ranking comprises ranking the stored identity-theft nomenclature according to a quality of compromised PII that is gleaned thereby.
  - 12. The method of claim 10, wherein the ranking comprises ranking the stored identity-theft nomenclature according to a quantity of compromised PII that is gleaned thereby.
  - 13. The method of claim 10, wherein the generating comprises generating the search-engine query from highly-ranked entries from the stored identity-theft nomenclature.
  - 14. The method of claim 1, wherein the at least one new computer-network resource is a chat room.
  - 15. The method of claim 14, wherein the collecting comprises distinguishing spam postings from other dialog.
  - 16. The method of claim 14, wherein the collecting comprises logging chat dialog into a chat log database.
  - 17. The method of claim 16, wherein the processing comprises discovering new chat rooms, the discovering comprising analyzing chat dialogs stored in the chat log database.
  - 18. The method of claim 17, wherein the discovering comprises analyzing a frequency of the stored identity-theft nomenclature in the chat dialogs.
  - 19. The method of claim 18, wherein the discovering comprises determining how often particular chat rooms are referenced in a given chat dialog from the chat log database.
  - 20. The method of claim 19, wherein the discovering comprises, responsive to references to a given chat room exceeding a threshold, recording the given chat room for future crawling.
  - 21. The method of claim 1, wherein the identity-theft information identifies at least one of a chat network and a chat room that is determined likely to relate to identity theft.
  - 22. The method of claim 1, wherein the identity-theft information comprises a uniform resource locator (URL) to a website that is determined likely to relate to identity theft.
  - 23. The method of claim 1, wherein the identity-theft nomenclature comprises non-English words.

24. A computer-program product comprising a non-transitory computer-usable medium having computer-readable program code embodied therein, the computer-readable program code adapted to be executed to implement a method comprising:
- accessing stored identity-theft nomenclature;
  
  wherein the stored identity-theft nomenclature comprises a changing set of words and phrases determined to be suggestive of at least one of;
  
  identity theft; and
  
  exchange of identity-theft information;
  
  generating a search-engine query from the stored identity-theft nomenclature;
  
  querying at least one search engine via the search-engine query;
  
  identifying at least one new computer-network resource responsive to the querying;
  
  crawling the at least one new computer-network resource;
  
  collecting identity-theft information from the at least one new computer-network resource;
  
  processing the identity-theft information for compromised personally-identifying information (PII); and
  
  wherein the processing comprises;
  
  analyzing the identity-theft information for new identity-theft nomenclature; and
  
  storing any new identity-theft nomenclature with the stored identity-theft nomenclature.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Csidentity Corporation (Experian plc)
Original Assignee
Csidentity Corporation (Experian plc)
Inventors
Gottschalk, Harold E. Jr., Caldwell, Michael, Carleton, Joel
Primary Examiner(s)
Jacob, Ajith

Application Number

US13/398,471
Publication Number

US 20120215758A1
Time in Patent Office

1,426 Days
Field of Search

707/687
US Class Current

1/1
CPC Class Codes

G06F 16/9535   Search customisation based ...

G06F 21/6245   Protecting personal data, e...

G06Q 50/265   Personal security, identity...

H04L 63/1441   Countermeasures against mal...

System and methods for identifying compromised personally identifiable information on the internet

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

490 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

System and methods for identifying compromised personally identifiable information on the internet

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

490 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links