×

System and method for detection of phishing scripts

  • US 9,497,218 B1
  • Filed: 03/07/2016
  • Issued: 11/15/2016
  • Est. Priority Date: 09/30/2015
  • Status: Active Grant
First Claim
Patent Images

1. A method for detection of phishing scripts, the method comprising:

  • identifying, by a processor, in a script, commands responsible for functions of writing of data to disk, working with objects of file system and execution of programs;

    grouping, by processor, the identified script commands into a plurality of functional groups;

    generating, by the processor, a bytecode for each functional group;

    computing, by the processor, a hash sum of the generated bytecode;

    determining, by the processor, a degree of similarity between the hash sum of the bytecode and hash sums in one or more groups of hash sums of known phishing scripts;

    identifying, by the processor, at least one group of hash sums that contains a hash sum whose degree of similarity with the hash sum of the bytecode is within a threshold;

    determining, by the processor, a coefficient of compactness of the identified group of hash sums and a coefficient of trust of the identified group of hash sums; and

    determining, by the processor, whether the script is a phishing script based on the degree of similarity, the coefficient of compactness and the coefficient of trust.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×