System and methods for identifying compromised personally identifiable information on the internet

US 9,710,868 B2
Filed: 11/02/2016
Issued: 07/18/2017
Est. Priority Date: 02/18/2011
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

generating, by a computer system, a search-engine query from stored identity-theft nomenclature;

querying, by the computer system, at least one search engine via the search-engine query;

crawling, by the computer system, at least one computer-network resource identified via the querying;

collecting, by the computer system, identity-theft information from the at least one computer-network resource;

wherein the at least one computer-network resource comprises a chat room;

wherein the collecting comprises logging chat dialog from the chat room into a chat log database; and

processing, by the computer system, the identity-theft information for compromised personally-identifying information (PII), wherein the processing comprises discovering new chat rooms based, at least in part, on an analysis of chat dialogs in the chat log database and storing the compromised PII.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one embodiment, a method includes generating, by a computer system, a search-engine query from stored identity-theft nomenclature. The method also includes querying, by the computer system, at least one search engine via the search-engine query. Further, the method includes crawling, by the computer system, at least one computer-network resource identified via the querying. In addition, the method includes collecting, by the computer system, identity-theft information from the at least one computer-network resource. Additionally, the method includes processing, by the computer system, the identity-theft information for compromised personally-identifying information (PII).

470 Citations

17 Claims

1. A method comprising:
- generating, by a computer system, a search-engine query from stored identity-theft nomenclature;
  
  querying, by the computer system, at least one search engine via the search-engine query;
  
  crawling, by the computer system, at least one computer-network resource identified via the querying;
  
  collecting, by the computer system, identity-theft information from the at least one computer-network resource;
  
  wherein the at least one computer-network resource comprises a chat room;
  
  wherein the collecting comprises logging chat dialog from the chat room into a chat log database; and
  
  processing, by the computer system, the identity-theft information for compromised personally-identifying information (PII), wherein the processing comprises discovering new chat rooms based, at least in part, on an analysis of chat dialogs in the chat log database and storing the compromised PII.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The method of claim 1, wherein the collecting comprises scanning the at least one computer network resource for at least a portion of the stored identity-theft nomenclature.
  - 3. The method of claim 1, wherein the processing comprises extracting the compromised PII from the identity-theft information, the extracting comprising recognizing at least one PII format.
  - 4. The method of claim 3, wherein the recognized at least one PII format is selected from the group consisting of:
    - token-separated data, one or more columns of data lacking column headers, multi-line labeled data, and magnetic-stripe data.
  - 5. The method of claim 1, wherein the processing comprises validating the at least one computer-network resource, the validating comprising determining whether the at least one computer-network resource is a likely source of false positives for compromised PII.
  - 6. The method of claim 1, wherein the processing comprises normalizing the identity-theft information, the normalizing comprising storing the identity-theft information according to a standardized format.
  - 7. The method of claim 1, comprising creating and delivering at least one of an alert and a report in connection with the identity-theft information.
  - 8. The method of claim 1, wherein the identity-theft information comprises information related to new sources of compromised PII.
  - 9. The method of claim 1, wherein the stored identity-theft nomenclature comprises words that are determined to be suggestive of identity-theft information.
  - 10. The method of claim 1, wherein the processing comprises:
    - analyzing the identity-theft information for new identity-theft nomenclature; and
      
      storing any new identity-theft nomenclature with the stored identity-theft nomenclature.
  - 11. The method of claim 1, comprising ranking entries within the stored identity-theft nomenclature according to a relative significance of compromised PII that is gleaned thereby.
  - 12. The method of claim 11, wherein the ranking comprises ranking the stored identity-theft nomenclature according to a quality of compromised PII that is gleaned thereby.
  - 13. The method of claim 11, wherein the ranking comprises ranking the stored identity-theft nomenclature according to a quantity of compromised PII that is gleaned thereby.
  - 14. The method of claim 11, wherein the generating comprises generating the search-engine query from highly-ranked entries from the stored identity-theft nomenclature.
  - 15. The method of claim 1, wherein the collecting comprises distinguishing spam postings from other dialog.
  - 16. The method of claim 1, wherein the discovering comprises analyzing a frequency of the stored identity-theft nomenclature in the chat dialogs.

17. A computer-program product comprising a non-transitory computer-readable storage medium having computer-readable program code embodied therein, the computer-readable program code adapted to be executed to implement a method comprising:
- generating a search-engine query from stored identity-theft nomenclature;
  
  querying at least one search engine via the search-engine query;
  
  crawling at least one computer-network resource identified via the querying;
  
  collecting identity-theft information from the at least one computer-network resource; and
  
  wherein the at least one computer-network resource comprises a chat room;
  
  wherein the collecting comprises logging chat dialog from the chat room into a chat log database; and
  
  processing the identity-theft information for compromised personally-identifying information (PII), wherein the processing comprises discovering new chat rooms based, at least in part, on an analysis of chat dialogs in the chat log database and storing the compromised PII.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Csidentity Corporation (Experian plc)
Original Assignee
Csidentity Corporation (Experian plc)
Inventors
Gottschalk, Jr., Harold E., Caldwell, Michael, Carleton, Joel
Primary Examiner(s)
Jacob, Ajith

Application Number

US15/341,096
Publication Number

US 20170053369A1
Time in Patent Office

258 Days
Field of Search
US Class Current
CPC Class Codes

G06F 16/9535   Search customisation based ...

G06F 21/6245   Protecting personal data, e...

G06Q 50/265   Personal security, identity...

H04L 63/1441   Countermeasures against mal...

System and methods for identifying compromised personally identifiable information on the internet

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

470 Citations

17 Claims

Specification

Use Cases

Quick Links

Others

System and methods for identifying compromised personally identifiable information on the internet

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

470 Citations

17 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others