THREAT DETECTION PLATFORMS FOR DETECTING, CHARACTERIZING, AND REMEDIATING EMAIL-BASED THREATS IN REAL TIME

A message addressed to a user is received. A first model is applied to the message to produce a first output indicative of whether the message is representative of a non-malicious message. The first model is trained using past messages that have been verified as non-malicious messages. It is determi...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Hauptverfasser:	LEE, Yu, Zhou, YEH, Cheng-Lin, LAU, Kevin, LIAO, Sanny Xiao Yang, JEYAKUMAR, Sanjay, BRATMAN, Jeshua, KAO, Jeremy, GASPERI, Carlos, Daniel, CHECHIK, Dmitry, REISER, Evan, BAGRI, Abhijit, JIANG, Kai, Jing, TAN, Su, Li Debbie
Format:	Patent
Sprache:	eng ; fre ; ger
Schlagworte:	CALCULATING COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS COMPUTING COUNTING ELECTRIC COMMUNICATION TECHNIQUE ELECTRIC DIGITAL DATA PROCESSING ELECTRICITY PHYSICS TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:	Volltext bestellen
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

Beschreibung
Zusammenfassung:	A message addressed to a user is received. A first model is applied to the message to produce a first output indicative of whether the message is representative of a non-malicious message. The first model is trained using past messages that have been verified as non-malicious messages. It is determined, based on the first output, that the message is potentially a malicious message. Responsive to determining that the message is potentially a malicious email based on the first output, apply a second model to the message to produce a second output indicative of whether the message is representative of a given type of attack. The second model is one of a plurality of models. At least one model included in the plurality of models is associated with characterizing a goal of the malicious message. An action is performed with respect to the message based on the second output.