| CPC G06F 21/84 (2013.01) [G06F 16/955 (2019.01); H04L 63/0823 (2013.01)] | 20 Claims |
|
1. A method for detecting an untrustworthy security certificate, comprising:
receiving a log entry from a certificate transparency log, wherein the log entry describes a security certificate associated with a certificate authority;
rendering a domain name listed in the log entry in a font to generate an image of the domain name, wherein the font is associated with a browser address bar;
providing an input to an optical character recognition model comprising the image of the domain name and an identification of the font;
generating, by the optical character recognition model, a text string version of the domain name from the input;
determining that the text string version of the domain name matches an instance of brand data in the brand data store by performing a comparison between the text string version and brand data in a brand data store;
determining that the security certificate is not associated with the brand name by determining that the certificate authority associated with the security certificate is different than a second certificate authority associated with other certificates associated with the brand name; and
in response to said determining, adding the security certificate to a list of un-trusted security certificates.
|