US 12,192,233 B2
Systems and methods for phishing attack protection based on identity provider verification
Manbinder Pal Singh, Coral Springs, FL (US)
Assigned to Citrix Systems, Inc., Ft. Lauderdale, FL (US)
Filed by Citrix Systems, Inc., Ft. Lauderdale, FL (US)
Filed on Apr. 15, 2021, as Appl. No. 17/231,618.
Prior Publication US 2022/0337625 A1, Oct. 20, 2022
Int. Cl. H04L 29/06 (2006.01); G06N 3/04 (2023.01); G06N 3/08 (2023.01); H04L 9/40 (2022.01)
CPC H04L 63/1483 (2013.01) [G06N 3/04 (2013.01); G06N 3/08 (2013.01)] 12 Claims
OG exemplary drawing
 
1. A computer system comprising:
a memory; and
at least one processor coupled to the memory and configured to:
train a neural network, the training including:
navigating to an identity provider (IdP) web page based on a domain name associated with the IdP web page;
capturing an image of the IdP web page;
generating variations of the image of the IdP web page by modifying attributes of the image of the IdP, the attributes including one or more of a background color, logos, fonts, dimensions, languages, words, or phrases; and
employing the variations to train the neural network;
capture an image of a browser web page;
identify a domain name associated with the browser web page;
employ the neural network to determine an image match where the captured image matches the image of the IdP web page; and
detect a phishing attempt in response to the determination of the image match, if the domain name associated with the browser web page differs from the domain name associated with the IdP web page.