	US 11,916,946 B2
	Systems and methods for network traffic analysis
Lachlan A. Maxwell, Ashburn, VA (US); and Donald J. McQueen, Leesburg, VA (US)
Assigned to Yahoo Ad Tech LLC, New York, NY (US)
Filed by Yahoo Ad Tech LLC, New York, NY (US)
Filed on Mar. 21, 2022, as Appl. No. 17/655,640.
Application 17/655,640 is a continuation of application No. 16/995,347, filed on Aug. 17, 2020, granted, now 11,310,255.
Application 16/995,347 is a continuation of application No. 16/205,919, filed on Nov. 30, 2018, granted, now 10,778,711, issued on Sep. 15, 2020.
Application 16/205,919 is a continuation of application No. 15/590,303, filed on May 9, 2017, granted, now 10,178,117, issued on Jan. 8, 2019.
Prior Publication US 2022/0210175 A1, Jun. 30, 2022
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); H04W 12/63 (2021.01)

CPC H04L 63/1425 (2013.01) [H04L 63/14 (2013.01); H04L 63/1408 (2013.01); H04L 63/1416 (2013.01); H04L 63/1441 (2013.01); H04W 12/63 (2021.01)]

20 Claims

1. A computer-implemented method for identifying malicious visitors associated with a website, comprising:

receiving website traffic data comprising a plurality of variables associated with one or more actions of a plurality of visitors;

generating a plurality of combinations of at least two variables of the plurality of variables;

clustering each of the plurality of combinations into groups; and

determining, based on the clustering of the plurality of combinations, whether the plurality of visitors are malicious visitors is associated with the website.