US 12,261,858 B2
Detecting and mitigating abusive network activity based on versioned browser usage
Cormac E. Herley, Bellevue, WA (US); Fang Tu, Shoreline, WA (US); and Jayadev Pillai, Bellevue, WA (US)
Assigned to MICROSOFT TECHNOLOGY LICENSING, LLC, Redmond, WA (US)
Filed by Microsoft Technology Licensing, LLC, Redmond, WA (US)
Filed on Jun. 28, 2022, as Appl. No. 17/852,267.
Prior Publication US 2023/0421580 A1, Dec. 28, 2023
Int. Cl. H04L 9/40 (2022.01)
CPC H04L 63/1416 (2013.01) [H04L 63/1425 (2013.01); H04L 63/1458 (2013.01); H04L 63/20 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method performed by a computing system for detecting and mitigating abusive network activity, the method comprising:
generating a past usage value for a legacy version of a web browser wherein the legacy version of the web browser is older than a current version of the web browser, wherein the past usage value represents benign network activity associated with active instances of the legacy version over a past time period, and wherein the past usage value corresponds to a portion of the past time period;
monitoring current network activity over a current time period;
determining a current usage value for the legacy version of the web browser over the current time period, the determined current usage value taking into account a determined lower bound on a fraction of benign network activity associated with the legacy version during the time period; and
performing a network action based at least on the current usage value deviating from the past usage value.