US 12,267,360 B2
URL pattern-based risk scoring and anomaly detection
Pratul Mathur, Bengaluru (IN); Siavash James Joorabchian Hawkins, Canterbury (GB); and Rohan Sartho, Bengaluru (IN)
Assigned to Omnissa, LLC, Mountain View, CA (US)
Filed by Omnissa, LLC, Mountain View, CA (US)
Filed on Jun. 2, 2022, as Appl. No. 17/830,853.
Prior Publication US 2023/0396649 A1, Dec. 7, 2023
Int. Cl. H04L 9/40 (2022.01); G06F 16/955 (2019.01); G06F 21/55 (2013.01)
CPC H04L 63/1483 (2013.01) [G06F 16/955 (2019.01); H04L 63/20 (2013.01); G06F 21/552 (2013.01)] 17 Claims
OG exemplary drawing
 
1. A method for enforcing security policies on a user's device based on Uniform Resource Locator (URL) pattern-based risk scoring and anomaly detection, the method comprising:
receiving a first reference set of URL patterns that includes a URL risk score for each URL pattern in the first reference set;
comparing entries in a browsing history of the user, to the URL patterns in the first reference set, wherein some of the entries in the browsing history do not match any of the URL patterns in the first reference set;
calculating a browsing risk score for the user's browsing behavior, the browsing risk score being calculated based on the comparison of the entries in the browsing history to the URL patterns in the first reference set, wherein calculating the browsing risk score comprises applying a predetermined default URL risk score to the entries in the browsing history that do not match any of the URL patterns in the first reference set;
comparing the browsing risk score to a first predetermined threshold; and
in an instance where the browsing risk score exceeds the first predetermined threshold, enforcing a first security policy at the user's device.