| CPC H04L 63/1433 (2013.01) [G06F 40/30 (2020.01); H04L 63/0236 (2013.01); H04L 63/1441 (2013.01); H04L 63/145 (2013.01)] | 20 Claims |
|
1. A computerized method, comprising:
obtaining an electronic message;
performing a cyberthreat detection process on the electronic message, wherein the cyberthreat detection process includes:
parsing the electronic message into components including header information and body and subject line information,
a first sub-analysis of the body and subject line information including:
deploying a probabilistic generative model resulting in determination of a likelihood that the electronic message is directed to one of a predefined set of topics,
when the likelihood that the electronic message is directed to one of the predefined set of topics meets or exceeds a first threshold, deploying one or more artificial intelligence models to determine or classify a semantics of the email body or subject, and
when the likelihood that the electronic message is directed to one of the predefined set of topics is less than the first threshold, ending the first sub-analysis without determining or classifying the semantics of the email body or subject,
a second sub-analysis of the header information including:
performing a heuristic analysis of the header information resulting in first semantics of the header information, and
performing a name entity recognition analysis of the header information resulting in second semantics of the header information, and
performing a determination operation by either a relationship compiler or a neural network resulting in a maliciousness determination as to whether the electronic message is malicious or benign; and
generating a graphical user interface display that provides the maliciousness determination indicating whether the electronic message has been classified as malicious or benign.
|