| CPC H04L 63/1416 (2013.01) [G06F 16/951 (2019.01); H04L 63/1425 (2013.01)] | 18 Claims |
|
1. A computer-implemented method comprising:
receiving a seed resource identifier;
determining a related resource identifier associated with the seed resource identifier;
evaluating the related resource identifier to determine a classification of the related resource identifier, evaluating the related resource identifier comprising:
determining a third resource identifier associated with the related resource identifier, wherein determining the third resource identifier comprises scanning a related resource corresponding to the related resource identifier to determine a resource made available via the related resource identifier in a webpage corresponding to the related resource identifier; and
processing the third resource identifier with a machine learning model to classify the third resource identifier according to a classification representing a predicted level of threat, the machine learning model trained to classify resource identifiers into a plurality of classifications, the plurality of classifications comprising:
a first category for safe resource identifiers; and
a plurality of additional categories, the plurality of additional categories representing different levels of threat;
classifying the related resource identifier based on a classification of the third resource identifier; and
executing a corrective action based on the classification of the related resource identifier, wherein executing the corrective action comprises modifying at least one of a permission or a privilege level.
|