| 摘要 |
The disclosed computer-implemented method for determining malicious-download risk based on user behavior may include (1) identifying a set of users that are at high risk for malicious downloads and a set of users that are at low risk for malicious downloads, (2) determining a high-risk pattern of download behavior that is shared by the set of high-risk users and that is not shared by the set of low- risk users, (3) analyzing download behavior of an uncategorized user over a predefined time period in order to categorize the download behavior as high-risk or low-risk, and (4) categorizing the uncategorized user as a high-risk user in response to determining that the download behavior of the uncategorized user falls within a predefined similarity threshold of the high-risk pattern of download behavior. A corresponding system and computer-readable media are also disclosed. |
