| 主权项 |
1. A computer-implemented method, comprising:
collecting information in connection with a domain, wherein the information relates to access to a web site by at least one communication; based on the collected information, generating a profile comprising at least one metric associated with the domain, wherein the profile comprises a domain profile relating to the website that includes count and/or frequency data aggregated over at least one time period; and based on the generated profile, determining a riskiness in connection with the domain; wherein determining the riskiness in connection with the domain, comprises:
performing an anomaly detection operation to gauge difference between the generated profile and normal domain behaviour;performing a pattern matching operation to gauge difference between the generated profile and abnormal domain behaviour;the riskiness being based at least in part on (i) the gauged difference between the generated profile and the normal domain behaviour and (ii) the gauged difference between the generated profile and the abnormal domain behaviour. |
