Invention Title:

LOCAL DETECTION OF FRAUDULENT WEBSITES USING LIGHTWEIGHT MACHINE LEARNING MODELS

Publication number:

US20250358315

Publication date:

2025-11-20

Section:

Electricity

Class:

H04L63/1483

Inventors:

Roberto Anthony Franco 🇺🇸 Seattle, WA, United States

Amritam SARCAR 🇺🇸 Sammamish, WA, United States

Andrew James RITZ 🇺🇸 Sammamish, WA, United States

Bharat KUMAR 🇺🇸 Kirkland, WA, United States

Michael Joseph ENS 🇺🇸 Redmond, WA, United States

Jeffrey Richard GOUR 🇺🇸 Seattle, WA, United States

Benjamin Jon BAMESBERGER 🇺🇸 Bellevue, WA, United States

Assignee:

Microsoft Technology Licensing, LLC 🇺🇸 Redmond, WA, United States

Applicant:

Microsoft Technology Licensing, LLC 🇺🇸 Redmond, WA, United States

Smart overview of the Invention

The invention introduces a system for detecting fraudulent websites using lightweight machine learning models directly on client devices. This approach allows real-time identification and response to fraudulent sites, enhancing user protection. By integrating the system into web browsers, it can promptly identify threats and collaborate with online systems to notify other devices and improve the detection model through shared data.

Background

Technological advancements have inadvertently facilitated sophisticated scams, such as fraudulent websites that quickly appear and disappear, making them difficult to detect. These sites can deceive users into divulging sensitive information, exploiting cloud infrastructure to evade detection by traditional systems. The need for improved detection methods is underscored by incidents where thousands of users were targeted before a scam was identified.

System Description

The system employs a local lightweight machine learning model to assess websites in real time. By capturing images of websites and analyzing them with a threat assessment model, the system generates threat scores to determine potential fraud. This local processing enhances efficiency and accuracy, allowing immediate action against threats without relying on slower remote systems.

Technical Advantages

Efficiency: The system uses lightweight models on client devices, reducing reliance on large remote models and enabling faster threat detection.
Accuracy: By analyzing screenshots of websites as seen by users, the system can detect cleverly disguised fraudulent elements that might be hidden in the website's backend.
Flexibility: Real-time local execution allows for immediate threat response, preventing attacks before they fully unfold.

Collaborative Protection

The system enhances protection by sharing detected threats with an online network, allowing other devices to preemptively block known fraudulent sites. This collaborative approach not only saves computational resources but also addresses the "Patient 0" problem by identifying threats before they affect multiple users. The integration of local and networked detection provides a robust defense against rapidly evolving online scams.