Methods and systems for detecting man-in-the-browser attacks

Invention Grant

US08225401B2 Methods and systems for detecting man-in-the-browser attacks 有权

Title translation: 用于检测人员浏览器攻击的方法和系统

Please log in to see more content

Patent Title: Methods and systems for detecting man-in-the-browser attacks
Patent Title (中): 用于检测人员浏览器攻击的方法和系统
Application No.: US12338456

Application Date: 2008-12-18
Publication No.: US08225401B2

Publication Date: 2012-07-17
Inventor: William E. Sobel , Sourabh Satish
Applicant: William E. Sobel , Sourabh Satish
Applicant Address: US CA Mountain View
Assignee: Symantec Corporation
Current Assignee: Symantec Corporation
Current Assignee Address: US CA Mountain View
Agency: Advantedge Law Group
Main IPC: H04L29/06
IPC: H04L29/06 ; G06F11/00 ; G06F12/14 ; G06F12/16 ; G08B23/00 ; H04L9/32

Methods and systems for detecting man-in-the-browser attacks

Abstract:

A computer-implemented method for detecting man-in-the-browser attacks may include identifying a transaction fingerprint associated with a web site. The method may also include tracking a user's input to the web site. The user's input may be received through a web browser. The method may further include intercepting an outgoing submission to the web site. The method may additionally include determining whether, in light of the transaction fingerprint, the user's input generated the outgoing submission. Various other methods, systems, and computer-readable media are also disclosed.

Abstract(Chinese):

用于检测浏览人员浏览器攻击的计算机实现的方法可以包括识别与网站相关联的交易指纹。该方法还可以包括跟踪用户对网站的输入。可以通过网络浏览器接收用户的输入。该方法还可以包括拦截向网站的外发提交。该方法还可以包括根据交易指纹确定用户的输入是否产生了外发提交。还公开了各种其它方法，系统和计算机可读介质。

Public/Granted literature

US20100162393A1 Methods and Systems for Detecting Man-in-the-Browser Attacks Public/Granted day:2010-06-24

Information query

Espacenet