| 摘要 |
The present disclosure relates to a method of identifying and counteracting Internet attacks, of Man-in-the-Browser and/or Man-in-the-Middle and/or Bot attack types, comprising the steps of: generating a request by a Web browser, concerning a Web application residing in a Web server; sending the request by the Web browser to a box server, which is in signal communication with the Web server; receiving a server DOM code by the box server, which code has been automatically generated by the Web server according to the request; sending a service page code by the box server to the Web browser, in response to the request, the service page code comprising an obfuscated and polymorphic javascript code and/or HTML code; receiving and processing the javascript code and/or HTML code, by the Web browser, to automatically generate an asynchronous request, such that environment data of the Web server may be transmitted to the box server; processing the environment data by the box server, to identify Internet attacks; performing an encryption function on the server DOM code by the box server to generate an obfuscated DOM code, and sending the obfuscated DOM code to the Web browser in response to the asynchronous request; performing a decryption function on the obfuscated DOM code by the service page code, to obtain the server DOM code; rendering the server DOM code by the Web browser. |
| 主权项 |
1. A method of identifying and counteracting Internet attacks, of Man-in-the-Browser and/or Man-in-the-Middle and/or Bot attack types, comprising:
generating a request by a Web browser, concerning a Web application residing in a Web server, sending said request by said Web browser to a box server, which is in signal communication with said Web server, receiving a server document object model (DOM) code by said box server, which code has been automatically generated by said Web server according to said request, sending a service page code by said box server to said Web browser, in response to said request, said service page code comprising an obfuscated and polymorphic javascript code and/or HTML code, receiving and processing said javascript code and/or HTML code, by said Web browser, to automatically generate an asynchronous request, wherein environment data of said Web server is transmitted to said box server, processing said environment data of said Web browser, by said box server, to identify Internet attacks of the Man-in-the-Browser and/or Man-in-the-Middle and/or Bot attack types, performing an encryption function on said server DOM code by said box server to generate an obfuscated DOM code, and sending said obfuscated DOM code to said Web browser in response to said asynchronous request, performing a decryption function on said obfuscated DOM code by said service page code, to obtain said server DOM code, and rendering said server DOM code by said Web browser. |
