| 发明名称 | Systems and methods for detecting malicious browser-based scripts | ||
| 摘要 | A computer-implemented method for detecting malicious browser-based scripts may include (1) identifying an attempt by a web browser to access sensitive information stored on a server, (2) identifying a web browser script installed in the web browser, (3) calculating a signature hash for the web browser script, (4) querying, using the signature hash, a browser script signature database that associates web browser script signature hashes with script security indicators, (5) receiving, in response to querying the browser script signature database, a script security indicator associated with the signature hash, and (6) applying, based on the script security indicator associated with the web browser script, a script security policy associated with the web browser script. Various other methods, systems, and computer-readable media are also disclosed. | ||
| 申请公布号 | US9178904(B1) | 申请公布日期 | 2015.11.03 |
| 申请号 | US201314024604 | 申请日期 | 2013.09.11 |
| 申请人 | Symantec Corporation | 发明人 | Gangadharan Haridharan Nattamai;Casaburi Jim |
| 分类号 | G06F17/00;H04L29/06 | 主分类号 | G06F17/00 |
| 代理机构 | ALG Intellectual Property, LLC | 代理人 | ALG Intellectual Property, LLC |
| 主权项 | 1. A computer-implemented method for detecting malicious browser-based scripts, the method comprising: identifying an attempt by a web browser to access sensitive information stored on a server; locating a web browser script installed in the web browser by inspecting Document Object Model nodes in the web browser prior to determining whether to allow the web browser to access the sensitive information; calculating a signature hash for the web browser script; querying, using the signature hash, a browser script signature database that associates web browser script signature hashes with script security indicators; receiving, in response to querying the browser script signature database, a script security indicator associated with the signature hash, the script security indicator indicating whether the web browser script is identified, within the browser script signature database, as a security threat; applying, based on the script security indicator that indicates whether the web browser script is identified as a security threat, a script security policy associated with the web browser script, the script security policy indicating whether to allow the web browser to access the sensitive information stored on the server; wherein a computing device comprising at least one processor performs the method. | ||
| 地址 | Mountain View CA US | ||