-
公开(公告)号:US09405910B2
公开(公告)日:2016-08-02
申请号:US14293895
申请日:2014-06-02
申请人: Shape Security, Inc.
发明人: Ariya Hidayat , Bei Zhang
IPC分类号: G06F21/57
CPC分类号: G06F21/563 , G06F21/566 , G06F21/57 , G06F2221/033 , H04L63/1441 , H04L67/42
摘要: The automated, real-time detection of specific blocks of code within a larger body of source code is described. Specific implementations relate to the detection of known code libraries in web page code to improve the efficiency of the generation of polymorphic transformations of the web page code for the purpose of impeding automated cyber-attacks.
摘要翻译: 描述了在更大体积的源代码中的特定的代码块的自动化的实时检测。 具体实现涉及检测网页代码中的已知代码库,以提高为阻止自动网络攻击的目的而产生网页代码的多态转换的效率。
-
公开(公告)号:US09225737B2
公开(公告)日:2015-12-29
申请号:US14055576
申请日:2013-10-16
申请人: Shape Security, Inc.
CPC分类号: H04L63/1416 , G06F21/128 , G06F21/54 , G06F21/552 , H04L63/1425 , H04L63/145 , H04L63/1466 , H04L63/1483 , H04L67/02
摘要: A computer-implemented method for identifying abnormal computer behavior includes receiving, at a computer server subsystem, data that characterizes subsets of particular document object models for web pages rendered by particular client computers; identifying clusters from the data that characterize the subsets of the particular document object models; and using the clusters to identify alien content on the particular client computers, wherein the alien content comprises content in the document object models that is not the result of content that is the basis of the document object model served.
摘要翻译: 用于识别异常计算机行为的计算机实现的方法包括在计算机服务器子系统处接收表征由特定客户端计算机呈现的网页的特定文档对象模型的子集的数据的数据; 从表征特定文档对象模型的子集的数据中识别聚类; 以及使用所述集群来识别所述特定客户端计算机上的外来内容,其中所述外来内容包括所述文档对象模型中的不是作为所提供的文档对象模型的基础的内容的结果的内容。
-
公开(公告)号:US20150350213A1
公开(公告)日:2015-12-03
申请号:US14290805
申请日:2014-05-29
申请人: Shape Security, Inc.
CPC分类号: H04L63/1491 , G06F21/50 , G06F21/6218 , G06F2221/2119 , G06F2221/2123 , H04L63/06 , H04L63/10 , H04L63/1416 , H04L63/168 , H04L67/02
摘要: In an embodiment, a method comprises intercepting, using a server computer, a first set of instructions that define a user interface and a plurality of links, wherein each link in the plurality of links is associated with a target page, and the plurality of links includes a first link; determining that the first link, which references a first target page, is protected; in response to determining the first link is protected: generating a first protected link that is different than the first link and includes first data that authenticates a first request that has been generated based on the first protected link and that references the first target page; and generating a first decoy link that includes second data that references a first decoy page and not the first target page; rendering a second set of instructions comprising the first protected link and the first decoy link, but not the first link, and which is configured to cause a first client computer to present the first protected link in the user interface and hide the first decoy link from the user interface; sending the second set of instructions to the first client computer.
摘要翻译: 在一个实施例中,一种方法包括使用服务器计算机拦截定义用户界面和多个链接的第一组指令,其中所述多个链接中的每个链接与目标页面相关联,并且所述多个链接 包括第一个链接; 确定引用第一目标页面的第一链接被保护; 响应于确定所述第一链路被保护:生成与所述第一链路不同的第一受保护链路,并且包括基于所述第一受保护链路认证已经生成的并且引用所述第一目标页面的第一请求的第一数据; 以及生成包括引用第一诱饵页而不是所述第一目标页的第二数据的第一诱饵链接; 呈现包括所述第一受保护链路和所述第一诱饵链路而不是所述第一链路的第二组指令,并且被配置为使得第一客户端计算机在所述用户界面中呈现所述第一受保护链路并隐藏所述第一诱饵链接 用户界面; 将第二组指令发送到第一客户端计算机。
-
公开(公告)号:US20150339479A1
公开(公告)日:2015-11-26
申请号:US14286733
申请日:2014-05-23
申请人: Shape Security Inc.
发明人: Xinran Wang , Yao Zhao
IPC分类号: G06F21/55
CPC分类号: H04L63/1475 , G06F17/2247 , G06F17/243 , G06F21/14 , G06F21/556 , G06F21/6263 , H04L63/0281 , H04L63/0428 , H04L63/14 , H04L2463/144
摘要: A computer-implemented method includes identifying, in web code to be served to a client, presence of code for generating a form; generating additional, executable code to be run on the client device, the additional, executable code being arranged to identify user input on the client device and modify the form so that data from the user input is received into one or more alternative fields of the form other than a first field to which a user performing the input directed the input; receiving a request from the client device based on completion of input into the form; and converting data from the received request so that data for the one or more alternative fields of the form is directed to the first field of the form for processing by a web server system that initially generated the web code.
摘要翻译: 计算机实现的方法包括在要提供给客户端的web代码中识别用于生成表单的代码的存在; 生成要在所述客户端设备上运行的附加的可执行代码,所述附加的可执行代码被布置为识别所述客户端设备上的用户输入并修改所述表单,使得来自所述用户输入的数据被接收到所述表单的一个或多个替代字段中 除了用户对其进行输入的第一字段之外; 基于完成对该表单的输入,从客户端设备接收请求; 以及从接收到的请求转换数据,使得用于表单的一个或多个替代字段的数据被引导到形式的第一字段,以由最初生成web代码的web服务器系统进行处理。
-
公开(公告)号:US09003511B1
公开(公告)日:2015-04-07
申请号:US14338207
申请日:2014-07-22
申请人: Shape Security, Inc.
发明人: Siying Yang
CPC分类号: H04L63/20 , G06F21/55 , H04L63/0227 , H04L63/0263 , H04L63/1416 , H04L63/1441
摘要: In one embodiment, a method of improving the security of a computing device comprises using a computing device that has received one or more messages that have been determined as unauthorized, obtaining a plurality of state data values from one or more of the computing device, the one or more messages, and a second computer; before admitting the one or more messages to a data communications network that the computing device is configured to protect: using the computing device and pseudo-random selection logic, based on the state data values, pseudo-randomly selecting a particular policy action from among a plurality of different stored policy actions; using the computing device, acting upon the one or more messages using the particular policy action; wherein the method is performed using one or more computing devices.
摘要翻译: 在一个实施例中,一种改进计算设备的安全性的方法包括使用已经接收到已被确定为未授权的一个或多个消息的计算设备,从计算设备中的一个或多个获得多个状态数据值, 一个或多个消息和第二计算机; 在将所述一个或多个消息接受到数据通信网络之前,所述计算设备被配置为保护:使用所述计算设备和伪随机选择逻辑,基于所述状态数据值,伪随机地选择特定策略动作 多个不同的存储策略动作; 使用所述计算设备,使用所述特定策略动作来执行所述一个或多个消息; 其中所述方法使用一个或多个计算设备执行。
-
36.发明授权Client/server security by an intermediary rendering modified in-memory objects 有权客户端/服务器的安全性由中间层渲染修改的内存中对象公开(公告)号:US08892687B1
公开(公告)日:2014-11-18
申请号:US14175923
申请日:2014-02-07
申请人: Shape Security, Inc.
发明人: Justin Call
CPC分类号: H04L63/04 , G06F9/45529 , H04L29/06972 , H04L63/0281 , H04L63/1466 , H04L67/42
摘要: In an embodiment, a method comprises intercepting, from a server computer, a first set of instructions that define one or more objects and one or more operations that are based, at least in part, on the one or more objects; generating, in memory, one or more data structures that correspond to the one or more objects; performing the one or more operations on the one or more data structures; updating the one or more data structures, in response to performing the one or more operations, to produce one or more updated data structures; rendering a second set of instructions, which when executed by a remote client computer cause the remote client computer to generate the updated data structures in memory on the remote client computer, wherein the second set of instructions are different than the first set of instructions; sending the second set of instructions to the remote client computer.
摘要翻译: 在一个实施例中,一种方法包括从服务器计算机拦截定义一个或多个对象的第一组指令和至少部分地基于所述一个或多个对象的一个或多个操作; 在存储器中产生对应于所述一个或多个对象的一个或多个数据结构; 对所述一个或多个数据结构执行所述一个或多个操作; 响应于执行所述一个或多个操作来更新所述一个或多个数据结构以产生一个或多个更新的数据结构; 呈现第二组指令,当由远程客户端计算机执行时,远程客户端计算机在远程客户端计算机上的存储器中生成更新的数据结构,其中第二组指令与第一组指令不同; 将第二组指令发送到远程客户端计算机。
-
公开(公告)号:US20140283038A1
公开(公告)日:2014-09-18
申请号:US14055704
申请日:2013-10-16
申请人: Shape Security Inc.
IPC分类号: H04L29/06
CPC分类号: H04L63/1441 , G06F21/54 , G06F21/566 , H04L63/168 , H04L67/02 , H04L67/1002 , H04L2463/144
摘要: A computer-implemented method for deflecting abnormal computer interactions includes receiving, at a computer server system and from a client computer device that is remote from the computer server system, a request for web content; identifying, by computer analysis of mark-up code content that is responsive to the request, executable code that is separate from, but programmatically related to, the mark-up code content; generating groups of elements in the mark-up code content and the related executable code by determining that the elements within particular groups are programmatically related to each other; modifying elements within particular ones of the groups consistently so as to prevent third-party code written to interoperate with the elements from modifying from interoperating with the modified elements, while maintain an ability of the modified elements within each group to interoperate with each other; and recoding the mark-up code content and the executable code to include the modified elements.
摘要翻译: 用于偏转异常计算机交互的计算机实现的方法包括在计算机服务器系统和远离计算机服务器系统的客户端计算机设备接收对web内容的请求; 通过对响应于请求的标记代码内容的计算机分析来识别与标记代码内容分开但与编程有关的可执行代码; 通过确定特定组中的元素在程序上相互关联来生成标记代码内容中的元素组和相关的可执行代码; 一致地修改特定组中的元素,以防止编写的第三方代码与要修改的元素进行互操作,同时保持每个组内的修改元素彼此互操作的能力; 以及对所述标记代码内容和所述可执行代码重新编码以包括所述修改的元素。
-
公开(公告)号:US20140041030A1
公开(公告)日:2014-02-06
申请号:US14110659
申请日:2013-02-15
IPC分类号: G06F21/50
CPC分类号: G06F21/50 , G06F21/55 , G06F21/554 , G06F21/56 , G06F21/562 , G06F21/577 , H04L63/1425
摘要: A code finder system deployed as a software module, a web service or as part of a larger security system, identifies and processes well-formed code sequences. For a data flow that is expected to be free of executable or interpreted code, or free of one or more known styles of executable or interpreted code, the code finder system can protect participants in the communications network. Examples of payload carried by data flows that can be monitored include, but are not limited to, user input data provided as part of interacting with a web application, data files or entities, such as images or videos, and user input data provided as part of interacting with a desktop application.
摘要翻译: 部署为软件模块,Web服务或作为更大安全系统的一部分的代码查找器系统识别和处理格式良好的代码序列。 对于期望没有可执行或解释代码或没有一个或多个已知风格的可执行或解释代码的数据流,代码查找器系统可以保护通信网络中的参与者。 可以被监视的数据流携带的有效负载的例子包括但不限于作为与web应用程序交互的一部分提供的用户输入数据,诸如图像或视频的数据文件或实体,以及作为部分提供的用户输入数据 与桌面应用程序进行交互。
-
公开(公告)号:US11934931B2
公开(公告)日:2024-03-19
申请号:US16222974
申请日:2018-12-17
申请人: Shape Security, Inc.
发明人: Bei Zhang , Samir Shah , Kenton Miller
CPC分类号: G06N20/20 , G06F16/2246 , G06F16/245 , G06F16/285 , G06N5/045
摘要: In an embodiment, a computer-implemented method for training a decision tree using a database system, the decision tree comprising a plurality nodes, comprises, by one or more computing devices: storing in a database input data for training the decision tree, the input data comprising a plurality of feature values corresponding to a plurality of features; generating a particular node of the plurality of decision nodes by: selecting a subset of the plurality of features and a subset of the input data; using one or more queries to the database system, for each feature of the subset of the plurality of features, calculating an information gain associated with the feature based on the subset of the input data; identifying a particular feature of the subset of the plurality of features associated with the highest information gain; associating the particular node with the particular feature, wherein the particular node causes the decision tree to branch based on the particular feature.
-
公开(公告)号:US11329992B2
公开(公告)日:2022-05-10
申请号:US16654513
申请日:2019-10-16
申请人: Shape Security, Inc.
发明人: Mengmeng Chen , Sumit Agarwal , Yao Zhou
IPC分类号: H04L67/146 , H04L67/01 , H04L29/06
摘要: Techniques are provided for security measures for extended sessions. Request data for a request is received from a client computing device to a web server system. The request comprises a session identifier (ID) for a session between an authenticated user and the web server system. It is determined, based on the request data, that the client computing device is a single-user device. It is determined, based on the request data, that the client computing device is not compromised. In response to determining that the client computing device is a single-user device and that the client computing device is not compromised, extension of the session between the authenticated user on the client computing device and the web server system is caused.
-
-
-
-
-
-
-
-
-
搜索结果
154 条记录 (耗时 0.03 秒)
