公开(公告)号：US09521133B2

公开(公告)日：2016-12-13

申请号：US14692149

申请日：2015-04-21

申请人： Bei-Tseng Chu ,  Joe Portner ,  Joel Kerr ,  Ehab Al-Shaer

发明人： Bei-Tseng Chu ,  Joe Portner ,  Joel Kerr ,  Ehab Al-Shaer

IPC分类号： H04L29/06 ,  H04L29/08 ,  G06F21/12 ,  G06F21/56 ,  G06F21/57 ,  G06F21/51

CPC分类号： H04L63/08 ,  G06F21/128 ,  G06F21/51 ,  G06F21/566 ,  G06F21/567 ,  G06F21/577 ,  G06F2221/2115 ,  G06F2221/2119 ,  H04L63/1441 ,  H04L63/1483 ,  H04L63/168 ,  H04L67/02 ,  H04L67/10 ,  H04L67/1002 ,  H04L67/1004 ,  H04L67/1029 ,  H04L67/1031

摘要： A method, in a server, implementing a moving target defense against cross-site scripting includes receiving a request for a web page, wherein the server has N versions of the web page each with a mutated version of JavaScript; selecting a web page of the N versions; and sending an indication of the mutated version of JavaScript associated with the web page in response to the request. Another method, in a client device, using a moving target defense against cross-site scripting includes requesting a web page; receiving an indication of a mutated version of JavaScript for the web page; and adjusting a JavaScript interpreter based on the mutated version of JavaScript for the web page.

公开(公告)号：US09154492B2

公开(公告)日：2015-10-06

申请号：US14497562

申请日：2014-09-26

申请人： Bei-Tseng Chu ,  Joe Portner ,  Joel Kerr ,  Ehab Al-Shaer

发明人： Bei-Tseng Chu ,  Joe Portner ,  Joel Kerr ,  Ehab Al-Shaer

IPC分类号： H04L29/06 ,  H04L29/08 ,  G06F21/12 ,  G06F21/51

CPC分类号： H04L63/08 ,  G06F21/128 ,  G06F21/51 ,  G06F21/566 ,  G06F21/567 ,  G06F21/577 ,  G06F2221/2115 ,  G06F2221/2119 ,  H04L63/1441 ,  H04L63/1483 ,  H04L63/168 ,  H04L67/02 ,  H04L67/10 ,  H04L67/1002 ,  H04L67/1004 ,  H04L67/1029 ,  H04L67/1031

摘要： A method, in a server, implementing a moving target defense against cross-site scripting includes receiving a request for a web page, wherein the server has N versions of the web page each with a mutated version of JavaScript; selecting a web page of the N versions; and sending an indication of the mutated version of JavaScript associated with the web page in response to the request. Another method, in a client device, using a moving target defense against cross-site scripting includes requesting a web page; receiving an indication of a mutated version of JavaScript for the web page; and adjusting a JavaScript interpreter based on the mutated version of JavaScript for the web page.

摘要翻译： 在服务器中实现针对跨站点脚本的移动目标防御的方法包括接收对网页的请求，其中服务器具有网页的N个版本，每个版本具有变体版本的JavaScript; 选择N个版本的网页; 以及响应于所述请求发送与所述网页相关联的所述JavaScript的突变版本的指示。 在客户端设备中使用针对跨站点脚本的移动目标防御的另一种方法包括请求网页; 接收针对该网页的变异版本的JavaScript的指示; 并根据网页的变体版本的JavaScript调整JavaScript解释器。

公开(公告)号：US10284580B2

公开(公告)日：2019-05-07

申请号：US15586967

申请日：2017-05-04

申请人： Ehab Al-Shaer ,  Qi Duan

发明人： Ehab Al-Shaer ,  Qi Duan

IPC分类号： H04L29/06 ,  H04L29/08

摘要： Methods and systems for detecting and defeating a low and slow application DDoS attack, comprising: computing the Entropy of a plurality of detectors, at least in part selected from a group Geo detector, a group response size detector, a group preference detector, and an individual client behavior detector, wherein the plurality of detectors each describe a feature of traffic affected by the DDoS attack; composing the plurality of detectors on one or more of a Receiver Operating Characteristic (ROC) curve basis and a correlation basis; and implementing a countermeasure to mitigate the DDoS attack.