公开(公告)号：US20170013012A1

公开(公告)日：2017-01-12

申请号：US15202755

申请日：2016-07-06

申请人： Shape Security, Inc.

发明人： Marc R. Hansen

IPC分类号： H04L29/06

CPC分类号： H04L63/1441 ,  G06F21/31 ,  G06F2221/2103 ,  G06Q20/382 ,  H04L63/1408 ,  H04L67/42

摘要： This document describes, among other things, a computer-implemented method for improving the security of one or more computing systems. The method can include receiving, at a computing system, first code that defines at least a portion of an electronic resource that is to be served to a client computing device. The method can include generating code that defines a challenge to be solved by the client computing device, in which the code is arranged to cause the client computing device to determine values for one or more parameters that comprise a solution to the challenge, and the values for the one or more parameters that comprise the solution to the challenge may be required for the client computing device to make valid requests to initiate one or more web-based transactions. The computing system can determine whether particular values for the parameters comprise a valid solution to the challenge.

摘要翻译： 本文档尤其描述了一种用于提高一个或多个计算系统的安全性的计算机实现的方法。 该方法可以包括在计算系统处接收定义要被服务于电子资源的至少一部分的客户端计算设备的第一代码。 该方法可以包括生成代码，其定义要由客户端计算设备解决的挑战，其中代码被布置成使得客户端计算设备确定包括挑战的解决方案的一个或多个参数的值，并且值 对于构成挑战的解决方案的一个或多个参数可能需要客户端计算设备作出有效请求以启动一个或多个基于web的事务。 计算系统可以确定参数的特定值是否构成挑战的有效解决方案。

公开(公告)号：US09027142B1

公开(公告)日：2015-05-05

申请号：US14160126

申请日：2014-01-21

申请人： Shape Security Inc.

发明人： Justin D. Call ,  Marc R. Hansen ,  Xinran Wang ,  Sumit Agarwal ,  Bryan D. Hanks

IPC分类号： G06F21/00 ,  G06F21/60

CPC分类号： H04L63/1416 ,  G06F17/243 ,  G06F21/54 ,  G06F2221/032 ,  G06F2221/2123 ,  H04L67/42

摘要： A computer-implemented method involves identifying an initial element for serving by a web server system to a client device and recoding the element by creating a plurality of different elements that each represent a portion of the initial element. The different elements are then served in place of the initial element. A response is received form the client device and has portions that correspond to the different elements, and a combined response is created by combining the received portions in a manner that corresponds to a manner in which the initial element was recoded to create the plurality of different elements.

摘要翻译： 计算机实现的方法包括识别用于由web服务器系统服务到客户端设备的初始元素，并且通过创建多个不同的元素来对该元素进行重新编码，每个元素表示初始元素的一部分。 然后，不同的元素代替初始元素。 从客户端设备接收响应并且具有对应于不同元素的部分，并且通过以与重新编码初始元素的方式相对应的方式组合接收到的部分来创建组合响应，以创建多个不同的元素 元素。

公开(公告)号：US20180041527A1

公开(公告)日：2018-02-08

申请号：US15785309

申请日：2017-10-16

申请人： Shape Security, Inc.

发明人： Justin D. Call ,  Xiaohan Huang ,  Xiaoming Zhou ,  Subramanian Varadarajan ,  Marc R. Hansen

IPC分类号： H04L29/06 ,  G06F21/12 ,  G06F21/14 ,  G06F21/54 ,  G06F21/51

CPC分类号： H04L63/1416 ,  G06F21/128 ,  G06F21/14 ,  G06F21/51 ,  G06F21/54 ,  G06F21/563 ,  G06F21/566 ,  H04L63/0428 ,  H04L63/0471 ,  H04L63/123 ,  H04L63/1425 ,  H04L63/145 ,  H04L63/1483 ,  H04L67/42

摘要： Techniques are provided for using instrumentation code to detect bots or malware. Data corresponding to requests from a plurality of client devices for a web resource comprising web code is obtained. The web resource is hosted by a first web server system. For a first client device of the plurality of client devices, instrumentation code is served. The instrumentation code is configured to execute on the first client device to monitor execution of the web code of the web resource at the first client device. One or more responses generated by the instrumentation code at the first client device are received from the first client device. The one or more responses are based one or more interactions with the web code at the first client device.

公开(公告)号：US09825984B1

公开(公告)日：2017-11-21

申请号：US14470082

申请日：2014-08-27

申请人： Shape Security, Inc.

发明人： Roger S. Hoover ,  Marc R. Hansen ,  Justin D. Call

IPC分类号： H04L9/00 ,  G06F21/55 ,  G06F21/54 ,  H04L29/06

CPC分类号： H04L63/1441 ,  G06F21/54 ,  G06F21/554 ,  G06F21/566 ,  H04L63/145 ,  H04L63/168

摘要： A computer-implemented method includes receiving, at a primary security sub-system, code to be served from a web server system to one or more computing devices; forwarding a representation of the code to a secondary security sub-system that is remote from the primary security sub-system; receiving, from the secondary sub-system and in response to the forwarding, a template created from analysis of the representation of the code that indicates changes to be made to the code and locations of the changes; and using the template to recode the code, by the primary security sub-system, before serving the code to the one or more computing devices.

公开(公告)号：US09584534B1

公开(公告)日：2017-02-28

申请号：US14702349

申请日：2015-05-01

申请人： Shape Security, Inc.

发明人： Justin D. Call ,  Marc R. Hansen ,  Xinran Wang ,  Sumit Agarwal ,  Bryan D. Hanks

IPC分类号： H04L29/06 ,  G06F17/24

CPC分类号： H04L63/1416 ,  G06F17/243 ,  G06F21/54 ,  G06F2221/032 ,  G06F2221/2123 ,  H04L67/42

摘要： A computer-implemented method involves identifying an initial element for serving by a web server system to a client device and recoding the element by creating a plurality of different elements that each represent a portion of the initial element. The different elements are then served in place of the initial element. A response is received form the client device and has portions that correspond to the different elements, and a combined response is created by combining the received portions in a manner that corresponds to a manner in which the initial element was recoded to create the plurality of different elements.

摘要翻译： 计算机实现的方法包括识别用于由web服务器系统服务到客户端设备的初始元素，并且通过创建多个不同的元素来对该元素进行重新编码，每个元素表示初始元素的一部分。 然后，不同的元素代替初始元素。 从客户端设备接收响应并且具有对应于不同元素的部分，并且通过以与重新编码初始元素的方式相对应的方式组合接收到的部分来创建组合响应，以创建多个不同的元素 元素。

公开(公告)号：US09225737B2

公开(公告)日：2015-12-29

申请号：US14055576

申请日：2013-10-16

申请人： Shape Security, Inc.

发明人： Justin D. Call ,  Subramanian Varadarajan ,  Xiaohan Huang ,  Xiaoming Zhou ,  Marc R. Hansen

IPC分类号： H04L29/06 ,  G06F21/12 ,  G06F21/54 ,  G06F21/55 ,  H04L29/08

CPC分类号： H04L63/1416 ,  G06F21/128 ,  G06F21/54 ,  G06F21/552 ,  H04L63/1425 ,  H04L63/145 ,  H04L63/1466 ,  H04L63/1483 ,  H04L67/02

摘要： A computer-implemented method for identifying abnormal computer behavior includes receiving, at a computer server subsystem, data that characterizes subsets of particular document object models for web pages rendered by particular client computers; identifying clusters from the data that characterize the subsets of the particular document object models; and using the clusters to identify alien content on the particular client computers, wherein the alien content comprises content in the document object models that is not the result of content that is the basis of the document object model served.

摘要翻译： 用于识别异常计算机行为的计算机实现的方法包括在计算机服务器子系统处接收表征由特定客户端计算机呈现的网页的特定文档对象模型的子集的数据的数据; 从表征特定文档对象模型的子集的数据中识别聚类; 以及使用所述集群来识别所述特定客户端计算机上的外来内容，其中所述外来内容包括所述文档对象模型中的不是作为所提供的文档对象模型的基础的内容的结果的内容。

公开(公告)号：US10567419B2

公开(公告)日：2020-02-18

申请号：US15202755

申请日：2016-07-06

申请人： Shape Security, Inc.

发明人： Marc R. Hansen

IPC分类号： H04L29/06 ,  G06F21/31

摘要： This document describes, among other things, a computer-implemented method for improving the security of one or more computing systems. The method can include receiving, at a computing system, first code that defines at least a portion of an electronic resource that is to be served to a client computing device. The method can include generating code that defines a challenge to be solved by the client computing device, in which the code is arranged to cause the client computing device to determine values for one or more parameters that comprise a solution to the challenge, and the values for the one or more parameters that comprise the solution to the challenge may be required for the client computing device to make valid requests to initiate one or more web-based transactions. The computing system can determine whether particular values for the parameters comprise a valid solution to the challenge.

公开(公告)号：US09973519B2

公开(公告)日：2018-05-15

申请号：US15470715

申请日：2017-03-27

申请人： Shape Security, Inc.

发明人： Justin D. Call ,  Subramanian Varadarajan ,  Xiaochan Huang ,  Xiaoming Zhou ,  Marc R. Hansen

IPC分类号： H04L29/06 ,  H04L29/08

CPC分类号： H04L63/1416 ,  G06F21/128 ,  G06F21/54 ,  G06F21/552 ,  H04L63/1425 ,  H04L63/145 ,  H04L63/1466 ,  H04L63/1483 ,  H04L67/02

摘要： A computer-implemented method for identifying abnormal computer behavior includes receiving, at a computer server subsystem, data that characterizes subsets of particular document object models for web pages rendered by particular client computers; identifying clusters from the data that characterize the subsets of the particular document object models; and using the clusters to identify alien content on the particular client computers, wherein the alien content comprises content in the document object models that is not the result of content that is the basis of the document object model served.

公开(公告)号：US20170201540A1

公开(公告)日：2017-07-13

申请号：US15470715

申请日：2017-03-27

申请人： Shape Security, Inc.

发明人： Justin D. Call ,  Subramanian Varadarajan ,  Xiaochan Huang ,  Xiaoming Zhou ,  Marc R. Hansen

IPC分类号： H04L29/06

CPC分类号： H04L63/1416 ,  G06F21/128 ,  G06F21/54 ,  G06F21/552 ,  H04L63/1425 ,  H04L63/145 ,  H04L63/1466 ,  H04L63/1483 ,  H04L67/02

摘要： A computer-implemented method for identifying abnormal computer behavior includes receiving, at a computer server subsystem, data that characterizes subsets of particular document object models for web pages rendered by particular client computers; identifying clusters from the data that characterize the subsets of the particular document object models; and using the clusters to identify alien content on the particular client computers, wherein the alien content comprises content in the document object models that is not the result of content that is the basis of the document object model served.

公开(公告)号：US09178908B2

公开(公告)日：2015-11-03

申请号：US14055583

申请日：2013-10-16

申请人： Shape Security, Inc.

发明人： Justin D. Call ,  Xiaohan Huang ,  Xiaoming Zhou ,  Subramanian Varadarajan ,  Marc R. Hansen

IPC分类号： G06F21/00 ,  H04L29/06 ,  G06F21/12 ,  G06F21/14 ,  G06F21/51 ,  G06F21/54

CPC分类号： H04L63/1416 ,  G06F21/128 ,  G06F21/14 ,  G06F21/51 ,  G06F21/54 ,  G06F21/563 ,  G06F21/566 ,  H04L63/0428 ,  H04L63/0471 ,  H04L63/123 ,  H04L63/1425 ,  H04L63/145 ,  H04L63/1483 ,  H04L67/42

摘要： In one implementation, a computer-implemented method can identify abnormal computer behavior. The method can receive, at a computer server subsystem and from a web server system, computer code to be served in response to a request from a computing client over the internet. The method can also modify the computer code to obscure operational design of the web server system that could be determined from the computer code, and supplement the computer code with instrumentation code that is programmed to execute on the computing client. The method may serve the modified and supplemented computer code to the computing client.

摘要翻译： 在一个实现中，计算机实现的方法可以识别异常的计算机行为。 该方法可以在计算机服务器子系统和web服务器系统处接收响应来自计算客户端通过互联网的请求来服务的计算机代码。 该方法还可以修改计算机代码以掩盖可以从计算机代码确定的Web服务器系统的操作设计，并且使用被编程为在计算客户端上执行的测试代码补充计算机代码。 该方法可以将修改和补充的计算机代码服务于计算客户机。