-
公开(公告)号:US10044753B2
公开(公告)日:2018-08-07
申请号:US15651303
申请日:2017-07-17
Applicant: Shape Security, Inc.
Inventor: Xiaoming Zhou , Roger Hoover , Sergey Shekyan , Justin Call
IPC: G06F15/173 , G06F9/00 , H04L29/06 , H04L12/24 , G06F9/30 , G06F21/51 , G06F9/54 , G06F21/12 , H04L29/08
Abstract: In an embodiment, a method comprises intercepting a first set of instructions from a server computer that define one or more objects and one or more original operations that are based, at least in part, on the one or more objects; modifying the first set of instructions by adding one or more supervisor operations that are based, at least in part, on the one or more objects; transforming the one or more original operations to produce one or more transformed operations that are based, at least in part, on the one or more supervisor operations; rendering a second set of instructions which define the one or more supervisor operations and the one or more transformed operations; sending the second set of instructions to a remote client computer.
-
公开(公告)号:US09923919B2
公开(公告)日:2018-03-20
申请号:US14822287
申请日:2015-08-10
Applicant: Shape Security Inc.
Inventor: Justin D. Call , Xiaoming Zhou , Xiaohan Huang , Subramanian Varadarajan , Roger S. Hoover
CPC classification number: H04L63/1441 , G06F21/54 , G06F21/566 , H04L63/168 , H04L67/02 , H04L67/1002 , H04L2463/144
Abstract: A computer-implemented method for deflecting abnormal computer interactions includes receiving, at a computer server system and from a client computer device that is remote from the computer server system, a request for web content; identifying, by computer analysis of mark-up code content that is responsive to the request, executable code that is separate from, but programmatically related to, the mark-up code content; generating groups of elements in the mark-up code content and the related executable code by determining that the elements within particular groups are programmatically related to each other; modifying elements within particular ones of the groups consistently so as to prevent third-party code written to interoperate with the elements from modifying from interoperating with the modified elements, while maintain an ability of the modified elements within each group to interoperate with each other; and recoding the mark-up code content and the executable code to include the modified elements.
-
公开(公告)号:US20180041527A1
公开(公告)日:2018-02-08
申请号:US15785309
申请日:2017-10-16
Applicant: Shape Security, Inc.
Inventor: Justin D. Call , Xiaohan Huang , Xiaoming Zhou , Subramanian Varadarajan , Marc R. Hansen
CPC classification number: H04L63/1416 , G06F21/128 , G06F21/14 , G06F21/51 , G06F21/54 , G06F21/563 , G06F21/566 , H04L63/0428 , H04L63/0471 , H04L63/123 , H04L63/1425 , H04L63/145 , H04L63/1483 , H04L67/42
Abstract: Techniques are provided for using instrumentation code to detect bots or malware. Data corresponding to requests from a plurality of client devices for a web resource comprising web code is obtained. The web resource is hosted by a first web server system. For a first client device of the plurality of client devices, instrumentation code is served. The instrumentation code is configured to execute on the first client device to monitor execution of the web code of the web resource at the first client device. One or more responses generated by the instrumentation code at the first client device are received from the first client device. The one or more responses are based one or more interactions with the web code at the first client device.
-
公开(公告)号:US09225737B2
公开(公告)日:2015-12-29
申请号:US14055576
申请日:2013-10-16
Applicant: Shape Security, Inc.
Inventor: Justin D. Call , Subramanian Varadarajan , Xiaohan Huang , Xiaoming Zhou , Marc R. Hansen
CPC classification number: H04L63/1416 , G06F21/128 , G06F21/54 , G06F21/552 , H04L63/1425 , H04L63/145 , H04L63/1466 , H04L63/1483 , H04L67/02
Abstract: A computer-implemented method for identifying abnormal computer behavior includes receiving, at a computer server subsystem, data that characterizes subsets of particular document object models for web pages rendered by particular client computers; identifying clusters from the data that characterize the subsets of the particular document object models; and using the clusters to identify alien content on the particular client computers, wherein the alien content comprises content in the document object models that is not the result of content that is the basis of the document object model served.
Abstract translation: 用于识别异常计算机行为的计算机实现的方法包括在计算机服务器子系统处接收表征由特定客户端计算机呈现的网页的特定文档对象模型的子集的数据的数据; 从表征特定文档对象模型的子集的数据中识别聚类; 以及使用所述集群来识别所述特定客户端计算机上的外来内容,其中所述外来内容包括所述文档对象模型中的不是作为所提供的文档对象模型的基础的内容的结果的内容。
-
公开(公告)号:US20140283038A1
公开(公告)日:2014-09-18
申请号:US14055704
申请日:2013-10-16
Applicant: Shape Security Inc.
Inventor: Justin D. Call , Xiaoming Zhou , Xiaohan Huang , Subramanian Varadarajan , Roger S. Hoover
IPC: H04L29/06
CPC classification number: H04L63/1441 , G06F21/54 , G06F21/566 , H04L63/168 , H04L67/02 , H04L67/1002 , H04L2463/144
Abstract: A computer-implemented method for deflecting abnormal computer interactions includes receiving, at a computer server system and from a client computer device that is remote from the computer server system, a request for web content; identifying, by computer analysis of mark-up code content that is responsive to the request, executable code that is separate from, but programmatically related to, the mark-up code content; generating groups of elements in the mark-up code content and the related executable code by determining that the elements within particular groups are programmatically related to each other; modifying elements within particular ones of the groups consistently so as to prevent third-party code written to interoperate with the elements from modifying from interoperating with the modified elements, while maintain an ability of the modified elements within each group to interoperate with each other; and recoding the mark-up code content and the executable code to include the modified elements.
Abstract translation: 用于偏转异常计算机交互的计算机实现的方法包括在计算机服务器系统和远离计算机服务器系统的客户端计算机设备接收对web内容的请求; 通过对响应于请求的标记代码内容的计算机分析来识别与标记代码内容分开但与编程有关的可执行代码; 通过确定特定组中的元素在程序上相互关联来生成标记代码内容中的元素组和相关的可执行代码; 一致地修改特定组中的元素,以防止编写的第三方代码与要修改的元素进行互操作,同时保持每个组内的修改元素彼此互操作的能力; 以及对所述标记代码内容和所述可执行代码重新编码以包括所述修改的元素。
-
Patent Agency Ranking
公开(公告)号:US20230273990A1
公开(公告)日:2023-08-31
申请号:US17680977
申请日:2022-02-25
Applicant: Shape Security, Inc.
Inventor: Justin D. Call , Xiaoming Zhou , Xiaohan Huang , Subramanian Varadarajan , Roger S. Hoover
Abstract: Techniques for code modification for detecting abnormal activity are described. Web code is obtained. Modified web code is generated by changing a particular programmatic element to a modified programmatic element throughout the web code. Instrumentation code is generated configured to monitor and report on one or more interactions with versions of the particular programmatic element. The instrumentation code is caused to be provided in association with the modified web code to the first client device in response to the first request from the first client device. Report data generated by the instrumentation code is received. The report data describes abnormal activity at the first client device, the abnormal activity comprising an interaction with a version of the particular programmatic element that does not exist in the modified web code. Based on the report, it is determined that the first client device is likely controlled by malware.
-
公开(公告)号:US11297097B2
公开(公告)日:2022-04-05
申请号:US16729395
申请日:2019-12-29
Applicant: Shape Security, Inc.
Inventor: Justin D. Call , Xiaoming Zhou , Xiaohan Huang , Subramanian Varadarajan , Roger S. Hoover
IPC: H04L29/06 , G06F21/54 , G06F21/56 , H04L67/1001 , H04L67/02
Abstract: Techniques for code modification for detecting abnormal activity are described. Web code is obtained. Modified web code is generated by changing a particular programmatic element to a modified programmatic element throughout the web code. Instrumentation code is generated configured to monitor and report on one or more interactions with versions of the particular programmatic element. The instrumentation code is caused to be provided in association with the modified web code to the first client device in response to the first request from the first client device. Report data generated by the instrumentation code is received. The report data describes abnormal activity at the first client device, the abnormal activity comprising an interaction with a version of the particular programmatic element that does not exist in the modified web code. Based on the report, it is determined that the first client device is likely controlled by malware.
-
公开(公告)号:US10536479B2
公开(公告)日:2020-01-14
申请号:US15925748
申请日:2018-03-19
Applicant: Shape Security, Inc.
Inventor: Justin D Call , Xiaoming Zhou , Xiaohan Huang , Subramanian Varadarajan , Roger S. Hoover
Abstract: Techniques for code modification for automation detection are described. Web code is obtained corresponding to content to be served to a first client device in response to a first request from the first client device. Instances of a particular programmatic element in the web code are identified. In response to the first request, modified web code is generated from the web code by consistently changing the particular programmatic element to a modified programmatic element throughout the web code. The modified web code is caused to be provided to the first client device in response to the first request from the first client device. A communication is received from the first client device that is made in response to the modified web code. The communication includes an attempt to interact with the particular programmatic element that exists in the web code but not in the modified web code.
-
9.发明授权公开(公告)号:US09712561B2
公开(公告)日:2017-07-18
申请号:US15157704
申请日:2016-05-18
Applicant: Shape Security, Inc.
Inventor: Xiaoming Zhou , Roger Hoover , Sergey Shekyan , Justin Call
CPC classification number: H04L63/1466 , G06F9/30181 , G06F9/548 , G06F21/125 , G06F21/128 , G06F21/51 , G06F2209/542 , H04L41/0253 , H04L63/0281 , H04L63/1416 , H04L63/1458 , H04L67/2823 , H04L67/42
Abstract: In an embodiment, a method comprises intercepting a first set of instructions from a server computer that define one or more objects and one or more original operations that are based, at least in part, on the one or more objects; modifying the first set of instructions by adding one or more supervisor operations that are based, at least in part, on the one or more objects; transforming the one or more original operations to produce one or more transformed operations that are based, at least in part, on the one or more supervisor operations; rendering a second set of instructions which define the one or more supervisor operations and the one or more transformed operations; sending the second set of instructions to a remote client computer.
-
公开(公告)号:US09356954B2
公开(公告)日:2016-05-31
申请号:US14618389
申请日:2015-02-10
Applicant: Shape Security, Inc.
Inventor: Xiaoming Zhou , Roger Hoover , Sergey Shekyan , Justin Call
CPC classification number: H04L63/1466 , G06F9/30181 , G06F9/548 , G06F21/125 , G06F21/128 , G06F21/51 , G06F2209/542 , H04L41/0253 , H04L63/0281 , H04L63/1416 , H04L63/1458 , H04L67/2823 , H04L67/42
Abstract: In an embodiment, a method comprises intercepting a first set of instructions from a server computer that define one or more objects and one or more original operations that are based, at least in part, on the one or more objects; modifying the first set of instructions by adding one or more supervisor operations that are based, at least in part, on the one or more objects; transforming the one or more original operations to produce one or more transformed operations that are based, at least in part, on the one or more supervisor operations; rendering a second set of instructions which define the one or more supervisor operations and the one or more transformed operations; sending the second set of instructions to a remote client computer.
-
-
-
-
-
-
-
-
-
Search Results
32
records
(took 0.017 seconds)
