专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

21. 发明授权

US09825984B1 Background analysis of web content 有权
公开(公告)号：US09825984B1
公开(公告)日：2017-11-21
申请号：US14470082
申请日：2014-08-27
申请人： Shape Security, Inc.
发明人： Roger S. Hoover , Marc R. Hansen , Justin D. Call
IPC分类号： H04L9/00 , G06F21/55 , G06F21/54 , H04L29/06
CPC分类号： H04L63/1441 , G06F21/54 , G06F21/554 , G06F21/566 , H04L63/145 , H04L63/168
摘要： A computer-implemented method includes receiving, at a primary security sub-system, code to be served from a web server system to one or more computing devices; forwarding a representation of the code to a secondary security sub-system that is remote from the primary security sub-system; receiving, from the secondary sub-system and in response to the forwarding, a template created from analysis of the representation of the code that indicates changes to be made to the code and locations of the changes; and using the template to recode the code, by the primary security sub-system, before serving the code to the one or more computing devices.

22. 发明授权

US09813444B2 Reliable selection of security countermeasures 有权
公开(公告)号：US09813444B2
公开(公告)日：2017-11-07
申请号：US15052951
申请日：2016-02-25
申请人： Shape Security, Inc.
发明人： Siying Yang
IPC分类号： H04L29/06 , H04L29/08 , G06F21/14 , G06F21/55
CPC分类号： H04L63/083 , G06F21/14 , G06F21/55 , H04L63/105 , H04L63/1416 , H04L63/1441 , H04L63/145 , H04L63/168 , H04L63/20 , H04L67/02
摘要： Among other things, this document describes a computer-implemented security method such as for authenticated selection of security countermeasures and for reliable identification of computing devices. The method can include receiving, by a computing system, a request from a computing device for an electronic resource. The computing system can identify a security token received from the device that made the request. Based on the security token, particular security countermeasures can be selected that are to be applied to the electronic resource to be served in response to the request. The countermeasures can be operable to interfere with an ability of malware to interact with the served electronic resource when the served electronic resource is on the computing device. Portions of the electronic resource that are to be executed on the computing device can be re-coded using the selected particular security countermeasures.

23. 发明授权

US09729506B2 Application programming interface wall 有权
公开(公告)号：US09729506B2
公开(公告)日：2017-08-08
申请号：US14466779
申请日：2014-08-22
申请人： Shape Security, Inc.
发明人： Justin D. Call , Timothy D. Peacock
IPC分类号： H04L9/32 , G06F21/30 , H04L29/06 , G06F9/54 , G06F21/62
CPC分类号： H04L63/02 , G06F9/547 , G06F21/629 , G06F2221/2141 , H04L29/06557 , H04L43/045 , H04L43/062 , H04L63/0236 , H04L63/101
摘要： Application programming interfaces (APIs) can be unintentionally exposed and allow for potentially undesirable use of corporate resources. An API call filtering system configured to monitor API call requests received via an endpoint and API call responses received via a supporting service of an API or web service. The API call filtering system enables enterprises to improve their security posture by identifying, studying, reporting, and securing their APIs within their enterprise network.

24. 发明授权

US09602543B2 Client/server polymorphism using polymorphic hooks 有权
公开(公告)号：US09602543B2
公开(公告)日：2017-03-21
申请号：US14481867
申请日：2014-09-09
申请人： SHAPE SECURITY, INC.
发明人： Ariya Hidayat
IPC分类号： G06F17/00 , H04L29/06 , G06F21/52
CPC分类号： H04L63/20 , G06F21/52
摘要： Computer systems and methods in various embodiments are configured for improving the security and efficiency of client computers interacting with server computers through an intermediary computer using one or more polymorphic protocols. In an embodiment, a computer system comprises a memory; a processor coupled to the memory; a processor logic coupled to the processor and the memory, and configured to: intercept, from a server computer, a first file and a second file, wherein the first file defines a first object with a first identifier and the second file comprises a reference to the first object by the first identifier; generate a second identifier; replace the first identifier with the second identifier in the first file; add one or more first instructions to the first file; remove the reference to the first identifier from the second file; add, to the second file, one or more second instructions, which when executed cause the one or more first instructions to be executed and produce the second identifier.

25. 发明授权

US09584534B1 Dynamic field re-rendering 有权
标题翻译：动态字段重绘
公开(公告)号：US09584534B1
公开(公告)日：2017-02-28
申请号：US14702349
申请日：2015-05-01
申请人： Shape Security, Inc.
发明人： Justin D. Call , Marc R. Hansen , Xinran Wang , Sumit Agarwal , Bryan D. Hanks
IPC分类号： H04L29/06 , G06F17/24
CPC分类号： H04L63/1416 , G06F17/243 , G06F21/54 , G06F2221/032 , G06F2221/2123 , H04L67/42
摘要： A computer-implemented method involves identifying an initial element for serving by a web server system to a client device and recoding the element by creating a plurality of different elements that each represent a portion of the initial element. The different elements are then served in place of the initial element. A response is received form the client device and has portions that correspond to the different elements, and a combined response is created by combining the received portions in a manner that corresponds to a manner in which the initial element was recoded to create the plurality of different elements.
摘要翻译：计算机实现的方法包括识别用于由web服务器系统服务到客户端设备的初始元素，并且通过创建多个不同的元素来对该元素进行重新编码，每个元素表示初始元素的一部分。然后，不同的元素代替初始元素。从客户端设备接收响应并且具有对应于不同元素的部分，并且通过以与重新编码初始元素的方式相对应的方式组合接收到的部分来创建组合响应，以创建多个不同的元素元素。

26. 发明授权

US09405910B2 Automatic library detection 有权
标题翻译：自动库检测
公开(公告)号：US09405910B2
公开(公告)日：2016-08-02
申请号：US14293895
申请日：2014-06-02
申请人： Shape Security, Inc.
发明人： Ariya Hidayat , Bei Zhang
IPC分类号： G06F21/57
CPC分类号： G06F21/563 , G06F21/566 , G06F21/57 , G06F2221/033 , H04L63/1441 , H04L67/42
摘要： The automated, real-time detection of specific blocks of code within a larger body of source code is described. Specific implementations relate to the detection of known code libraries in web page code to improve the efficiency of the generation of polymorphic transformations of the web page code for the purpose of impeding automated cyber-attacks.
摘要翻译：描述了在更大体积的源代码中的特定的代码块的自动化的实时检测。具体实现涉及检测网页代码中的已知代码库，以提高为阻止自动网络攻击的目的而产生网页代码的多态转换的效率。

27. 发明授权

US09225737B2 Detecting the introduction of alien content 有权
标题翻译：检测外星人内容的引入
公开(公告)号：US09225737B2
公开(公告)日：2015-12-29
申请号：US14055576
申请日：2013-10-16
申请人： Shape Security, Inc.
发明人： Justin D. Call , Subramanian Varadarajan , Xiaohan Huang , Xiaoming Zhou , Marc R. Hansen
IPC分类号： H04L29/06 , G06F21/12 , G06F21/54 , G06F21/55 , H04L29/08
CPC分类号： H04L63/1416 , G06F21/128 , G06F21/54 , G06F21/552 , H04L63/1425 , H04L63/145 , H04L63/1466 , H04L63/1483 , H04L67/02
摘要： A computer-implemented method for identifying abnormal computer behavior includes receiving, at a computer server subsystem, data that characterizes subsets of particular document object models for web pages rendered by particular client computers; identifying clusters from the data that characterize the subsets of the particular document object models; and using the clusters to identify alien content on the particular client computers, wherein the alien content comprises content in the document object models that is not the result of content that is the basis of the document object model served.
摘要翻译：用于识别异常计算机行为的计算机实现的方法包括在计算机服务器子系统处接收表征由特定客户端计算机呈现的网页的特定文档对象模型的子集的数据的数据; 从表征特定文档对象模型的子集的数据中识别聚类; 以及使用所述集群来识别所述特定客户端计算机上的外来内容，其中所述外来内容包括所述文档对象模型中的不是作为所提供的文档对象模型的基础的内容的结果的内容。

28. 发明申请

US20150350213A1 SELECTIVELY PROTECTING VALID LINKS TO PAGES OF A WEB SITE 有权
标题翻译：选择保护有效的链接到网站的页面
公开(公告)号：US20150350213A1
公开(公告)日：2015-12-03
申请号：US14290805
申请日：2014-05-29
申请人： Shape Security, Inc.
发明人： SUBRAMANIAN VARADARAJAN , JUSTIN CALL
IPC分类号： H04L29/06 , G06F21/62
CPC分类号： H04L63/1491 , G06F21/50 , G06F21/6218 , G06F2221/2119 , G06F2221/2123 , H04L63/06 , H04L63/10 , H04L63/1416 , H04L63/168 , H04L67/02
摘要： In an embodiment, a method comprises intercepting, using a server computer, a first set of instructions that define a user interface and a plurality of links, wherein each link in the plurality of links is associated with a target page, and the plurality of links includes a first link; determining that the first link, which references a first target page, is protected; in response to determining the first link is protected: generating a first protected link that is different than the first link and includes first data that authenticates a first request that has been generated based on the first protected link and that references the first target page; and generating a first decoy link that includes second data that references a first decoy page and not the first target page; rendering a second set of instructions comprising the first protected link and the first decoy link, but not the first link, and which is configured to cause a first client computer to present the first protected link in the user interface and hide the first decoy link from the user interface; sending the second set of instructions to the first client computer.
摘要翻译：在一个实施例中，一种方法包括使用服务器计算机拦截定义用户界面和多个链接的第一组指令，其中所述多个链接中的每个链接与目标页面相关联，并且所述多个链接包括第一个链接; 确定引用第一目标页面的第一链接被保护; 响应于确定所述第一链路被保护：生成与所述第一链路不同的第一受保护链路，并且包括基于所述第一受保护链路认证已经生成的并且引用所述第一目标页面的第一请求的第一数据; 以及生成包括引用第一诱饵页而不是所述第一目标页的第二数据的第一诱饵链接; 呈现包括所述第一受保护链路和所述第一诱饵链路而不是所述第一链路的第二组指令，并且被配置为使得第一客户端计算机在所述用户界面中呈现所述第一受保护链路并隐藏所述第一诱饵链接用户界面; 将第二组指令发送到第一客户端计算机。

29. 发明申请

US20150339479A1 Polymorphic Treatment of Data Entered At Clients 有权
标题翻译：在客户端进行数据的多态处理
公开(公告)号：US20150339479A1
公开(公告)日：2015-11-26
申请号：US14286733
申请日：2014-05-23
申请人： Shape Security Inc.
发明人： Xinran Wang , Yao Zhao
IPC分类号： G06F21/55
CPC分类号： H04L63/1475 , G06F17/2247 , G06F17/243 , G06F21/14 , G06F21/556 , G06F21/6263 , H04L63/0281 , H04L63/0428 , H04L63/14 , H04L2463/144
摘要： A computer-implemented method includes identifying, in web code to be served to a client, presence of code for generating a form; generating additional, executable code to be run on the client device, the additional, executable code being arranged to identify user input on the client device and modify the form so that data from the user input is received into one or more alternative fields of the form other than a first field to which a user performing the input directed the input; receiving a request from the client device based on completion of input into the form; and converting data from the received request so that data for the one or more alternative fields of the form is directed to the first field of the form for processing by a web server system that initially generated the web code.
摘要翻译：计算机实现的方法包括在要提供给客户端的web代码中识别用于生成表单的代码的存在; 生成要在所述客户端设备上运行的附加的可执行代码，所述附加的可执行代码被布置为识别所述客户端设备上的用户输入并修改所述表单，使得来自所述用户输入的数据被接收到所述表单的一个或多个替代字段中除了用户对其进行输入的第一字段之外; 基于完成对该表单的输入，从客户端设备接收请求; 以及从接收到的请求转换数据，使得用于表单的一个或多个替代字段的数据被引导到形式的第一字段，以由最初生成web代码的web服务器系统进行处理。

30. 发明授权

US09003511B1 Polymorphic security policy action 有权
标题翻译：多态安全策略动作
公开(公告)号：US09003511B1
公开(公告)日：2015-04-07
申请号：US14338207
申请日：2014-07-22
申请人： Shape Security, Inc.
发明人： Siying Yang
IPC分类号： H04L29/06 , G06F21/55
CPC分类号： H04L63/20 , G06F21/55 , H04L63/0227 , H04L63/0263 , H04L63/1416 , H04L63/1441
摘要： In one embodiment, a method of improving the security of a computing device comprises using a computing device that has received one or more messages that have been determined as unauthorized, obtaining a plurality of state data values from one or more of the computing device, the one or more messages, and a second computer; before admitting the one or more messages to a data communications network that the computing device is configured to protect: using the computing device and pseudo-random selection logic, based on the state data values, pseudo-randomly selecting a particular policy action from among a plurality of different stored policy actions; using the computing device, acting upon the one or more messages using the particular policy action; wherein the method is performed using one or more computing devices.
摘要翻译：在一个实施例中，一种改进计算设备的安全性的方法包括使用已经接收到已被确定为未授权的一个或多个消息的计算设备，从计算设备中的一个或多个获得多个状态数据值，一个或多个消息和第二计算机; 在将所述一个或多个消息接受到数据通信网络之前，所述计算设备被配置为保护：使用所述计算设备和伪随机选择逻辑，基于所述状态数据值，伪随机地选择特定策略动作多个不同的存储策略动作; 使用所述计算设备，使用所述特定策略动作来执行所述一个或多个消息; 其中所述方法使用一个或多个计算设备执行。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式