专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

71. 发明授权

US09813440B1 Polymorphic treatment of annotated content 有权
公开(公告)号：US09813440B1
公开(公告)日：2017-11-07
申请号：US14713493
申请日：2015-05-15
申请人： Shape Security, Inc.
发明人： Roger S. Hoover , Justin D. Call
IPC分类号： G06F21/00 , H04L29/06 , G06F17/24 , G06F9/44
CPC分类号： G06F21/566 , G06F17/30899 , G06F21/125 , G06F21/54 , G06F21/55 , G06F2221/034 , H04L63/1441
摘要： A computer-implemented method includes receiving content and annotation information that describe a structure of the content, the annotation information having been previously generated by a sub-system that is separate from a content transformation sub-system and at a time before the content was requested to be served; interpreting the annotation information to generate transcoding rules that identify one or more portions of the received content to be transcoded in serving the content; applying the transcoding rules to the content to change the content in a manner that interferes with an ability of malware on a client device to interfere with operation of the content; and providing the transcoded content to a client device that requested the content.

72. 发明授权

US09529994B2 Call stack integrity check on client/server systems 有权
标题翻译：在客户端/服务器系统上调用堆栈完整性检查
公开(公告)号：US09529994B2
公开(公告)日：2016-12-27
申请号：US14552331
申请日：2014-11-24
申请人： SHAPE SECURITY, INC.
发明人： Yao Zhao , Xinran Wang
IPC分类号： G06F21/50 , H04L29/06 , G06F21/62
CPC分类号： G06F21/50 , G06F21/62 , G06F2221/033 , H04L63/102 , H04L67/42
摘要： Computer systems and methods in various embodiments are configured for improving the security and efficiency of client computers interacting with server computers through supervising instructions defined in a web page and/or web browser. In an embodiment, a computer system comprising one or more processors, coupled to a remote client computer, and configured to send, to the remote client computer, one or more instructions, which when executed by the remote client computer, cause a run-time environment on the remote client computer to: intercept, within the run-time environment, a first call to execute a particular function defined in the run-time environment by a first caller function in the run-time environment; determine a first caller identifier, which corresponds to the first caller function identified in a run-time stack maintained by the run-time environment; determine whether the first caller function is authorized to call the particular function based on the first caller identifier.
摘要翻译：各种实施例中的计算机系统和方法被配置为通过监视在网页和/或网络浏览器中定义的指令来提高与服务器计算机交互的客户端计算机的安全性和效率。在一个实施例中，一种包括一个或多个处理器的计算机系统，其耦合到远程客户端计算机，并被配置为向远程客户端计算机发送一个或多个指令，所述指令当由远程客户端计算机执行时引起运行时间远程客户端计算机上的环境：在运行时环境中截取在运行时环境中由第一调用者功能执行在运行时环境中定义的特定功能的第一次调用; 确定第一呼叫者标识符，其对应于由运行时环境维护的运行时栈中识别的第一呼叫者功能; 确定第一呼叫者功能是否被授权以基于第一呼叫者标识符来呼叫特定功能。

73. 发明授权

US09411958B2 Polymorphic treatment of data entered at clients 有权
标题翻译：在客户端输入的数据的多态处理
公开(公告)号：US09411958B2
公开(公告)日：2016-08-09
申请号：US14286733
申请日：2014-05-23
申请人： Shape Security Inc.
发明人： Xinran Wang , Yao Zhao
IPC分类号： H04L29/06 , G06F21/55 , G06F17/24 , G06F21/14
CPC分类号： H04L63/1475 , G06F17/2247 , G06F17/243 , G06F21/14 , G06F21/556 , G06F21/6263 , H04L63/0281 , H04L63/0428 , H04L63/14 , H04L2463/144
摘要： A computer-implemented method includes identifying, in web code to be served to a client, presence of code for generating a form; generating additional, executable code to be run on the client device, the additional, executable code being arranged to identify user input on the client device and modify the form so that data from the user input is received into one or more alternative fields of the form other than a first field to which a user performing the input directed the input; receiving a request from the client device based on completion of input into the form; and converting data from the received request so that data for the one or more alternative fields of the form is directed to the first field of the form for processing by a web server system that initially generated the web code.
摘要翻译：计算机实现的方法包括在要提供给客户端的web代码中识别存在用于生成表单的代码; 生成要在所述客户端设备上运行的附加的可执行代码，所述附加的可执行代码被布置为识别所述客户端设备上的用户输入并修改所述表单，使得来自所述用户输入的数据被接收到所述表单的一个或多个替代字段中除了用户对其进行输入的第一字段之外; 基于完成对该表单的输入，从客户端设备接收请求; 以及从接收到的请求转换数据，使得用于表单的一个或多个替代字段的数据被引导到形式的第一字段，以便由最初生成web代码的web服务器系统进行处理。

74. 发明授权

US09275222B2 Reliable selection of security countermeasures 有权
公开(公告)号：US09275222B2
公开(公告)日：2016-03-01
申请号：US14790738
申请日：2015-07-02
申请人： Shape Security Inc.
发明人： Siying Yang
IPC分类号： G06F21/55 , H04L29/06
CPC分类号： H04L63/083 , G06F21/14 , G06F21/55 , H04L63/105 , H04L63/1416 , H04L63/1441 , H04L63/145 , H04L63/168 , H04L63/20 , H04L67/02
摘要： Among other things, this document describes a computer-implemented security method such as for authenticated selection of security countermeasures and for reliable identification of computing devices. The method can include receiving, by a computing system, a request from a computing device for an electronic resource. The computing system can identify a security token received from the device that made the request. Based on the security token, particular security countermeasures can be selected that are to be applied to the electronic resource to be served in response to the request. The countermeasures can be operable to interfere with an ability of malware to interact with the served electronic resource when the served electronic resource is on the computing device. Portions of the electronic resource that are to be executed on the computing device can be re-coded using the selected particular security countermeasures.

75. 发明授权

US09258274B2 Using individualized APIs to block automated attacks on native apps and/or purposely exposed APIs 有权
标题翻译：使用个性化的API来阻止对本机应用程序和/或有意暴露的API的自动攻击
公开(公告)号：US09258274B2
公开(公告)日：2016-02-09
申请号：US14327461
申请日：2014-07-09
申请人： Shape Security, Inc.
发明人： Marc Hansen
IPC分类号： H04L29/06
CPC分类号： H04L63/0227 , H04L63/02 , H04L63/1483
摘要： An API call filtering system filters responses to API call requests received, via a network, from user devices. The API call filtering system is configured to require personalized API call requests wherein each API call (except for some minor exceptions) includes a unique endpoint identifier (“UEID”) of the user device making the request. Using the UEID, the web service or other service protected by the API call filtering system can be secured against excessive request iterations from a set of rogue user devices while allowing for ordinary volumes of requests of requests the user devices, wherein one or more boundaries between what is deemed to be an ordinary volume of requests and what is deemed to be excessive request iterations are determined by predetermined criteria.
摘要翻译： API呼叫过滤系统通过网络过滤从用户设备接收到的API呼叫请求的响应。 API呼叫过滤系统被配置为需要个性化的API调用请求，其中每个API调用（除了一些次要例外）包括发出请求的用户设备的唯一端点标识符（“UEID”）。使用UEID，可以保护由API呼叫过滤系统保护的web服务或其他服务，以防止来自一组流氓用户设备的过度请求迭代，同时允许对用户设备的普通请求请求，其中，一个或多个边界被认为是普通的请求数量，被认为是过度的请求迭代的事情是由预定的标准确定的。

76. 发明授权

US09225729B1 Blind hash compression 有权
标题翻译：盲目的哈希压缩
公开(公告)号：US09225729B1
公开(公告)日：2015-12-29
申请号：US14160107
申请日：2014-01-21
申请人： Shape Security, Inc.
发明人： Daniel G Moen , Bryan D Hanks
IPC分类号： G06F11/00 , H04L29/06 , H04L9/32
CPC分类号： H04L9/3236 , G06F21/577 , H04L9/3239 , H04L2209/30
摘要： A computer-implemented method includes serving, from a computer server system and to a plurality of different computing devices remote from the computer server system, web code and code for reporting status of the computing devices; receiving from one or more of the computing devices, first data that indicates a parameter of the one or more computing devices, the first data in a compressed format; receiving from one or more others of the computing devices, second data that indicates the parameter of the one or more others of the computing devices, the second data in an uncompressed format; and compressing the second data and comparing the compressed second data to the first data to correlate the first data to the second data. The code for reporting status of the computing devices can include code for allowing the computing devices to determine whether to send the first or second data.
摘要翻译：计算机实现的方法包括从计算机服务器系统和远离计算机服务器系统的多个不同的计算设备服务用于报告计算设备的状态的web代码和代码; 从一个或多个计算设备接收指示所述一个或多个计算设备的参数的第一数据，所述第一数据以压缩格式; 从所述计算设备的一个或多个其他计算设备接收指示所述计算设备中的一个或多个其他参数的第二数据，所述第二数据为未压缩格式; 以及压缩所述第二数据并将所述压缩的第二数据与所述第一数据进行比较，以将所述第一数据与所述第二数据相关联。用于报告计算设备的状态的代码可以包括用于允许计算设备确定是发送第一或第二数据的代码。

77. 发明授权

US09178908B2 Protecting against the introduction of alien content 有权
标题翻译：防止引入外来内容
公开(公告)号：US09178908B2
公开(公告)日：2015-11-03
申请号：US14055583
申请日：2013-10-16
申请人： Shape Security, Inc.
发明人： Justin D. Call , Xiaohan Huang , Xiaoming Zhou , Subramanian Varadarajan , Marc R. Hansen
IPC分类号： G06F21/00 , H04L29/06 , G06F21/12 , G06F21/14 , G06F21/51 , G06F21/54
CPC分类号： H04L63/1416 , G06F21/128 , G06F21/14 , G06F21/51 , G06F21/54 , G06F21/563 , G06F21/566 , H04L63/0428 , H04L63/0471 , H04L63/123 , H04L63/1425 , H04L63/145 , H04L63/1483 , H04L67/42
摘要： In one implementation, a computer-implemented method can identify abnormal computer behavior. The method can receive, at a computer server subsystem and from a web server system, computer code to be served in response to a request from a computing client over the internet. The method can also modify the computer code to obscure operational design of the web server system that could be determined from the computer code, and supplement the computer code with instrumentation code that is programmed to execute on the computing client. The method may serve the modified and supplemented computer code to the computing client.
摘要翻译：在一个实现中，计算机实现的方法可以识别异常的计算机行为。该方法可以在计算机服务器子系统和web服务器系统处接收响应来自计算客户端通过互联网的请求来服务的计算机代码。该方法还可以修改计算机代码以掩盖可以从计算机代码确定的Web服务器系统的操作设计，并且使用被编程为在计算客户端上执行的测试代码补充计算机代码。该方法可以将修改和补充的计算机代码服务于计算客户机。

78. 发明申请

US20150271188A1 CLIENT/SERVER SECURITY BY AN INTERMEDIARY EXECUTING INSTRUCTIONS RECEIVED FROM A SERVER AND RENDERING CLIENT APPLICATION INSTRUCTIONS 有权
标题翻译：客户/服务器安全由中介执行从服务器和渲染客户端应用指令接收的指令
公开(公告)号：US20150271188A1
公开(公告)日：2015-09-24
申请号：US14218598
申请日：2014-03-18
申请人： SHAPE SECURITY, INC.
发明人： Justin Call
IPC分类号： H04L29/06 , H04L29/08
CPC分类号： H04L63/10 , H04L63/0281 , H04L63/08 , H04L63/1408 , H04L63/145 , H04L63/20 , H04L67/02 , H04L67/10 , H04L67/2819 , H04L67/2823 , H04L67/42 , H04L69/22
摘要： In an embodiment, a method comprises intercepting, from a server computer, a first set of instructions that define a user interface; executing, using a headless browser, the first set of instructions without presenting the user interface; rendering a second set of instructions, which when executed by a client application on a client computer, cause the client computer to present the user interface, wherein the second set of instructions are different than the first set of instructions; sending the second set of instructions to the client computer.
摘要翻译：在一个实施例中，一种方法包括从服务器计算机拦截定义用户界面的第一组指令; 使用无头浏览器执行第一组指令而不呈现用户界面; 呈现第二组指令，当由客户机计算机上的客户端应用程序执行时，导致客户端计算机呈现用户界面，其中第二组指令不同于第一组指令; 将第二组指令发送到客户端计算机。

79. 发明授权

US09112900B1 Distributed polymorphic transformation of served content 有权
标题翻译：服务内容的分布式多态转换
公开(公告)号：US09112900B1
公开(公告)日：2015-08-18
申请号：US14503346
申请日：2014-09-30
申请人： Shape Security, Inc.
发明人： Timothy Dylan Peacock , Justin D. Call , Siying Yang , Sumit Agarwal
IPC分类号： G06F7/04 , H04L29/06 , G06F17/22
CPC分类号： G06F17/2247 , G06F17/2264 , H04L63/1466
摘要： A computer-implemented method includes receiving, at a computer security server system located between the Internet and a client computing device that makes requests over the Internet, a request for content directed to a particular content server system; forwarding the received request, with the computer security server system, to the particular content server system; receiving code from the particular server system in response to the request; applying a security countermeasure to the received code to created transformed code; providing the transformed code to the client computing device; receiving a communication from the client computing device; and determining that software on the client computing device has attempted to interact with the received code rather than the transformed code.
摘要翻译：计算机实现的方法包括在位于因特网和通过因特网进行请求的客户计算设备之间的计算机安全服务器系统处接收针对特定内容服务器系统的内容的请求; 将接收到的请求与计算机安全服务器系统一起转发到特定的内容服务器系统; 响应于该请求从特定服务器系统接收代码; 对所接收的代码应用安全对策以创建转换的代码; 将转换的代码提供给客户端计算设备; 从所述客户端计算设备接收通信; 以及确定所述客户端计算设备上的软件已经尝试与所接收的代码而不是经变换的代码进行交互。

80. 发明授权

US09083739B1 Client/server authentication using dynamic credentials 有权
标题翻译：使用动态凭证进行客户端/服务器认证
公开(公告)号：US09083739B1
公开(公告)日：2015-07-14
申请号：US14290835
申请日：2014-05-29
申请人： Shape Security, Inc.
发明人： Justin Call , Subramanian Varadarajan , Bryan Hanks
IPC分类号： H04L29/06 , G06F21/44
CPC分类号： H04L63/08 , G06F21/44 , H04L9/008 , H04L9/0891 , H04L63/0846 , H04L63/1441 , H04L63/1466 , H04L63/162 , H04L2463/144
摘要： In an embodiment, a method comprises intercepting, from a first computer, a first set of instructions that define one or more original operations, which are configured to cause one or more requests to be sent if executed by a client computer; modifying the first set of instructions to produce a modified set of instructions, which are configured to cause a credential to be included in the one or more requests sent if executed by the client computer; rendering a second set of instructions comprising the modified set of instructions and one or more credential-morphing-instructions, wherein the one or more credential-morphing-instructions define one or more credential-morphing operations, which are configured to cause the client computer to update the credential over time if executed; sending the second set of instructions to a second computer.
摘要翻译：在一个实施例中，一种方法包括：从第一计算机截取定义一个或多个原始操作的第一组指令，其被配置为如果由客户端计算机执行则导致发送一个或多个请求; 修改第一组指令以产生经修改的指令集，其被配置为使得凭证被包括在由客户端计算机执行时发送的一个或多个请求中; 呈现包括经修改的指令集和一个或多个凭证变形指令的第二组指令，其中所述一个或多个凭证变形指令定义一个或多个凭证变形操作，其被配置为使得客户端计算机如果执行则随时更新凭证; 将第二组指令发送到第二计算机。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式