专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20200177623A1 CODE MODIFICATION FOR DETECTING ABNORMAL ACTIVITY 审中-公开
公开(公告)号：US20200177623A1
公开(公告)日：2020-06-04
申请号：US16729395
申请日：2019-12-29
申请人： Shape Security, Inc.
发明人： Justin D. Call , Xiaoming Zhou , Xiaohan Huang , Subramanian Varadarajan , Roger S. Hoover
IPC分类号： H04L29/06 , G06F21/54 , G06F21/56 , H04L29/08
摘要： Techniques for code modification for detecting abnormal activity are described. Web code is obtained. Modified web code is generated by changing a particular programmatic element to a modified programmatic element throughout the web code. Instrumentation code is generated configured to monitor and report on one or more interactions with versions of the particular programmatic element. The instrumentation code is caused to be provided in association with the modified web code to the first client device in response to the first request from the first client device. Report data generated by the instrumentation code is received. The report data describes abnormal activity at the first client device, the abnormal activity comprising an interaction with a version of the particular programmatic element that does not exist in the modified web code. Based on the report, it is determined that the first client device is likely controlled by malware.

2. 发明授权

US09973519B2 Protecting a server computer by detecting the identity of a browser on a client computer 有权
公开(公告)号：US09973519B2
公开(公告)日：2018-05-15
申请号：US15470715
申请日：2017-03-27
申请人： Shape Security, Inc.
发明人： Justin D. Call , Subramanian Varadarajan , Xiaochan Huang , Xiaoming Zhou , Marc R. Hansen
IPC分类号： H04L29/06 , H04L29/08
CPC分类号： H04L63/1416 , G06F21/128 , G06F21/54 , G06F21/552 , H04L63/1425 , H04L63/145 , H04L63/1466 , H04L63/1483 , H04L67/02
摘要： A computer-implemented method for identifying abnormal computer behavior includes receiving, at a computer server subsystem, data that characterizes subsets of particular document object models for web pages rendered by particular client computers; identifying clusters from the data that characterize the subsets of the particular document object models; and using the clusters to identify alien content on the particular client computers, wherein the alien content comprises content in the document object models that is not the result of content that is the basis of the document object model served.

3. 发明授权

US09813440B1 Polymorphic treatment of annotated content 有权
公开(公告)号：US09813440B1
公开(公告)日：2017-11-07
申请号：US14713493
申请日：2015-05-15
申请人： Shape Security, Inc.
发明人： Roger S. Hoover , Justin D. Call
IPC分类号： G06F21/00 , H04L29/06 , G06F17/24 , G06F9/44
CPC分类号： G06F21/566 , G06F17/30899 , G06F21/125 , G06F21/54 , G06F21/55 , G06F2221/034 , H04L63/1441
摘要： A computer-implemented method includes receiving content and annotation information that describe a structure of the content, the annotation information having been previously generated by a sub-system that is separate from a content transformation sub-system and at a time before the content was requested to be served; interpreting the annotation information to generate transcoding rules that identify one or more portions of the received content to be transcoded in serving the content; applying the transcoding rules to the content to change the content in a manner that interferes with an ability of malware on a client device to interfere with operation of the content; and providing the transcoded content to a client device that requested the content.

4. 发明申请

US20170201540A1 Protecting a Server Computer by Detecting the Identity of a Browser on a Client Computer 有权
公开(公告)号：US20170201540A1
公开(公告)日：2017-07-13
申请号：US15470715
申请日：2017-03-27
申请人： Shape Security, Inc.
发明人： Justin D. Call , Subramanian Varadarajan , Xiaochan Huang , Xiaoming Zhou , Marc R. Hansen
IPC分类号： H04L29/06
CPC分类号： H04L63/1416 , G06F21/128 , G06F21/54 , G06F21/552 , H04L63/1425 , H04L63/145 , H04L63/1466 , H04L63/1483 , H04L67/02
摘要： A computer-implemented method for identifying abnormal computer behavior includes receiving, at a computer server subsystem, data that characterizes subsets of particular document object models for web pages rendered by particular client computers; identifying clusters from the data that characterize the subsets of the particular document object models; and using the clusters to identify alien content on the particular client computers, wherein the alien content comprises content in the document object models that is not the result of content that is the basis of the document object model served.

5. 发明申请

US20170118241A1 Multi-Layer Computer Security Countermeasures 审中-公开
公开(公告)号：US20170118241A1
公开(公告)日：2017-04-27
申请号：US14922436
申请日：2015-10-26
申请人： Shape Security, Inc.
发明人： Justin D. Call , Ariya Hidayat , Timothy Dylan Peacock , Siying Yang
IPC分类号： H04L29/06 , H04L29/08
CPC分类号： H04L63/1441 , H04L67/02 , H04L67/04 , H04L67/20 , H04L67/22 , H04L67/2833 , H04L67/42
摘要： A computer-implemented security method includes receiving, at a server sub-system, reports from a plurality of clients that were served content served by a web server system, the different versions of content varying from each other by polymorphic transformation that inserts varying content at common locations in the content; determining, with the server sub-system, an effectiveness level of security countermeasures applied to the content, using the received reports; selecting an updated security countermeasure package determined to address malware identified using data from the reports; and providing to the web server system information causing the web server system to switch to the updated security countermeasure package.

6. 发明申请

US20160162688A1 SECURE APP UPDATE SERVER AND SECURE APPLICATION PROGRAMMING INTERFACE ("API") SERVER 有权
标题翻译：安全应用程序更新服务器和安全应用程序编程接口（“API”）服务器
公开(公告)号：US20160162688A1
公开(公告)日：2016-06-09
申请号：US14563336
申请日：2014-12-08
申请人： Shape Security, Inc.
发明人： Justin D. Call , Marc Hansen
IPC分类号： G06F21/57 , H04L29/08 , G06F21/14 , H04L29/06
CPC分类号： G06F21/57 , G06F8/65 , G06F21/14 , G06F21/54 , G06F21/552 , G06F2221/033 , G06F2221/0724 , H04W4/50 , H04W4/60 , H04W12/12
摘要： A coupled set of servers in a server system protect an application programming interface (“API”) from unwanted automation facilitated by unauthorized reverse engineering of an endpoint app or communications channel used by the endpoint app. The server system comprises at least one secure app update server that transforms an app code object received from an enterprise app server into a transferred app code object, and at least one secure application programming interface (“API”) server that interacts with an endpoint device that executes the transformed app code object. The secure API is adapted to convert API requests made by the transformed app code object into renormalized API requests formatted for processing by an enterprise API server. The transforming of the app code object results in API requests from the client that would constitute invalid API requests if presented to the enterprise API server without renormalization.
摘要翻译：服务器系统中的一组耦合服务器通过端点应用程序或端点应用程序使用的通信通道的未经授权的逆向工程来保护应用程序编程接口（“API”）免受不必要的自动化。服务器系统包括至少一个安全应用程序更新服务器，其将从企业应用服务器接收的应用程序代码对象转换为传输的应用程序代码对象，以及至少一个与端点设备交互的安全应用程序编程接口（“API”）服务器它执行转换的应用程序代码对象。安全API适用于将转换的应用程序代码对象所产生的API请求转换为格式化为企业API服务器进行处理的重新归类的API请求。应用程序代码对象的转换会导致来自客户端的API请求，如果呈现给企业API服务器而无需重新归一化，那么它将构成无效的API请求。

7. 发明授权

US09178908B2 Protecting against the introduction of alien content 有权
标题翻译：防止引入外来内容
公开(公告)号：US09178908B2
公开(公告)日：2015-11-03
申请号：US14055583
申请日：2013-10-16
申请人： Shape Security, Inc.
发明人： Justin D. Call , Xiaohan Huang , Xiaoming Zhou , Subramanian Varadarajan , Marc R. Hansen
IPC分类号： G06F21/00 , H04L29/06 , G06F21/12 , G06F21/14 , G06F21/51 , G06F21/54
CPC分类号： H04L63/1416 , G06F21/128 , G06F21/14 , G06F21/51 , G06F21/54 , G06F21/563 , G06F21/566 , H04L63/0428 , H04L63/0471 , H04L63/123 , H04L63/1425 , H04L63/145 , H04L63/1483 , H04L67/42
摘要： In one implementation, a computer-implemented method can identify abnormal computer behavior. The method can receive, at a computer server subsystem and from a web server system, computer code to be served in response to a request from a computing client over the internet. The method can also modify the computer code to obscure operational design of the web server system that could be determined from the computer code, and supplement the computer code with instrumentation code that is programmed to execute on the computing client. The method may serve the modified and supplemented computer code to the computing client.
摘要翻译：在一个实现中，计算机实现的方法可以识别异常的计算机行为。该方法可以在计算机服务器子系统和web服务器系统处接收响应来自计算客户端通过互联网的请求来服务的计算机代码。该方法还可以修改计算机代码以掩盖可以从计算机代码确定的Web服务器系统的操作设计，并且使用被编程为在计算客户端上执行的测试代码补充计算机代码。该方法可以将修改和补充的计算机代码服务于计算客户机。

8. 发明授权

US09112900B1 Distributed polymorphic transformation of served content 有权
标题翻译：服务内容的分布式多态转换
公开(公告)号：US09112900B1
公开(公告)日：2015-08-18
申请号：US14503346
申请日：2014-09-30
申请人： Shape Security, Inc.
发明人： Timothy Dylan Peacock , Justin D. Call , Siying Yang , Sumit Agarwal
IPC分类号： G06F7/04 , H04L29/06 , G06F17/22
CPC分类号： G06F17/2247 , G06F17/2264 , H04L63/1466
摘要： A computer-implemented method includes receiving, at a computer security server system located between the Internet and a client computing device that makes requests over the Internet, a request for content directed to a particular content server system; forwarding the received request, with the computer security server system, to the particular content server system; receiving code from the particular server system in response to the request; applying a security countermeasure to the received code to created transformed code; providing the transformed code to the client computing device; receiving a communication from the client computing device; and determining that software on the client computing device has attempted to interact with the received code rather than the transformed code.
摘要翻译：计算机实现的方法包括在位于因特网和通过因特网进行请求的客户计算设备之间的计算机安全服务器系统处接收针对特定内容服务器系统的内容的请求; 将接收到的请求与计算机安全服务器系统一起转发到特定的内容服务器系统; 响应于该请求从特定服务器系统接收代码; 对所接收的代码应用安全对策以创建转换的代码; 将转换的代码提供给客户端计算设备; 从所述客户端计算设备接收通信; 以及确定所述客户端计算设备上的软件已经尝试与所接收的代码而不是经变换的代码进行交互。

9. 发明授权

US11297097B2 Code modification for detecting abnormal activity 有权
公开(公告)号：US11297097B2
公开(公告)日：2022-04-05
申请号：US16729395
申请日：2019-12-29
申请人： Shape Security, Inc.
发明人： Justin D. Call , Xiaoming Zhou , Xiaohan Huang , Subramanian Varadarajan , Roger S. Hoover
IPC分类号： H04L29/06 , G06F21/54 , G06F21/56 , H04L67/1001 , H04L67/02
摘要： Techniques for code modification for detecting abnormal activity are described. Web code is obtained. Modified web code is generated by changing a particular programmatic element to a modified programmatic element throughout the web code. Instrumentation code is generated configured to monitor and report on one or more interactions with versions of the particular programmatic element. The instrumentation code is caused to be provided in association with the modified web code to the first client device in response to the first request from the first client device. Report data generated by the instrumentation code is received. The report data describes abnormal activity at the first client device, the abnormal activity comprising an interaction with a version of the particular programmatic element that does not exist in the modified web code. Based on the report, it is determined that the first client device is likely controlled by malware.

10. 发明申请

US20200177592A1 DELAYED SERVING OF PROTECTED CONTENT 审中-公开
公开(公告)号：US20200177592A1
公开(公告)日：2020-06-04
申请号：US16730975
申请日：2019-12-30
申请人： Shape Security, Inc.
发明人： Nwokedi Idika , Justin D. Call
IPC分类号： H04L29/06 , G06F21/55 , G06F21/36 , G06Q20/40 , G06F8/60 , G06F21/31
摘要： Techniques are described for delayed serving of protected content. A request has been made by a client computing device for a requested resource comprising a first portion and a second portion that is initially withheld from the client computing device. First content comprising the first portion of the requested resource and reconnaissance code is served for execution on the client computing device. When executed at the client computing device, the reconnaissance code gathers data at the client computing device that indicates whether the client computing device is human-controlled or bot-controlled. The data gathered by the reconnaissance code is received. Based on the data, it is determined that the client computing device is not bot-controlled. In response to determining that the client computing device is not bot-controlled, the second portion of the requested resource is served to the client computing device,

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式