×

Detection of proxy server

  • US 10,069,837 B2
  • Filed: 07/07/2016
  • Issued: 09/04/2018
  • Est. Priority Date: 07/09/2015
  • Status: Active Grant
First Claim
Patent Images

1. A system comprising a proxy detector device able to determine that a proxy server is utilized by an end-user using a computing device over a communication network for accessing a trusted server comprising:

  • the proxy server detector device determining whether;

    (I) the end-user device is communicating indirectly with the trusted server via the proxy server, or (II) the end-user device is communicating directly with the trusted server via a proxy-less communication route;

    further comprising;

    a Secure Socket Layer (SSL) header cipher collector device, to collect SSL header ciphers that are actually used by the end-user device communicating with the trusted server;

    an SSL header cipher matcher, to detect a discrepancy between;

    (I) collected SSL header ciphers that are actually used by the end-user device, and (II) a set of SSL cipher headers that are declared by a browser of said end-user device;

    wherein the proxy server detector is to determine that a proxy server exists, between the end-user device and the trusted server, based on said discrepancy between;

    (I) collected SSL header ciphers that are actually used by the end-user device, and (II) the set of SSL cipher headers that are declared by a browser of said end-user device; and

    wherein when system determines that the discrepancy exists between the collected SSL header ciphers and the set of SSL ciphers which characterize the current interaction session of the current end user, the system determines that illegitimate spoofing of data is performed by the end-user device, and a fraud signal is transmitted to one or more other units of system indicating a cyber-attack.

View all claims
  • 6 Assignments
Timeline View
Assignment View
    ×
    ×