Monitoring system for detecting and preventing a malicious program code from being uploaded from a client computer to a webpage computer server

US 10,630,721 B1
Filed: 11/22/2019
Issued: 04/21/2020
Est. Priority Date: 07/16/2019
Status: Active Grant

First Claim

Patent Images

1. A monitoring system for detecting and preventing a malicious program code from being uploaded from a client computer to a webpage computer server, comprising:

a secure computer server operably communicating with the client computer and the webpage computer server, the client computer having a first IP address, the secure computer server having a second IP address, the webpage computer server having a third IP address, the secure computer server further associating the second IP address to the webpage computer server hosting a first webpage file;

the secure computer server receiving a first modified webpage file and an attachment file to the first webpage file from the client computer, the first modified webpage file comprising the first webpage file with user added data therein;

the secure computer server reading the first modified webpage file in a binary mode to obtain a first binary mode file;

the secure computer server converting the first binary mode file to a first binary file;

the secure computer server comparing a first plurality of binary portions in the first binary file to a plurality of stored malicious binary program codes to determine whether at least one binary portion of the first plurality of binary portions corresponds to at least one malicious binary program code in the plurality of stored malicious binary program codes; and

the secure computer server storing the first modified webpage file and the attachment file in a secure storage device and does not send the first modified webpage file and the attachment file to the webpage computer server in response to the first binary file having at least one malicious binary program code.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A monitoring system for detecting and preventing a malicious program code from being uploaded from a client computer to a webpage computer server is provided. A secure computer server compares a first plurality of binary portions in a first binary file to a plurality of stored malicious binary program codes to determine whether at least one binary portion of the first plurality of binary portions corresponds to at least one malicious binary program code in the plurality of stored malicious binary program codes. The secure computer server does not send a first modified webpage file and an attachment file to the webpage computer server in response to a first binary file having at least one malicious binary program code.

Citations

19 Claims

1. A monitoring system for detecting and preventing a malicious program code from being uploaded from a client computer to a webpage computer server, comprising:
- a secure computer server operably communicating with the client computer and the webpage computer server, the client computer having a first IP address, the secure computer server having a second IP address, the webpage computer server having a third IP address, the secure computer server further associating the second IP address to the webpage computer server hosting a first webpage file;
  
  the secure computer server receiving a first modified webpage file and an attachment file to the first webpage file from the client computer, the first modified webpage file comprising the first webpage file with user added data therein;
  
  the secure computer server reading the first modified webpage file in a binary mode to obtain a first binary mode file;
  
  the secure computer server converting the first binary mode file to a first binary file;
  
  the secure computer server comparing a first plurality of binary portions in the first binary file to a plurality of stored malicious binary program codes to determine whether at least one binary portion of the first plurality of binary portions corresponds to at least one malicious binary program code in the plurality of stored malicious binary program codes; and
  
  the secure computer server storing the first modified webpage file and the attachment file in a secure storage device and does not send the first modified webpage file and the attachment file to the webpage computer server in response to the first binary file having at least one malicious binary program code.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The monitoring system of claim 1, wherein:
    - the secure computer server reading the attachment file in the binary mode to obtain a second binary mode file;
      
      the secure computer server converting the second binary mode file to a second binary file;
      
      the secure computer server comparing a second plurality of binary portions in the second binary file to the plurality of stored malicious binary program codes to determine whether at least one binary portion of the second plurality of binary portions corresponds to at least one malicious binary program code in the plurality of stored malicious binary program codes, each malicious binary program code of the plurality of stored malicious binary program codes having a functionality to damage the webpage computer server or to allow unauthorized access to the webpage computer server; and
      
      the secure computer server storing the first modified webpage file and the attachment file in a secure storage device, and does not send the first modified webpage file and the attachment file to the webpage computer server in response to the first binary file having at least one malicious binary program code or the second binary file having at least one malicious binary program code.
  - 3. The monitoring system of claim 1, wherein:
    - the secure computer server receiving a first request message from the client computer to request the first webpage file from the webpage computer server;
      
      the secure computer server sending a second request message on behalf of the client computer to the webpage computer server utilizing the third IP address to request the first webpage file from the webpage computer server, in response to the first request message; and
      
      the secure computer server receiving the first webpage file from the webpage computer server after the second request message and sending the first webpage file to the client computer utilizing the first IP address.
  - 4. The monitoring system of claim 1, wherein the secure computer server sending the first modified webpage file and the attachment file to the webpage computer server utilizing the third IP address in response to the first binary file not having at least one malicious binary program code and the second binary file not having at least one malicious binary program code.
  - 5. The monitoring system of claim 1, wherein the secure computer server does not require that the webpage computer server have an authentication application thereon for allowing the secure computer server to directly access files in the webpage computer server based on either an API, or a password and a user ID.
  - 6. The monitoring system of claim 1, wherein the secure computer server does not require that the client computer have an authentication application thereon for allowing the secure computer server to directly access files in the client computer based on either an API, or a password and a user ID.
  - 7. The monitoring system of claim 1, wherein the plurality of stored malicious binary program codes are stored in a central database that operably communicates with the secure computer server.

8. A monitoring system for detecting and preventing a malicious program code from being uploaded from a client computer to a webpage computer server, comprising:
- a secure computer server operably communicating with the client computer and the webpage computer server, the client computer having a first IP address, the secure computer server having a second IP address, the webpage computer server having a third IP address, the secure computer server further associating the second IP address to the webpage computer server hosting a first webpage file;
  
  the secure computer server receiving a first modified webpage file from the client computer, the first modified webpage file comprising the first webpage file with user added data therein;
  
  the secure computer server reading the first modified webpage file in a binary mode to obtain a first binary mode file;
  
  the secure computer server converting the first binary mode file to a first binary file;
  
  the secure computer server comparing a plurality of binary portions in the first binary file to a plurality of stored malicious binary program codes to determine whether at least one binary portion of the plurality of binary portions corresponds to at least one malicious binary program code in the plurality of stored malicious binary program codes; and
  
  the secure computer server storing the first modified webpage file in a secure storage device and does not send the first modified webpage file to the webpage computer server in response to the first binary file having at least one malicious binary program code.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The monitoring system of claim 8, wherein:
    - the secure computer server receiving a first request message from the client computer to request the first webpage file from the webpage computer server;
      
      the secure computer server sending a second request message on behalf of the client computer to the webpage computer server utilizing the third IP address to request the first webpage file from the webpage computer server, in response to the first request message;
      
      the secure computer server receiving the first webpage file from the webpage computer server after the second request message and sending the first webpage file to the client computer utilizing the first IP address; and
      
      wherein each malicious binary program code of the plurality of stored malicious binary program codes having a functionality to damage the webpage computer server or to allow unauthorized access to the webpage computer server.
  - 10. The monitoring system of claim 8, wherein the secure computer server sending the first modified webpage file to the webpage computer server utilizing the third IP address in response to the first binary file not having at least one malicious binary program code.
  - 11. The monitoring system of claim 8, wherein the secure computer server does not require that the webpage computer server have an authentication application thereon for allowing the secure computer server to directly access files in the webpage computer server based on either an API, or a password and a user ID.
  - 12. The monitoring system of claim 8, wherein the secure computer server does not require that the client computer have an authentication application thereon for allowing the secure computer server to directly access files in the client computer based on either an API, or a password and a user ID.
  - 13. The monitoring system of claim 8, wherein the plurality of stored malicious binary program codes are stored in a central database that operably communicates with the secure computer server.

14. A monitoring system for detecting and preventing a malicious program code from being uploaded from a client computer to a webpage computer server, comprising:
- a secure computer server operably communicating with the client computer and the webpage computer server, the client computer having a first IP address, the secure computer server having a second IP address, the webpage computer server having a third IP address, the secure computer server further associating the second IP address to the webpage computer server hosting a first webpage file;
  
  the secure computer server receiving the first webpage file and an attachment file to the first webpage file from the client computer;
  
  the secure computer server reading the attachment file in a binary mode to obtain a first binary mode file;
  
  the secure computer server converting the first binary mode file to a first binary file;
  
  the secure computer server comparing a plurality of binary portions in the first binary file to a plurality of stored malicious binary program codes to determine whether at least one binary portion of the plurality of binary portions corresponds to at least one malicious binary program code in the plurality of stored malicious binary program codes; and
  
  the secure computer server storing the first webpage file and the attachment file in a secure storage device and does not send the first webpage file and the attachment file to the webpage computer server in response to the first binary file having at least one malicious binary program code.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The monitoring system of claim 14, wherein:
    - the secure computer server receiving a first request message from the client computer to request the first webpage file from the webpage computer server;
      
      the secure computer server sending a second request message on behalf of the client computer to the webpage computer server utilizing the third IP address to request the first webpage file from the webpage computer server, in response to the first request message;
      
      the secure computer server receiving the first webpage file from the webpage computer server after the second request message and sending the first webpage file to the client computer utilizing the first IP address; and
      
      wherein each malicious binary program code of the plurality of stored malicious binary program codes has a functionality to damage the webpage computer server or to allow unauthorized access to the webpage computer server.
  - 16. The monitoring system of claim 14, wherein the secure computer server sending the first webpage file and the attachment file to the webpage computer server utilizing the third IP address in response to the first binary file not having at least one malicious binary program code.
  - 17. The monitoring system of claim 14, wherein the secure computer server does not require that the webpage computer server have an authentication application thereon for allowing the secure computer server to directly access files in the webpage computer server based on either an API, or a password and a user ID.
  - 18. The monitoring system of claim 14, wherein the secure computer server does not require that the client computer have an authentication application thereon for allowing the secure computer server to directly access files in the client computer based on either an API, or a password and a user ID.
  - 19. The monitoring system of claim 14, wherein the plurality of stored malicious binary program codes are stored in a central database that operably communicates with the secure computer server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
ALSCO Software LLC
Original Assignee
ALSCO Software LLC
Inventors
Hussain, Mohammed Kifah, Hussain, Yasser Kifah, Hussain, Zayd Kifah
Primary Examiner(s)
Moorthy, Aravind K

Application Number

US16/692,456
Time in Patent Office

151 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/563   by source code analysis

H04L 63/1408   by monitoring network traff...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1425   Traffic logging, e.g. anoma...

H04L 63/1466   Active attacks involving in...

H04L 63/164   at the network layer

Monitoring system for detecting and preventing a malicious program code from being uploaded from a client computer to a webpage computer server

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Monitoring system for detecting and preventing a malicious program code from being uploaded from a client computer to a webpage computer server

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links