SYSTEM AND METHOD OF PREVENTING WEB APPLICATIONS THREATS
First Claim
1. A method of preventing an application attack, the method comprising:
- verifying network traffic against a profile of acceptable behavior for a user of the application and identifying anomalous user traffic;
determining if the anomalous traffic is a threat; and
blocking the anomalous traffic at an application server.
12 Assignments
0 Petitions
Accused Products
Abstract
A system and method for protection of Web based applications are described. An agent is included in a web server such that traffic is routed through the agent. A security module is also in communication with the agent. The agent receives information about the application profile, and patterns of acceptable traffic behavior, from the security module. The agent acts as a gatekeeper, holding up suspicious traffic that does not match the pattern of acceptable traffic behavior until the suspicious traffic has been analyzed by the security module. Using the agent, malicious traffic can dropped before it can reach the application, or the user can be logged out, or both.
221 Citations
61 Claims
-
1. A method of preventing an application attack, the method comprising:
-
verifying network traffic against a profile of acceptable behavior for a user of the application and identifying anomalous user traffic; determining if the anomalous traffic is a threat; and blocking the anomalous traffic at an application server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. An application attack prevention system comprising:
-
a security module adapted to provide a profile of acceptable behavior for a user of the application; and an agent adapted to receive the profile and identify anomalous user traffic, wherein if it is determined that the anomalous traffic is a threat, then blocking the anomalous traffic from an application server. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
-
-
35. An application attack prevention system comprising:
-
a security module adapted to provide a profile of acceptable behavior for a user of the application; and an agent adapted to receive the profile and identify anomalous user traffic, wherein if it is determined that the anomalous traffic is a threat, logging out the user. - View Dependent Claims (36, 37, 38, 39, 40)
-
-
41. An application attack prevention system comprising:
-
a security module adapted to monitor user traffic and to provide a profile of acceptable behavior for a user of the application; and an agent adapted to receive the profile and identify anomalous user traffic based upon the profile, wherein if it is determined that the anomalous traffic is a threat, logging out the user. - View Dependent Claims (42, 43, 44)
-
-
45. An application server comprising:
-
an input adapted to receive a profile of acceptable behavior for a user of an application; and an agent adapted to receive the profile of acceptable behavior for the user, wherein the agent monitors the user traffic to the server and identifies anomalous user traffic based upon the profile, and logs out the user if it is determined that the anomalous traffic is a threat. - View Dependent Claims (46, 47, 48, 49, 50, 51, 52, 53)
-
-
54. An application server comprising:
-
an input adapted to receive a profile of acceptable behavior for a user of an application; and an agent adapted to receive the profile of acceptable behavior for the user, wherein the agent monitors user traffic to the server and identifies anomalous user traffic based upon the profile, and then blocks the anomalous traffic from the server if it is determined that the anomalous traffic is a threat. - View Dependent Claims (55, 56, 57, 58, 59, 60, 61)
-
Specification