Method and Apparatus for Phishing and Leeching Vulnerability Detection
First Claim
Patent Images
1. A method for securing a web server from phishing and leeching activity, the method comprising:
- receiving a request to access content at an application security system;
identifying a source of the request and a local host to which the request is directed using the application security system;
determining whether the source of the request is an external source; and
performing a responsive action if the source of the request is received from an external source.
9 Assignments
0 Petitions
Accused Products
Abstract
A system and method for protection of Web based applications are described. Anomalous traffic can be identified by comparing the traffic to a profile of acceptable user traffic when interacting with the application. Phishing and leeching are one type of anomalous traffic that is detected. The anomalous traffic, or security events, identified at the individual computer networks are communicated to a central security manager. Various responsive actions may be taken in response to detection of phishing or leeching.
223 Citations
18 Claims
-
1. A method for securing a web server from phishing and leeching activity, the method comprising:
-
receiving a request to access content at an application security system; identifying a source of the request and a local host to which the request is directed using the application security system; determining whether the source of the request is an external source; and performing a responsive action if the source of the request is received from an external source. - View Dependent Claims (2, 3, 4)
-
-
5. A method for securing a web server by detecting phishing vulnerability, the method comprising:
-
receiving an HTTP request at an application security system; identifying link parameters in the HTTP request; determining whether the HTTP request includes a redirect to one of the link parameters; determining whether the redirect is to a local host if the HTTP request includes a redirect; and performing a responsive action if redirect is to external source. - View Dependent Claims (6, 7, 8, 9)
-
-
10. A computer-readable medium comprising processor-executable instructions that, when executed, direct a computer system to perform actions for securing a web server from phishing and leeching activity, the actions comprising:
-
receiving a request to access content at an application security system; identifying a source of the request and a local host to which the request is directed using the application security system; determining whether the source of the request is an external source; and performing a responsive action if the source of the request is received from an external source. - View Dependent Claims (11, 12, 13)
-
-
14. A computer-readable medium comprising processor-executable instructions that, when executed, direct a computer system to perform actions for securing a web server by detecting phishing vulnerability, the actions comprising:
-
receiving an HTTP request at an application security system; identifying link parameters in the HTTP request; determining whether the HTTP request includes a redirect to one of the link parameters; determining whether the redirect is to a local host if the HTTP request includes a redirect; and performing a responsive action if redirect is to external source. - View Dependent Claims (15, 16, 17, 18)
-
Specification