Identifying Security Breaches Caused by Web-Enabled Software Applications
First Claim
1. A method for identifying, a security breach caused when a computer-based software application uses a computer-based web browser application, the method comprising:
- identifying at least one function within a computer-based software application that causes a computer-based web browser application to access data from a source that is external to said software application;
at least partially replacing said data with malicious content that is configured to cause a predefined action to occur when said malicious content is accessed by said web browser application, wherein said predefined action is associated with a known security breach when said predefined action occurs subsequent to said malicious content being accessed by said web browser application;
causing said software application to perform said function; and
determining whether said predefined action is performed,wherein any of said steps are implemented in either of computer hardware and computer software and embodied in a computer-readable medium.
1 Assignment
0 Petitions
Accused Products
Abstract
Identifying a security breach caused when a computer-based software application uses a computer-based web browser application, including identifying at least one function within a computer-based software application that causes a computer-based web browser application to access data from a source that is external to the software application, at least partially replacing the data with malicious content that is configured to cause a predefined action to occur when the malicious content is accessed by the web browser application, where the predefined action is associated with a known security breach when the predefined action occurs subsequent to the malicious content being accessed by the web browser application, causing the software application to perform the function, and determining whether the predefined action is performed.
230 Citations
18 Claims
-
1. A method for identifying, a security breach caused when a computer-based software application uses a computer-based web browser application, the method comprising:
-
identifying at least one function within a computer-based software application that causes a computer-based web browser application to access data from a source that is external to said software application; at least partially replacing said data with malicious content that is configured to cause a predefined action to occur when said malicious content is accessed by said web browser application, wherein said predefined action is associated with a known security breach when said predefined action occurs subsequent to said malicious content being accessed by said web browser application; causing said software application to perform said function; and determining whether said predefined action is performed, wherein any of said steps are implemented in either of computer hardware and computer software and embodied in a computer-readable medium. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
9. A system for identifying a security breach caused when a computer-based software application uses a computer-based web browser application, the system comprising:
-
an application analyzer configured to identify at least one function within a computer-based software application that causes a computer-based web browser application to access data from a source that is external to said software application; a data manipulator configured to at least partially replace said data with malicious content that is configured to cause a predefined action to occur when said malicious content is accessed by said web browser application, wherein said predefined action is associated with a known security breach when said predefined action occurs subsequent to said malicious content being accessed by said web browser application; a security breach provoker configured to cause said software application to perform said function; and a security breach detector configured to determine whether said predefined action is performed. wherein any of said application analyzer, data manipulator, security breach provoker, and security breach detector are implemented in either of computer hardware and computer software and embodied in a computer-readable medium.
-
-
18. A computer program product for identifying a security breach caused when a computer-based software application uses a computer-based web browser application, the computer program product comprising:
-
a computer readable medium; and computer program instructions operative to identify at least one function within a computer-based software application that causes a computer-based web browser application to access data from a source that is external to said software application, at least partially replace said data with malicious content that is configured to cause a predefined action to occur when said malicious content is accessed by said web browser application, wherein said predefined action is associated with a known security breach when said predefined action occurs subsequent to said malicious content being accessed by said web browser application, cause said software application to perform said function, and determine whether said predefined action is performed, wherein said program instructions are stored on said computer readable medium.
-
Specification