Virtual Browsing Environment

US 20110167492A1
Filed: 06/30/2010
Published: 07/07/2011
Est. Priority Date: 06/30/2009
Status: Active Grant

First Claim

Patent Images

1. A tangible non-transitory medium containing instructions that when executed by one or more processors, performs a method comprising:

a) upon initiation of at least one browser application, creating at least one virtual browsing environment with at least one operating system and executing the at least one browser application within the at least one virtual browsing environment;

b) monitoring operation of the at least one operating system within the at least one virtual browsing environment;

c) determining when the operation of the at least one operating system within the at least one virtual browsing environment includes potential malicious activity; and

d) terminating the at least one virtual browsing environment when the operation includes potential malicious activity.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An embodiment for providing a secure virtual browsing environment includes creating a virtual browsing environment with a virtualized operating system sharing an operating system kernel of a supporting operating system and executing the browser application within the virtual browsing environment. Another embodiment includes receiving a website selection within a browser application, determining if the website selection corresponds to a secure bookmark, and creating a second virtual browsing environment and executing the browser application within the second virtual browsing environment to access the website selection when the website selection corresponds to a website specified as a secure bookmark. Yet another embodiment includes monitoring operation of the operating system within the at least one virtual browsing environment, determining when the operation of the operating system includes potential malicious activity, and terminating the virtual browsing environment when the operation includes potential malicious activity.

180 Citations

22 Claims

1. A tangible non-transitory medium containing instructions that when executed by one or more processors, performs a method comprising:
- a) upon initiation of at least one browser application, creating at least one virtual browsing environment with at least one operating system and executing the at least one browser application within the at least one virtual browsing environment;
  
  b) monitoring operation of the at least one operating system within the at least one virtual browsing environment;
  
  c) determining when the operation of the at least one operating system within the at least one virtual browsing environment includes potential malicious activity; and
  
  d) terminating the at least one virtual browsing environment when the operation includes potential malicious activity.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The medium of claim 1, wherein the method further comprises transmitting information to at least one collection computer about potential malicious activity when the operation of the at least one operating system of the at least one virtual browsing environment includes potential malicious activity.
  - 3. The medium of claim 2, wherein information transmitted to the at least one collection computer includes at least one website address and operation of the at least one operating system when the at least one browser application executed within the at least one virtual browsing application accessed at least one website at the at least one website address.
  - 4. The medium of claim 1, wherein the method further comprises displaying information about potential malicious activity to at least one user when the operation of the at least one operating system of the at least one virtual browsing environment includes potential malicious activity.
  - 5. The medium of claim 1, wherein the method further comprising creating at least one second virtual browsing environment after terminating the at least one virtual browsing environment.
  - 6. The medium of claim 5, wherein the method further comprises taking at least one snapshot of the at least one virtual browsing environment upon creation.
  - 7. The medium of claim 6, wherein creating at least one second virtual browsing environment after terminating the at least one virtual browsing environment includes restoring the at least one virtual browsing environment using the at least one snapshot.
  - 8. The medium of claim 1, wherein the method further comprises terminating the at least one virtual browsing environment after at least one predetermined period of time.
  - 9. The medium of claim 1, wherein the method further comprises receiving a website selection within the at least one browser application and determining if the website selection corresponds to a website specified as a secure bookmark.
  - 10. The medium of claim 9, wherein the method further comprises, when the website selection corresponds to a website specified as a secure bookmark, creating at least one second virtual browsing environment with at least one operating system, executing the at least one browser application within the at least one second virtual browsing environment, and accessing the website selection within the at least one browser application executed within the at least one second virtual browsing environment.
  - 11. The medium of claim 1, wherein the at least one operating systems of the at least one virtual browsing environment includes at least one virtualized operating system sharing at least one kernel of at least one supporting operating system.
  - 12. The medium of claim 11, wherein the method further comprises creating at least one virtual computer including the at least one supporting operating system with the at least one kernel and creating the at least one virtual browsing environment within the at least one virtual computer.

13. A tangible non-transitory medium containing instructions that when executed by one or more processors perform a method comprising:
- a) upon initiation of at least one browser application, creating at least one first virtual browsing environment with at least one operating system and executing the at least one browser application within the at least one first virtual browsing environment;
  
  b) receiving a website selection within the at least one browser application;
  
  c) determining if the website selection corresponds to a website specified as a secure bookmark; and
  
  d) when the website selection corresponds to a website specified as a secure bookmark, creating at least one second virtual browsing environment with at least one operating system, executing the at least one browser application within the at least one second virtual browsing environment, and accessing the website selection within the at least one browser application executed within the at least one second virtual browsing environment.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 14. The medium of claim 13, wherein the method further comprises modifying the at least one browser application executed within the at least one second virtual browsing environment to prevent the at least one browser application from being directed to a website different from the website selection.
  - 15. The medium of claim 14, wherein modifying the at least one browser application includes setting an address line of the at least one browser application to be read-only.
  - 16. The medium of claim 14, wherein modifying the at least one browser application includes disabling toolbar options within the at least one browser application that allow a user to select a website to access.
  - 17. The medium of claim 13, wherein the method further comprises accessing the website selection with the at least one browser application executed within the at least first virtual browsing environment when the website selection does not correspond to a website specified as a secure bookmark.
  - 18. The medium of claim 13, wherein determining if the website selection corresponds to a website specified as a secure bookmark includes comparing the website selection to at least one file of secure bookmarks.
  - 19. The medium of claim 18, wherein the method further comprises receiving at least one indication to set a website as a secure bookmark and updating the at least one file of secure bookmarks based on the at least one indication.
  - 20. The medium of claim 13, wherein the at least one operating system of the at least one first virtual browsing environment and the at least one second virtual browsing environment includes at least one virtualized operating system sharing at least kernel of at least one supporting operating system.
  - 21. The medium of claim 20, wherein the method further comprises creating at least one virtual computer including the at least one supporting operating system with the at least one kernel and creating the at least one first virtual browsing environment and the at least one second virtual browsing environment within the at least one virtual computer.
  - 22. The medium of claim 13, wherein the method further comprises monitoring operation of the at least one operating system within the at least one second virtual browsing environment, determining if the operation of the at least one operating system within the at least one second virtual browsing environment includes potential malicious activity, and terminating the at least one second virtual browsing environment when the operation includes potential malicious activity.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
George Mason Research Foundation Inc.
Original Assignee
George Mason Research Foundation Inc.
Inventors
Huang, Yih, Wang, Jiang, Ghosh, Anup K., Jajodia, Sushil

Granted Patent

US 8,839,422 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/23
CPC Class Codes

G06F 21/53   by executing in a restricte...

G06F 21/56   Computer malware detection ...

G06F 21/568   eliminating virus, restorin...

G06F 2209/541   Client-server

G06F 2221/034   Test or assess a computer o...

G06F 9/54   Interprogram communication

H04L 63/1408   by monitoring network traff...

H04L 63/1483   service impersonation, e.g....

Virtual Browsing Environment

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

180 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Virtual Browsing Environment

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

180 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links