SYSTEMS AND METHODS FOR RISK RATING AND PRO-ACTIVELY DETECTING MALICIOUS ONLINE ADS
First Claim
1. A computer-implemented method comprising:
- receiving a web page including a SWF file, wherein the SWF file originates from a different server than the web page;
extracting, using a processor, the SWF file from the web page;
analyzing the SWF file, using the processor, to determine a risk rating for the SWF file, wherein analyzing includes locating an embedded redirection uniform resource locator (URL) and determining a risk rating for the embedded redirection URL;
displaying, within the web page, the risk rating for the SWF file; and
determining, based on the risk rating, whether to filter the SWF file.
10 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems for risk rating and pro-actively detecting malicious online ads are described. In one example embodiment, a system for risk rating and pro-actively detecting malicious online ads includes an extraction module, an analysis engine, and a filter module. The extraction module is configured to extract a SWF file from a web page downloaded by the system. The analysis engine is communicatively coupled to the extraction module. The analysis engine is configured to determine a risk rating for the SWF file and send the risk rating to a web application for display. In an example, determining the risk rating includes locating an embedded redirection URL and determining a risk rating for the embedded redirection URL. The filter module is configured to determine, based on the risk rating, whether to block the SWF file and send a warning to the web application for display.
-
Citations
24 Claims
-
1. A computer-implemented method comprising:
-
receiving a web page including a SWF file, wherein the SWF file originates from a different server than the web page; extracting, using a processor, the SWF file from the web page; analyzing the SWF file, using the processor, to determine a risk rating for the SWF file, wherein analyzing includes locating an embedded redirection uniform resource locator (URL) and determining a risk rating for the embedded redirection URL; displaying, within the web page, the risk rating for the SWF file; and determining, based on the risk rating, whether to filter the SWF file. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system comprising:
-
an extraction module to extract a SWF file from a web page requested by a web browser communicatively coupled to the extraction module; an analysis engine communicatively coupled to the extraction module and configured to; determine a risk rating for the SWF file; and send the risk rating to the web browser for display within the web page; wherein determining the risk rating includes, locating an embedded redirection uniform resource locator (URL), and determining a risk rating for the embedded redirection URL; and a filter module to determine, based on the risk rating, whether to filter the SWF file and to send a warning to the browser for display within the web page. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A system comprising:
a gateway server communicatively coupled to the Internet and an internal network, the gateway server including; an extraction module to extract a SWF file from a web page requested by a client on the internal network; an analysis engine to analyze the SWF file in order to locate an embedded redirection uniform resource locator (URL), wherein the SWF file originates from a different server than the requested web page; a risk rating module to determine a risk rating for the embedded redirection URL; and a filter module to determine, based on the risk rating, whether to filter the SWF file and send a warning and the risk rating within the web page requested by the client.
-
23. A system comprising:
-
a client computer communicatively coupled to a network and running a web browser; an extraction module, running in conjunction to the web browser, to extract a SWF file from a web page accessed by the web browser; an analysis engine communicatively coupled to the extraction module and configured to; determine a risk rating for the SWF file; and send the risk rating to the web browser for display within the web page; wherein determining the risk rating includes, locating an embedded redirection uniform resource locator (URL), and determining a risk rating for the embedded redirection URL; and a filter module to block, based on the risk rating, the SWF file and to send a warning for display within the web page.
-
-
24. An article of manufacture including a machine-readable medium containing instructions that when executed on a computer system cause the computer system to perform a method, the method comprising:
-
receiving a web page including a SWF file, the SWF file originating from a different server than the web page; extracting the SWF file from the web page; analyzing the SWF file to determine a risk rating for the SWF file, wherein analyzing includes locating an embedded redirection uniform resource locator (URL) and determining a risk rating for the embedded redirection URL; displaying, within the web page, the risk rating for the SWF file; and determining, based on the risk rating, whether to filter the SWF file.
-
Specification