METHOD AND SYSTEM FOR RESTORING WEBSITES

US 20160050230A1
Filed: 08/13/2015
Published: 02/18/2016
Est. Priority Date: 08/14/2014
Status: Active Grant

First Claim

Patent Images

1. A method for restoring a website in the event of a hack or a defacement, the website comprising at least one webpage having at least one functional element, the method comprising the steps of:

copying the at least one webpage of the website with the at least one functional element to create a replicated website on a restorer server, the at least one functional element of the replicated website capable of accepting user input to trigger an event;

creating at the restorer server, a secure website replica from the replicated website by deactivating the at least one functional element such that the secure website replica is incapable of accepting user input to trigger the event; and

presenting the secure website replica in place of the website once the hack or the defacement of the website has been detected.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for restoring a website in the event of a hack or defacement is disclosed. The method comprises the step of copying the at least one webpage of the website with at least one functional element to create a replicated website on a restorer server, the at least one functional element of the replicated website capable of accepting user input to trigger an event. The method further comprises the steps of creating at the restorer server, a secure website replica from the replicated website by deactivating the at least one functional element such that the secure website replica is incapable of accepting user input to trigger the event, and presenting the secure website replica in place of the website once the hack or the defacement of the website has been detected.

Citations

29 Claims

1. A method for restoring a website in the event of a hack or a defacement, the website comprising at least one webpage having at least one functional element, the method comprising the steps of:
- copying the at least one webpage of the website with the at least one functional element to create a replicated website on a restorer server, the at least one functional element of the replicated website capable of accepting user input to trigger an event;
  
  creating at the restorer server, a secure website replica from the replicated website by deactivating the at least one functional element such that the secure website replica is incapable of accepting user input to trigger the event; and
  
  presenting the secure website replica in place of the website once the hack or the defacement of the website has been detected.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1 wherein the event is any one of the following:
    - the restorer server accessing an information sensitive database, the restorer server displaying an error message on the replicated website, a client machine downloading files and a redirection to another universal resource locator (URL).
  - 3. The method of claim 1 wherein the at least one deactivated functional element is any one of the following:
    - a javascript, an input field, a text area, a form, a select tag, a button, an anchor link, an image and a hyperlink.
  - 4. The method of claim 1 further comprising the step of removing at least one embedded element from the secure website replica.
  - 5. The method of claim 4 wherein the at least one embedded element is any one of the following:
    - an IFrame, an applet tag, an object tag and an XML tag.
  - 6. The method of claim 1 further comprising the step of disabling at least one cascading style sheet on the secure website replica.
  - 7. The method of claim 1 wherein the step of creating a secure website replica from the replicated website by deactivating the at least one functional element comprises either the step of removing the at least one functional element from the replicated website, or the step of disabling the at least one functional element on the replicated website.
  - 8. The method of claim 1 further comprising the step of preventing a client browser from caching the secure website replica.
  - 9. The method of claim 1 wherein the hack or the defacement of the website is detected by a defacement detection engine, and the method further comprises the step of redirecting with the defacement detection engine, web traffic from the website to the secure website replica.
  - 10. The method of claim 9 wherein the step of redirecting with the defacement detection engine, web traffic from the website to the secure website replica comprises the step of updating a record in a domain name server to replace an internet protocol (IP) address of a web server hosting the website, with an IP address of the restorer server.
  - 11. The method of claim 9 wherein the step of redirecting with the defacement detection engine, web traffic from the website to the secure website replica comprises the step of updating a rule set of a load balancer.
  - 12. The method of claim 9 wherein the step of redirecting with the defacement detection engine, web traffic from the website to the secure website replica comprises the step of blocking web traffic to a web server hosting the website and allowing web traffic to the restorer server.
  - 13. The method of claim 1 further comprising the step of crawling the website with the restorer server to identify the at least one webpage of the website to be copied.
  - 14. The method of claim 13 further comprising the step of providing a web portal to an organization to allow the organization the ability to customize the deactivation of the at least one functional element, and schedule and initiate the steps of crawling the website, copying the at least one webpage of the website, creating a secure website replica and redirecting web traffic from the website to the secure website replica.

15. A system for restoring a website in the event of a hack or a defacement, the website comprising at least one webpage having at least one functional element, the system comprising a restorer server, the restorer server configured to:
- copy the at least one webpage of the website with the at least one functional element to create a replicated website on the restorer server, the at least one functional element of the replicated website capable of accepting user input to trigger an event;
  
  create a secure website replica from the replicated website by deactivating the at least one functional element such that the secure website replica is incapable of accepting user input to trigger the event; and
  
  present the secure website replica in place of the website once the hack or the defacement of the website has been detected.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 16. The system of claim 15 wherein the event is any one of the following:
    - the restorer server accessing an information sensitive database, the restorer server displaying an error message on the replicated website, a client machine downloading files and a redirection to another universal resource locator (URL).
  - 17. The system of claim 15 wherein the at least one deactivated functional element is any one of the following:
    - a javascript, an input field, a text area, a form, a select tag, a button, an anchor link, an image and a hyperlink.
  - 18. The system of claim 15 wherein the restorer server is further configured to remove at least one embedded element from the secure website replica.
  - 19. The system of claim 18 wherein the at least one embedded element is any one of the following:
    - an IFrame, an applet tag, an object tag and an XML tag.
  - 20. The system of claim 15 wherein the restorer server is further configured to disable at least one cascading style sheet on the secure website replica.
  - 21. The system of claim 15 wherein the restorer server deactivates the at least one functional element by either removing the at least one functional element from the replicated website, or disabling the at least one functional element on the replicated website.
  - 22. The system of claim 15 wherein the restorer server is further configured to prevent a client browser from caching the secure website replica.
  - 23. The system of claim 15 further comprising a defacement detection engine for detecting that the website has been hacked or defaced, the defacement detection engine further configured to redirect web traffic from the website to the secure website replica.
  - 24. The system of claim 23 wherein the defacement detection engine redirects web traffic from the website to the secure website replica by updating a record in a domain name server to replace an internet protocol (IP) address of a web server hosting the website, with an IP address of the restorer server.
  - 25. The system of claim 23 wherein the defacement detection engine redirects web traffic from the website to the secure website replica by updating a rule set of a load balancer.
  - 26. The system of claim 23 wherein the defacement detection engine redirects web traffic from the website to the secure website replica by blocking web traffic to a web server hosting the website and allowing web traffic to the restorer server.
  - 27. The system of claim 15 wherein the restorer server is further configured to crawl the website to identify the at least one webpage of the website to be copied.
  - 28. The system of claim 27 further comprising a web portal for allowing an organization the ability to customize the deactivation of the at least one functional element, and schedule and initiate the restorer server to crawl the website, copy the at least one webpage of the website and create a secure website replica, and the defacement detection engine to redirect web traffic from the website to the secure website replica.

29. A computer program product for restoring a website in the event of a hack or a defacement, the website comprising at least one webpage having at least one functional element, the computer program product having a computer readable storage medium having computer readable program code configured to:
- copy the at least one webpage of the website with the at least one functional element to create a replicated website, the at least one functional element of the replicated website capable of accepting user input to trigger an event;
  
  create a secure website replica from the replicated website by deactivating the at least one functional element such that the secure website replica is incapable of accepting user input to trigger the event; and
  
  present the secure website replica in place of the website once the hack or the defacement of the website has been detected.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Banff Cyber Technologies Pte Ltd.
Original Assignee
Banff Cyber Technologies Pte Ltd.
Inventors
CHIN, King Wee Matthias, LIM, Jie Ming Lionel, Lay, Wee Lye

Granted Patent

US 9,876,819 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 11/1451   by selection of backup cont...

G06F 11/1464   for networked environments

G06F 11/1662   the resynchronized componen...

G06F 11/2028   eliminating a faulty proces...

G06F 11/2038   with a single idle spare pr...

G06F 21/00   Security arrangements for p...

G06F 21/554   involving event detection a...

G06F 21/57   Certifying or maintaining t...

G06F 2201/84   Using snapshots, i.e. a log...

H04L 63/1491   using deception as counterm...

METHOD AND SYSTEM FOR RESTORING WEBSITES

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

29 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND SYSTEM FOR RESTORING WEBSITES

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

29 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links