SECURITY SYSTEMS FOR MITIGATING ATTACKS FROM A HEADLESS BROWSER EXECUTING ON A CLIENT COMPUTER
First Claim
1. A computer system configured to improve security of server computers interacting with client computers through an intermediary computer, and comprising:
- a memory;
one or more processors coupled to the memory;
a processor logic coupled to the memory and the one or more processors, and programmed to;
intercept, from a server computer, one or more original instructions to be sent to a browser of a client computer;
send the one or more original instructions to the browser and one or more telemetry instructions, wherein the telemetry instructions are configured to, when executed, generate a set of telemetry data indicating one or more states of the browser and to send the set of telemetry data to the intermediary computer;
receive the set of telemetry data and determine whether the browser is legitimate or illegitimate based on the set of telemetry data.
3 Assignments
0 Petitions
Accused Products
Abstract
Computer systems and methods in various embodiments are configured for improving the security and efficiency of server computers interacting through an intermediary computer with client computers that may be executing malicious and/or autonomous headless browsers or “bots”. In an embodiment, a computer system comprises a memory; one or more processors coupled to the memory; a processor logic coupled to the memory and the one or more processors, and configured to: intercept, from a server computer, one or more original instructions to be sent to a browser of a client computer; send the one or more original instructions to the browser and one or more telemetry instructions, wherein the telemetry instructions are configured, when executed, to generate a set of telemetry data indicating one or more objects that were referenced by the browser and to send the set of telemetry data to the intermediary computer; receive the set of telemetry data and determine whether the browser is legitimate or illegitimate based on the set of telemetry data.
70 Citations
23 Claims
-
1. A computer system configured to improve security of server computers interacting with client computers through an intermediary computer, and comprising:
-
a memory; one or more processors coupled to the memory; a processor logic coupled to the memory and the one or more processors, and programmed to; intercept, from a server computer, one or more original instructions to be sent to a browser of a client computer; send the one or more original instructions to the browser and one or more telemetry instructions, wherein the telemetry instructions are configured to, when executed, generate a set of telemetry data indicating one or more states of the browser and to send the set of telemetry data to the intermediary computer; receive the set of telemetry data and determine whether the browser is legitimate or illegitimate based on the set of telemetry data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A computer system configured to improve security of server computers interacting with client computers through an intermediary computer, and comprising:
-
one or more processors; a processor logic coupled to the one or more processors and programmed to; intercept, from a server computer, a web page comprising JavaScript instructions to be sent to a browser of a client computer; inject, into the web page, one or more browser-detection JavaScript instructions, which when executed, cause one or more operations to be performed on the client computer and send a set of telemetry data to the computer system; send the web page with the one or more browser-detection JavaScript instructions to the browser on the client computer; receive the set of telemetry data and determine whether the browser is legitimate or illegitimate based, at least in part, on the set of telemetry data. - View Dependent Claims (16)
-
-
17. A method for improving security of a server computer interacting with a client computer through an intermediary computer comprising:
-
receiving, through a browser on the client computer, a set of instructions with one or more browser-detection instructions; executing the one or more browser-detection instructions, and in response, generating a set of telemetry data indicating one or more states of the browser; sending the set of telemetry data to the intermediary computer; wherein the method is performed by one or more computing devices. - View Dependent Claims (18, 19, 20, 21, 22, 23)
-
Specification