FALSE POSITIVE DETECTION REDUCTION SYSTEM FOR NETWORK-BASED ATTACKS
First Claim
Patent Images
1. A method of detecting a security attack through a network-based application, comprising:
- receiving, by a processing device, a runtime request for invocation of a function;
determining, by the processing device, whether the function is included in a stored list of suspicious functions that are associated with a network attack; and
storing, by the processing device, information associated with the runtime request in in response to determining that the function is included in the list of suspicious functions.
2 Assignments
0 Petitions
Accused Products
Abstract
A system detects a security attack through a network-based application. The system receives a runtime request for invocation of a function and dynamically determines if the request for invocation of the function is associated with a cross-site scripting attack. In response to determine the function is associated with a cross-site scripting attack, the system stores information associated with the request, which is used for determining if the request is a legitimate request or a cross-site scripting attack.
-
Citations
20 Claims
-
1. A method of detecting a security attack through a network-based application, comprising:
-
receiving, by a processing device, a runtime request for invocation of a function; determining, by the processing device, whether the function is included in a stored list of suspicious functions that are associated with a network attack; and storing, by the processing device, information associated with the runtime request in in response to determining that the function is included in the list of suspicious functions. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. An apparatus, comprising:
-
a processing device; and a memory device coupled to the processing device, the memory device having instructions stored thereon that, in response to execution by the processing device, cause the processing device to perform operations comprising; receiving a runtime request for invocation of a function; determining whether the function is a predetermined function associated with a cross-site scripting attack; and storing information associated with the runtime request in response to determining that the function is the predetermined function. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
-
14. A computer program stored on a tangible medium for a database system, the computer program comprising a set of instructions operable to:
-
receive, by the database system, a function call; dynamically determine, by the database system, whether the function call is directed to a suspicious function associated with a cross-site scripting attack; and store, by the database system, identification information associated with the function call in response to determining the function call is directed to the suspicious function. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification