Method, system and computer program product for security in a global computer network transaction

US 7,509,679 B2
Filed: 01/30/2004
Issued: 03/24/2009
Est. Priority Date: 08/30/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A method, comprising:

receiving a first request via a browser application running on a first client computer system, wherein said first request is for a first website usable by said first client computer system for performing an online transaction;

subsequent to said first request and prior to completion of the online transaction, sending a first program to said first client computer system, wherein said sending causes the first program to automatically execute repeatedly within said browser application during the online transaction in order to determine whether malicious code is currently running on said first client computer system;

wherein, if the execution of the first program indicates that malicious code is currently running on the first client computer system, perform a corrective action with respect to the malicious code.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

From a first information handling system (“IHS”) to a second IHS, in response to a request for initiating an online transaction, a program is downloaded for detecting malicious code on the second IHS.

95 Citations

View as Search Results

36 Claims

1. A method, comprising:
- receiving a first request via a browser application running on a first client computer system, wherein said first request is for a first website usable by said first client computer system for performing an online transaction;
  
  subsequent to said first request and prior to completion of the online transaction, sending a first program to said first client computer system, wherein said sending causes the first program to automatically execute repeatedly within said browser application during the online transaction in order to determine whether malicious code is currently running on said first client computer system;
  
  wherein, if the execution of the first program indicates that malicious code is currently running on the first client computer system, perform a corrective action with respect to the malicious code.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the first program is executable on said first client computer system as a plug-in for said browser application.
  - 3. The method of claim 1, wherein the first website is an online banking website, and the online transaction is a banking transaction.
  - 4. The method of claim 1, wherein the corrective action includes disabling or quarantining malicious code currently running on the first client computer system.
  - 5. The method of claim 1, wherein the first program is executable to examine characteristics and behaviors of each of the programs currently running on the first client computer system.
  - 6. The method of claim 1, wherein the first program is automatically executable within said browser application at a point of entry into the online transaction, wherein the point of entry is prior to entry of a login sequence to the first website.
  - 7. The method of claim 1, wherein the first program is automatically executable within said browser application at a point of entry into the online transaction, wherein the point of entry is immediately after entry of a login sequence to the first website.
  - 8. The method of claim 1, wherein the corrective action includes terminating the online transaction.
  - 9. The method of claim 1, wherein the corrective action includes disabling the malicious code.

10. A computer system, comprising:
- a processor subsystem; and
  
  a memory, including program instructions executable by said processor subsystem to;
  
  receive a first request via a browser application running on a first client computer system, wherein said first request is for a first website usable by said first client computer system for performing an online transaction;
  
  subsequent to said first request and prior to completion of the online transaction, send a first program to said first client computer system, causing said first program to automatically execute repeatedly within said browser application during the online transaction in order to determine whether malicious code is currently running on said first client computer system;
  
  wherein, if the execution of the first program indicates that malicious code is currently running on the first client computer system, perform a corrective action with respect to the malicious code.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 11. The computer system of claim 10, wherein said online transaction includes performing an authentication of a user of the first client computer system.
  - 12. The computer system of claim 10, wherein the online transaction includes the exchange of personal information that includes personal financial information.
  - 13. The computer system of claim 12, wherein the online transaction includes the exchange of personal financial information that includes at least one of the following types of information:
    - credit card information;
      
      account balance information;
      
      financial transaction history information.
  - 14. The computer system of claim 10, wherein the first program is executable on said first client computer system as a plug-in for said browser application.
  - 15. The computer system of claim 10, wherein the first website is an online banking website, and wherein the online transaction is an online banking transaction.
  - 16. The computer system of claim 10, wherein the first program is executable to disable a second program currently running on the first client computer system, wherein the second program is only disabled until the online transaction is completed.
  - 17. The computer system of claim 10, wherein the first program is executable to search for characteristics and behaviors of currently running programs on the first client computer system, including characteristics and behaviors typically associated with both malicious code and valid code.
  - 18. The computer system of claim 10, wherein said first program is automatically executable within said browser application at a point of entry into the online transaction, wherein the point of entry is immediately after entry of a login sequence to the first website.
  - 19. The computer system of claim 10, wherein said first program is automatically executable within said browser application at a point of entry into the online transaction, wherein the point of entry is prior to entry of a login sequence to the first website.
  - 20. The computer system of claim 10, wherein the corrective action includes terminating the online transaction.
  - 21. The computer system of claim 10, wherein the corrective action includes disabling the malicious code.

22. A computer-readable memory medium, including program instructions executable to:
- receive a first request via a browser application running on a first client computer system, wherein said first request is for a first website usable by said first client computer system for performing an online transaction;
  
  subsequent to said first request and prior to completion of the online transaction, send a first program to said first client computer system, causing said first program to automatically execute repeatedly within said browser application during the online transaction in order to determine whether malicious code is currently running on said first client computer system;
  
  wherein, if the execution of the first program indicates that malicious code is currently running on the first client computer system, perform a corrective action with respect to the malicious code.
- View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30)
- - 23. The memory medium of claim 22, wherein the first program is executable on said first client computer system as a plug-in for said browser application.
  - 24. The memory medium of claim 22, wherein the first website is an online banking website, and wherein the online transaction is an online banking transaction.
  - 25. The memory medium of claim 22, wherein the first program is executable to quarantine a second program currently running on the first client computer system and to unquarantine the second program in response to user input received via the first client computer system.
  - 26. The memory medium of claim 22, wherein the first program is executable to perform, for each of one or more programs currently running on the first client computer system, a plurality of detection routines and to categorize each of those programs with respect to the likelihood that the program will compromise the security of the online transaction;
    - wherein each of the one or more programs is running on the first client computer system in a manner that permits that program to directly interface with an operating system of the first client computer system.
  - 27. The memory medium of claim 22, wherein said first program is automatically executable within said browser application at a point of entry into the online transaction, wherein the point of entry is prior to entry of a login sequence to the first website.
  - 28. The memory medium of claim 22, wherein said first program is automatically executable within said browser application at a point of entry into the online transaction, wherein the point of entry is immediately after entry of a login sequence to the first website.
  - 29. The memory medium of claim 22, wherein the corrective action includes terminating the online transaction.
  - 30. The memory medium of claim 22, wherein the corrective action includes disabling the malicious code.

31. A system, comprising:
- a server hosting a first website that is usable by various client computer systems for performing online transactions;
  
  a first client computer system storing program instructions executable to send a request, via a browser application, to the first website to perform a first online transaction;
  
  wherein the sewer stores program instructions executable to send, subsequent to the request, a first program to the first client computer system, wherein the first program is repeatedly executable on the first client computer system prior to completion of the first online transaction to determine whether malicious code is currently running on the first client computer system;
  
  wherein, if the execution of the first program indicates that malicious code is currently running on the first client computer system, perform a corrective action.
- View Dependent Claims (32, 33, 34, 35, 36)
- - 32. The system of claim 31, wherein the first website is an online banking website, and wherein the first online transaction is an online banking transaction.
  - 33. The system of claim 31, wherein the first program is executable to categorize a second program running on the first client computer system as malicious code, wherein the second program is running in a manner that permits the second program to compromise the security of the first online transaction.
  - 34. The system of claim 33, wherein the first program is executable to categorize the second program by calculating a first score and a second score indicative of the extent to which the second program has characteristics and behaviors typically associated with malicious code and valid code, respectively.
  - 35. The system of claim 31, wherein the first program is executable on the first client computer system prior to or immediately after entry of a login sequence by a user of the first client computer system.
  - 36. The system of claim 31, wherein the first program is executable on the first client computer system as a browser plug-in.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Symantec Corporation (NortonLifeLock Inc.)
Original Assignee
Symantec Corporation (NortonLifeLock Inc.)
Inventors
Norwood, Peter, Alagna, Michael Anthony, Payne, Charles Andrew, Obrecht, Mark Eric
Primary Examiner(s)
Revak; Christopher A

Application Number

US10/768,862
Publication Number

US 20040187023A1
Time in Patent Office

1,880 Days
Field of Search

713/200, 713/201, 713/188, 345/531, 380/201, 705/44, 707/200
US Class Current

726/24
CPC Class Codes

G06F 21/56   Computer malware detection ...

G06F 21/57   Certifying or maintaining t...

G06F 21/577   Assessing vulnerabilities a...

Method, system and computer program product for security in a global computer network transaction

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

95 Citations

36 Claims

Specification

Solutions

Use Cases

Quick Links

Method, system and computer program product for security in a global computer network transaction

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

95 Citations

36 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links