Protecting users from malicious pop-up advertisements

US 7,962,955 B2
Filed: 08/15/2006
Issued: 06/14/2011
Est. Priority Date: 08/15/2006
Status: Expired due to Fees

First Claim

Patent Images

1. A method for detecting a spoofed command button comprising:

tracking a creation process for a pop-up window;

detecting a command button created in the pop-up window;

comparing an assigned value of the command button with a value assigned to at least one of a valid “

No”

or a valid “

Cancel”

button;

determining a follow-up action generated on selection of the command button;

verifying that the follow-up action generated closes the pop-up window; and

alerting a user that the pop-up window poses a potential danger when the follow-up action from selecting the command button includes an action other than closing the pop-up window.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention is a solution for detecting a spoofed command button in a pop-up window. The solution tracks the creation process of a pop-up window, detects the presence of command buttons in the pop-up window, verifies the value labeled on each command button in the pop-up window and determines a follow-up action generated from selecting a command button on the pop-up window.

19 Citations

View as Search Results

13 Claims

1. A method for detecting a spoofed command button comprising:
- tracking a creation process for a pop-up window;
  
  detecting a command button created in the pop-up window;
  
  comparing an assigned value of the command button with a value assigned to at least one of a valid “
  
  No”
  
  or a valid “
  
  Cancel”
  
  button;
  
  determining a follow-up action generated on selection of the command button;
  
  verifying that the follow-up action generated closes the pop-up window; and
  
  alerting a user that the pop-up window poses a potential danger when the follow-up action from selecting the command button includes an action other than closing the pop-up window.
- View Dependent Claims (2, 3)
- - 2. The method according to claim 1 wherein the detecting includes performing a background source code validation.
  - 3. The method according to claim 1 further comprising alerting a user to proceed with caution when the assigned value of the command button restricts user selection.

4. A method for detecting a spoofed command button comprising:
- validating a closing action of a command button of a pop-up window against a web browser Application Program Interface (API) for closing a window, wherein the validating detects an anomaly when the command button does not call on the web browser API; and
  
  alerting a user in response to detecting the anomaly that a follow-up action generated in response to selecting the command button fails to communicate with the web browser API; and
  
  closing the pop-up window in response to detecting the anomaly.

5. A system comprising:
- at least one computing device configured for detecting a spoofed command button, comprising;
  
  a component for tracking a creation process for a pop-up window;
  
  a component for detecting creation of a command button in the pop-up window;
  
  a component for comparing an assigned value of the command button with a value assigned to at least one of a valid “
  
  No”
  
  or a valid “
  
  Cancel”
  
  button;
  
  a component for determining a follow-up action generated on selection of the command button;
  
  a component for verifying that the follow-up action generated closes the pop-up window; and
  
  a component for alerting a user that the pop-up window poses a potential danger when the follow-up action performs an action other than closing the pop-up window.
- View Dependent Claims (6, 7, 8)
- - 6. The system of claim 5, wherein the component for detecting performs a background source code validation.
  - 7. The system of claim 5 further comprising a component for alerting the user to proceed with caution when the assigned value of the command button restricts user selection.
  - 8. The system of claim 5 further comprisinga component for validating the pop-up window against a web browser Application Program Interface (API) for closing a window;
    - a component for alerting the user on detecting the follow-up action generated by the user on selecting the command button omits communicating with the web browser API; and
      
      a component for closing the pop-up window.

9. A computer program stored on a non-transitory machine-readable storage medium, for detecting a spoofed command button, the computer program including program code for:
- tracking a creation process for a pop-up window;
  
  detecting a command button created in the pop-up window;
  
  comparing an assigned value of the command button with a value assigned to at least one of a valid “
  
  No”
  
  or a valid “
  
  Cancel”
  
  button;
  
  determining a follow-up action generated on selection of the command button;
  
  program code for verifying that the follow-up action generated closes the pop-up window; and
  
  program code for alerting the user that the pop-up window poses a potential danger when the follow-up action for selecting a command button includes an action other than closing the pop-up window.
- View Dependent Claims (10, 11, 12)
- - 10. The computer program of claim 9 further including program code for:
    - validating a closing action of the pop-up window against a web browser Application Program Interface (API) for closing a window;
      
      alerting a user on detecting that the follow-up action generated by the user on selecting the command button fails to communicate with the web browser API; and
      
      closing of the pop-up window.
  - 11. The computer program of claim 9 further including program code for performing a background source code validation when the command button is detected.
  - 12. The computer program of claim 9 further including program code for alerting the user to proceed with caution when the assigned value of the command button restricts user selection.

13. A method for deploying an application for detecting a spoofed command button, the method comprising:
- providing a computer infrastructure being operable to;
  
  track a pop-up window creation process;
  
  detect a command button created in the pop-up window;
  
  compare an assigned value of the command button with a value assigned to at least one of a valid “
  
  No”
  
  or a valid “
  
  Cancel”
  
  button;
  
  determine a follow-up action generated on selection of the command button;
  
  verify that the follow-up action generated closes the pop-up window; and
  
  alert a user that the pop-up window poses a potential danger when the follow-up action from selecting the command button includes an action other than closing the pop-up window.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AirBNB Incorporated
Original Assignee
International Business Machines Corporation
Inventors
Chen, Gang, Langford, John S., Boss, Gregory J., Hamilton, Rick A. II
Primary Examiner(s)
Arani; Taghi T
Assistant Examiner(s)
LEE, JASON T

Application Number

US11/464,581
Publication Number

US 20080046975A1
Time in Patent Office

1,764 Days
Field of Search

715/808, 715/809, 715/781, 715/700, 713/152, 726/22, 726/4
US Class Current

726/22
CPC Class Codes

G06F 21/52 during program execution, e...

Protecting users from malicious pop-up advertisements

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

19 Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Protecting users from malicious pop-up advertisements

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

19 Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links