Piggybacking malicious code blocker
First Claim
1. A computer system comprising:
- a memory having stored therein a piggybacking malicious code blocking application; and
a processor coupled to said memory, wherein execution of said piggybacking malicious code blocking application generates a method comprising;
determining whether a transaction request has occurred during a transaction session, wherein upon a determination that said transaction request has occurred, said method further comprising;
following a determination that a transaction request has been made, the transaction request is intercepted by an http proxy which stalls the transaction request until a determination is made that the transaction request is legitimate, the process for determining whether the transaction request is legitimate comprising;
parsing a first critical value from said transaction request; and
determining whether said first critical value is legitimate;
upon a determination that said first critical value is legitimate, said piggybacking malicious code blocking application further performs;
determining whether said transaction request contains at least one additional critical value to be evaluated as legitimate;
selecting a second critical value upon a determination that said transaction request does contain said at least one additional critical value; and
determining whether said second critical value is legitimate.
2 Assignments
0 Petitions
Accused Products
Abstract
A method includes determining whether a transaction request has occurred during a transaction session. Upon a determination that a transaction request has occurred, the method includes parsing critical values from the transaction request and determining whether the critical values are legitimate. If the critical values are found to be suspicious instead of legitimate, the method further includes seeking approval of the transaction request from the user of the host computer system. Upon approval of the transaction request, the transaction request is allowed. Conversely, upon denial of the transaction request, the transaction request is determined to be malicious, and protective action is taken including terminating the transaction request.
-
Citations
18 Claims
-
1. A computer system comprising:
-
a memory having stored therein a piggybacking malicious code blocking application; and a processor coupled to said memory, wherein execution of said piggybacking malicious code blocking application generates a method comprising; determining whether a transaction request has occurred during a transaction session, wherein upon a determination that said transaction request has occurred, said method further comprising; following a determination that a transaction request has been made, the transaction request is intercepted by an http proxy which stalls the transaction request until a determination is made that the transaction request is legitimate, the process for determining whether the transaction request is legitimate comprising; parsing a first critical value from said transaction request; and determining whether said first critical value is legitimate; upon a determination that said first critical value is legitimate, said piggybacking malicious code blocking application further performs; determining whether said transaction request contains at least one additional critical value to be evaluated as legitimate; selecting a second critical value upon a determination that said transaction request does contain said at least one additional critical value; and determining whether said second critical value is legitimate.
-
-
2. A computer-program product comprising a nontransitory computer readable medium containing computer program code stored thereon which when executed by a processor, performs operations comprising:
-
a piggybacking malicious code blocking application for determining whether a transaction request has occurred during a transaction session, wherein upon a determination that said transaction request has occurred, said piggybacking malicious code blocking application further for; following a determination that a transaction request has been made, the transaction request is intercepted by an http proxy which stalls the transaction request until a determination is made that the transaction request is legitimate, the process for determining whether the transaction request is legitimate comprising; parsing a first critical value from said transaction request; and determining whether said first critical value is legitimate; upon a determination that said first critical value is legitimate, said piggybacking malicious code blocking application further performs; determining whether said transaction request contains at least one additional critical value to be evaluated as legitimate; selecting a second critical value upon a determination that said transaction request does contain said at least one additional critical value; and determining whether said second critical value is legitimate. - View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
Specification