Method and apparatus for enhanced browsing with security scanning

US 8,327,440 B2
Filed: 09/20/2011
Issued: 12/04/2012
Est. Priority Date: 11/08/2004
Status: Active Grant

First Claim

Patent Images

1. A method of enhanced browsing of a second web page linked to a first web page displayed by a browser in a browser window, with security scanning, the method comprising:

identifying, in the first web page, a target link to the second web page, wherein the target link is identified from one or more links that are contained within the first web page, wherein the one or more links are prioritized by a client computing device to determine a prefetching order, and wherein the target link is identified and prioritized before a request for content of the second web page is sent from the client computing device to a computing device that stores the content of the second web page;

prior to receiving a user selection of the target link or of an indicator associated with the target link, prefetching content from the second web page, the content including web page data, applets, or scripts;

loading the prefetched content from the second web page into a safe cache on the client computing device according to the prefetching order and before receiving the user selection of the target link or of the indicator associated with the target link and before the content of the second web page is opened by an application configured to provide access to the content of the second web page on the client computing device;

scanning the prefetched content from the second web page for a security threat, within the safe cache, wherein the safe cache is configured to prevent the prefetched content from altering a memory location or storage location external to the safe cache;

detecting placement of a cursor proximate to the target link or the indicator associated with the target link; and

in response to the detecting;

if a security threat was identified with the prefetched content, presenting a warning along with one or more selectable options to initiate in response to the identified security threat, including an option to ignore the warning; and

causing display of a second window comprising the prefetched content if no security threat was identified with the prefetched content or if a user selection is received of a selectable option to ignore the warning.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for enhanced browsing with security scanning. Within a document (e.g., a web page, a word processing document, a list of electronic mail messages), a link to other content or another document is selected by a computing device and the content is identified before a user clicks on the link to open the content. The content is placed into a safe cache that prevents the content from adversely affecting the user'"'"'s computing device. The content is scanned and/or its behavior is analyzed to detect any security threats or undesirable content (e.g., viruses, worms, scripts, adware, spyware, pornography). Results of the analysis may be collected at a central server. The link or an associated indicator may be configured to indicate whether a threat is present; more information may be provided as desired. A user may be provided with various options to ignore a threat, disable the link, etc.

183 Citations

20 Claims

1. A method of enhanced browsing of a second web page linked to a first web page displayed by a browser in a browser window, with security scanning, the method comprising:
- identifying, in the first web page, a target link to the second web page, wherein the target link is identified from one or more links that are contained within the first web page, wherein the one or more links are prioritized by a client computing device to determine a prefetching order, and wherein the target link is identified and prioritized before a request for content of the second web page is sent from the client computing device to a computing device that stores the content of the second web page;
  
  prior to receiving a user selection of the target link or of an indicator associated with the target link, prefetching content from the second web page, the content including web page data, applets, or scripts;
  
  loading the prefetched content from the second web page into a safe cache on the client computing device according to the prefetching order and before receiving the user selection of the target link or of the indicator associated with the target link and before the content of the second web page is opened by an application configured to provide access to the content of the second web page on the client computing device;
  
  scanning the prefetched content from the second web page for a security threat, within the safe cache, wherein the safe cache is configured to prevent the prefetched content from altering a memory location or storage location external to the safe cache;
  
  detecting placement of a cursor proximate to the target link or the indicator associated with the target link; and
  
  in response to the detecting;
  
  if a security threat was identified with the prefetched content, presenting a warning along with one or more selectable options to initiate in response to the identified security threat, including an option to ignore the warning; and
  
  causing display of a second window comprising the prefetched content if no security threat was identified with the prefetched content or if a user selection is received of a selectable option to ignore the warning.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, further comprising prior to said causing display of a second window:
    - generating but not displaying the second window;
      
      populating the second window with the prefetched content; and
      
      caching the second window.
  - 3. The method of claim 1, wherein:
    - the indicator is configured with a first appearance if no security threat is identified in the prefetched content; and
      
      the indicator is configured with a different appearance if a security threat is identified in the prefetched content.
  - 4. The method of claim 1, further comprising, if a security threat is detected in the prefetched content, generating an alert.
  - 5. The method of claim 1, wherein said scanning comprises, if the prefetched content contains executable code, executing the code within the safe cache to determine a behavior of the executable code.
  - 6. The method of claim 1, further comprising notifying a central server of a result of the scanning the prefetched content for a security threat.
  - 7. The method of claim 6, further comprising, prior to said scanning, querying the central server for a result of a previous scanning of the prefetched content.
  - 8. The method of claim 1, wherein the security threat comprises one or more of a virus, a worm, and a trojan horse.
  - 9. The method of claim 1, wherein the security threat comprises one or more of spyware and adware.
  - 10. The method of claim 1, wherein the security threat comprises one or more of a phishing attack, a cookie, and a script.
  - 11. The method of claim 1, wherein the second window is an enhanced browsing window lacking one or more functions provided by the browser window.
  - 12. The method of claim 1, wherein the second window is configured to close in response to movement of the cursor out of the second window.
  - 13. The method of claim 1, further comprising:
    - allowing the application to open the content only if;
      
      no security threat was detected in the content;
      
      orif a security threat was detected in the content, an option selected from the one or more selectable options is an option to allow the content to be accessed despite the detected security threat.

14. A non-transitory computer readable storage medium storing instructions thereon that, if executed by a computing device, cause the computing device to perform operations of enhanced browsing with security scanning, the instructions comprising:
- instructions to identify, in a first web page, a target link to a second web page, wherein the target link is identified from one or more links that are contained within the first web page, wherein the one or more links are prioritized by a client computing device to determine a prefetching order, and wherein the target link is identified and prioritized before a request for content of the second web page is sent from the client computing device to a computing device that stores the content of the second web page;
  
  instructions to, prior to receiving a user selection of the target link or of an indicator associated with the target link, prefetch content from the second web page, the content including web page data, applets, or scripts;
  
  instructions to load the prefetched content into a safe cache on the client computing device according to the prefetching order and before receiving the user selection of the target link or of the associated indicator and before the content of the second web page is opened by an application configured to provide access to the content of the second web page on the client computing device;
  
  instructions to scan the prefetched content for a security threat, within the safe cache, wherein the safe cache is configured to prevent the prefetched content from altering a memory location or storage location external to the safe cache;
  
  instructions to detect placement of a cursor proximate to the target link or the associated indicator; and
  
  instructions to, in response to said detecting;
  
  if a security threat was identified within the prefetched content, present one or more selectable options to a user, including an option to ignore the identified security threat; and
  
  cause display of a second window comprising the prefetched content if no security threat was identified within the prefetched content or if a user selection is received of a selectable option to ignore the identified security threat.
- View Dependent Claims (15)
- - 15. The computer readable storage medium of claim 14, wherein the instructions further comprise:
    - instructions to generate but not display the second window;
      
      instructions to populate the second window with the prefetched content; and
      
      instructions to cache the second window.

16. A method of enhanced browsing with security scanning, the method comprising:
- identifying, in a first document displayed on a client computing device, a target link to content, wherein the target link is identified by the client computing device from one or more links that are contained within the first document, wherein the one or more links are prioritized by the client computing device to determine a prefetching order, and wherein the target link is identified and prioritized before a request for the content is sent from the client computing device to a computing device that stores the content;
  
  prior to receiving a user selection of the target link or of an indicator associated with the target link, prefetching the content which, in addition to a URL, includes web page data, applets, or scripts;
  
  loading the content into a safe cache on the client computing device according to the prefetching order and before receiving a user selection of the target link and before the content is opened by an application configured to provide access to the content on the client computing device;
  
  while the content is in the safe cache;
  
  preventing the content from altering a memory location or storage location external to the safe cache; and
  
  scanning the content on the client computing device for a security threat;
  
  detecting placement of a cursor proximate to the target link or the associated indicator; and
  
  in response to the detecting;
  
  if a security threat was identified within the content, presenting one or more selectable options to initiate in response to the identified security threat; and
  
  causing display of a second window comprising the content if no security threat was identified with the content or if a user selects an option to ignore an identified security threat.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The method of claim 16, further comprising before receiving the user selection of the target link or of the associated indicator, displaying an indicator to indicate whether a security threat was detected within the content.
  - 18. The method of claim 17, wherein said displaying an indicator comprises altering an appearance of the indicator associated with the target link.
  - 19. The method of claim 16, wherein said scanning comprises, if the content contains executable code, executing the code within the safe cache to determine a behavior of the code.
  - 20. The method of claim 16, wherein the application is a word processing program.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cufer Asset Ltd LLC (Intellectual Ventures LLC)
Original Assignee
BT Web Solutions LLC (Intellectual Ventures LLC)
Inventors
Milener, Scott, Brown, Wendell, Kelly, James
Primary Examiner(s)
Zee, Edward
Assistant Examiner(s)
To, Baotran N

Application Number

US13/237,641
Publication Number

US 20120011588A1
Time in Patent Office

441 Days
Field of Search

726/22, 726/23, 726/24, 726/25, 713/188, 709/224, 715/738, 715/804, 715/805, 715/822
US Class Current

726/22
CPC Class Codes

G06F 21/51   at application loading time...

G06F 21/566   Dynamic detection, i.e. det...

H04L 63/1408   by monitoring network traff...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1425   Traffic logging, e.g. anoma...

H04L 63/1433   Vulnerability analysis

H04L 63/145   the attack involving the pr...

H04L 67/5681   Pre-fetching or pre-deliver...

Method and apparatus for enhanced browsing with security scanning

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

183 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Method and apparatus for enhanced browsing with security scanning

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

183 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others