×

Detecting man-in-the-middle attacks via security transitions

  • US 8,561,181 B1
  • Filed: 11/26/2008
  • Issued: 10/15/2013
  • Est. Priority Date: 11/26/2008
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method of detecting a possible network security breach occurring during a network interaction involving a client computer, the method comprising:

  • establishing a page list comprising, for each of a plurality of transitions from a source web page to a destination web page, an identifier of the source web page, an identifier of the destination web page, and a representation of an expected security level associated with the transition;

    detecting a transition from a first web page to a second web page within a browser associated with the client computer;

    responsive to detecting the transition from the first web page to the second web page, identifying a site that comprises the first web page and the second web page in a site list comprising a list of sites to be protected;

    detecting a security level associated with the transition from the first web page to the second web page;

    responsive to identifying the site in the site list, identifying an expected security level associated with the transition from the first web page to the second web page using the page list;

    determining whether the detected security level is lower than the identified expected security level; and

    responsive to the identified detected security level being lower than the identified expected security level, performing a remedial action.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×