Risk assessment

US 8,683,584 B1
Filed: 01/31/2011
Issued: 03/25/2014
Est. Priority Date: 04/25/2009
Status: Active Grant

First Claim

Patent Images

1. A system for performing a risk assessment of a website, comprising:

a detection engine executing on a computer processor and configured to;

emulate presentation of a plurality of web pages of the website,extract content based on emulating presentation of the plurality of web pages, anddetect, based on at least one signal associated with malware, a plurality of suspicious elements included in the extracted content;

a risk assessment module configured to;

classify each of the plurality of suspicious elements into a category of a plurality of categories, each category of the plurality of categories being associated with a different property of the extracted content,generate an individual risk rating for each category in the plurality of categories based on the suspicious elements classified into the category,assign a weight to each of the individual risk ratings generated for the plurality of categories,combine the individual risk ratings based on the weight assigned to each of the individual ratings, andcalculate, based on the combined individual risk ratings, an overall risk rating associated with the website; and

a reporting engine configured to;

provide as output a risk assessment report comprising the overall risk rating.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Performing a risk assessment of a website is disclosed. A plurality of elements included in the website is categorized. The risk posed by the presence of at least some of the plurality of elements is assessed. Example elements include third party content and out-of-date web applications. A risk assessment report is provided as output.

130 Citations

View as Search Results

19 Claims

1. A system for performing a risk assessment of a website, comprising:
- a detection engine executing on a computer processor and configured to;
  
  emulate presentation of a plurality of web pages of the website,extract content based on emulating presentation of the plurality of web pages, anddetect, based on at least one signal associated with malware, a plurality of suspicious elements included in the extracted content;
  
  a risk assessment module configured to;
  
  classify each of the plurality of suspicious elements into a category of a plurality of categories, each category of the plurality of categories being associated with a different property of the extracted content,generate an individual risk rating for each category in the plurality of categories based on the suspicious elements classified into the category,assign a weight to each of the individual risk ratings generated for the plurality of categories,combine the individual risk ratings based on the weight assigned to each of the individual ratings, andcalculate, based on the combined individual risk ratings, an overall risk rating associated with the website; and
  
  a reporting engine configured to;
  
  provide as output a risk assessment report comprising the overall risk rating.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system of claim 1, wherein the risk assessment report comprises, for each category of the plurality of categories, a number of suspicious elements classified into the category.
  - 3. The system of claim 1, wherein the risk assessment report comprises, for a category of the plurality of categories, a list of suspicious elements classified into the category.
  - 4. The system of claim 1, wherein the risk assessment report comprises, for a category of the plurality of categories, a list of web pages that include the suspicious elements classified into the category.
  - 5. The system of claim 1, wherein the risk assessment module generates the individual risk rating for at least one of the plurality of categories also based on historical information associated with the website.
  - 6. The system of claim 1, wherein the risk assessment report comprises a visual indication of the individual risk ratings generated for the plurality of categories and the overall risk rating.
  - 7. The system of claim 1, wherein a first portion of the content is extracted from the plurality of web pages and a second portion of the content is extracted from third-party sources referenced by the plurality of web pages.

8. A method for performing a risk assessment of a website, comprising:
- emulating presentation of a plurality of web pages of the website;
  
  extracting content based on emulating presentation of the plurality of web pages;
  
  detecting, based on at least one signal associated with malware a plurality of suspicious elements included in the extracted content;
  
  classifying each of the plurality of suspicious elements into a category of a plurality of categories, each category of the plurality of categories being associated with a different property of the extracted content;
  
  generating an individual risk rating for each category in the plurality of categories based on the suspicious elements classified into the category,assigning a weight to each of the individual risk ratings generated for the plurality of categories;
  
  combining the individual risk ratings based on the weight assigned to each of the individual ratings;
  
  calculating, by a computer processor and based on the combined individual risk ratings, an overall risk rating associated with the website; and
  
  providing as output a risk assessment report comprising the overall risk rating.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The method of claim 8, wherein the risk assessment report comprises, for each of the plurality of categories, a number of suspicious elements classified into the category.
  - 10. The method of claim 8, wherein the risk assessment report comprises, for a category of the plurality of categories, a list of suspicious elements classified into the category.
  - 11. The method of claim 8, wherein the risk assessment report comprises, for a category of the plurality of categories, a list of web pages that include the suspicious elements classified into the category.
  - 12. The method of claim 8, wherein generating the individual risk rating for at least one of the plurality of categories is also based on historical information associated with the website.
  - 13. The method of claim 8, wherein the risk assessment report comprises a visual indication of the individual risk ratings generated for the plurality of categories and the overall risk rating.

14. A non-transitory computer readable medium comprising a plurality of instructions for performing a risk assessment of a website, the plurality of instructions configured to execute on at least one computer processor and comprising functionality to:
- emulate presentation of a plurality of web pages of the website;
  
  extract content based on emulating presentation of the plurality of web pages;
  
  detect, based on at least one signal associated with malware, a plurality of suspicious elements included in the extracted content;
  
  generate an individual risk rating for each category in the plurality of categories based on the suspicious elements classified into the category;
  
  assign a weight to each of the individual risk ratings generated for the plurality of categories;
  
  combine the individual risk ratings based on the weight assigned to each of the individual ratings;
  
  calculate, based on the combined individual risk ratings, an overall risk rating associated with the website; and
  
  provide as output a risk assessment report comprising the overall risk rating.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The non-transitory computer readable medium of claim 14, wherein the risk assessment report comprises, for each of the plurality of categories, a number of suspicious elements classified into the category.
  - 16. The non-transitory computer readable medium of claim 14, wherein the risk assessment report comprises, for a category of the plurality of categories, a list of suspicious elements classified into the category.
  - 17. The non-transitory computer readable medium of claim 14, wherein the risk assessment report comprises, for a category of the plurality of categories, a list of web pages that include the suspicious elements classified into the category.
  - 18. The non-transitory computer readable medium of claim 14, wherein the plurality of instructions further comprise functionality to generate the individual risk rating for at least one of the plurality of categories also based on historical information associated with the website.
  - 19. The non-transitory computer readable medium of claim 14, wherein the risk assessment report comprises a visual indication of the individual risk ratings generated for the plurality of categories and the overall risk rating.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Dasient, Inc. (X Holdings Corp.)
Original Assignee
Dasient, Inc. (X Holdings Corp.)
Inventors
Daswani, Neilkumar Murli, Ranadive, Ameet, Rizvi, Shariq
Primary Examiner(s)
Hailu, Teshome

Application Number

US13/018,161
Time in Patent Office

1,149 Days
Field of Search

726/22, 726/23, 726/24, 726/25
US Class Current

726/22
CPC Class Codes

G06F 21/562   Static detection

G06F 21/566   Dynamic detection, i.e. det...

G06F 21/577   Assessing vulnerabilities a...

G06F 21/62   Protecting access to data v...

G06F 21/6263   during internet communicati...

G06F 2221/2149   Restricted operating enviro...

H04L 63/1408   by monitoring network traff...

H04L 63/1433   Vulnerability analysis

H04L 63/145   the attack involving the pr...

H04L 67/02   based on web technology, e....

Risk assessment

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

130 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Risk assessment

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

130 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links