×

Method for detecting malicious javascript

  • US 8,789,178 B2
  • Filed: 06/03/2011
  • Issued: 07/22/2014
  • Est. Priority Date: 08/03/2009
  • Status: Active Grant
First Claim
Patent Images

1. A method for scoring and grading websites by observing script behaviors in a browser emulator, comprising:

  • providing one or more virtual machines on a computing system comprising a processor configured by an operating system;

    providing a communications link for each virtual machine to access hosts coupled to the Internet;

    within a virtual machine, providing an enhanced browser emulator application wherein said enhanced browser emulator is enhanced by replacing standard Application Programming Interfaces (APIs), libraries, and functions in a resource from a source website with instrumented operations, wherein the instrumented operations check the number of invocations of any of the APIs, libraries, and functions against a threshold and take action upon reaching the threshold;

    receiving a Uniform Resource Identifier (URI) for the source website for which content is to be graded for hostile intent, wherein a URI comprises a protocol and a fully qualified domain name;

    requesting by the browser a resource from said source website;

    receiving said resource;

    determining if shell code is contained within said resource from said source website;

    determining if executable code is contained within said resource;

    observing a behavior of the enhanced browser emulator as controlled by said executable code contained within the said resource and scoring said behaviors for hostile intent.

View all claims
  • 11 Assignments
Timeline View
Assignment View
    ×
    ×