Method and apparatus for automating controlled computing environment protection
First Claim
Patent Images
1. A method for automating controlled computing environment protection, comprising:
- receiving, at a kiosk from a user computer, user activity information comprising a request for a network service request for content that is subsequently loaded on a browser within the kiosk;
monitoring, at the kiosk, a controlled computing environment to process the user activity information;
comparing, at the kiosk, the user activity information with abnormal behavior indicia to identify hostile user activity caused by the content and associated with browser control circumvention, wherein browser control circumvention comprises performing various activities restricted by browser control comprising at least one of accessing a blacklisted website, accessing an invalid uniform resource locator, downloading a browser plug-in, and attempting to view a file system;
determining, at the kiosk, a uniform resource locator for an illicit computer related to the network service request, wherein the illicit computer is a source of the hostile activity associated with browser control circumvention, wherein the uniform resource locator is added to attack prevention information for a definable time period to protect the controlled computing environment from browser control circumvention; and
preventing, at the kiosk, further data communications with the illicit computer based on the attack prevention information.
3 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for automating controlled computing environment protection is disclosed. In one embodiment, the method for automating controlled computing environment protection includes monitoring a controlled computing environment to process user activity information associated with a user computer and comparing the user activity information with abnormal behavior indicia to identify hostile user activity that denotes browser control circumvention.
15 Citations
16 Claims
-
1. A method for automating controlled computing environment protection, comprising:
-
receiving, at a kiosk from a user computer, user activity information comprising a request for a network service request for content that is subsequently loaded on a browser within the kiosk; monitoring, at the kiosk, a controlled computing environment to process the user activity information; comparing, at the kiosk, the user activity information with abnormal behavior indicia to identify hostile user activity caused by the content and associated with browser control circumvention, wherein browser control circumvention comprises performing various activities restricted by browser control comprising at least one of accessing a blacklisted website, accessing an invalid uniform resource locator, downloading a browser plug-in, and attempting to view a file system; determining, at the kiosk, a uniform resource locator for an illicit computer related to the network service request, wherein the illicit computer is a source of the hostile activity associated with browser control circumvention, wherein the uniform resource locator is added to attack prevention information for a definable time period to protect the controlled computing environment from browser control circumvention; and preventing, at the kiosk, further data communications with the illicit computer based on the attack prevention information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. An apparatus for automating controlled computing environment protection, comprising:
at least one computer processor communicatively coupled to memory, wherein the at least one computer processor comprises; a user presence monitor for detecting a user computer within a controlled computing environment and processing user activity information comprising a request for a network service request for content that is subsequently loaded on a browser within a kiosk associated with the user computer; and an attack monitor for comparing the user activity information with abnormal behavior indicia to identify hostile activity caused by the content and associated with browser control circumvention, wherein browser control circumvention comprises performing various activities restricted by browser control comprising at least one of accessing a blacklisted website, accessing an invalid uniform resource locator, downloading a browser plug-in, and attempting to view a file system, wherein the attack monitor determines a uniform resource locator for an illicit computer related to the network service request, wherein the uniform resource locator is used to block data communications for a definable time period from the illicit computer to protect the controlled computing environment from browser control circumvention, and wherein the illicit computer is a source of the hostile activity associated with browser control circumvention, and wherein the attack monitor prevents further data communications with the illicit computer based on the attack prevention information. - View Dependent Claims (12, 13, 14, 15)
-
16. A system for automating controlled computing environment protection, comprising:
-
a user computer for providing a user with restricted web access within a controlled computing environment; and a kiosk computer coupled with the user computer, comprising; a user presence monitor for processing user activity information associated with the user computer comprising a request for a network service request for content that is subsequently loaded on a browser within the kiosk computer, and an attack monitor for comparing the user activity information with abnormal behavior indicia to identify hostile activity caused by the content and associated with browser control circumvention, wherein browser control circumvention comprises performing various activities restricted by browser control comprising at least one of accessing a blacklisted website, accessing an invalid uniform resource locator, downloading a browser plug-in, and attempting to view a file system, wherein the attack monitor determines a uniform resource locator for an illicit computer related to the network service request, wherein the uniform resource locator is used to block data communications for a definable time period from the illicit computer to protect the controlled computing environment from browser control circumvention, wherein the illicit computer is a source of the hostile activity associated with browser control circumvention, and wherein the attack monitor prevents further data communications with the illicit computer based on the attack prevention information.
-
Specification