Remote browsing session management

US 9,009,334 B1
Filed: 12/09/2011
Issued: 04/14/2015
Est. Priority Date: 12/09/2011
Status: Expired due to Fees

First Claim

Patent Images

1. A system for protecting a client computing device from high risk operations, the system comprising:

one or more computer processors;

a computer memory accessible by at least one of the one or more computer processors; and

a network computing component comprising an executable software module in the computer memory, the executable software module executed by the one or more computer processors, wherein the network computing component is operable to;

host an instance of a browsing application, the instance of the browsing application in communication with a browsing application of a client computing device;

receive, from the client computing device, a request for a network resource, wherein the request comprises a network address of the network resource;

cause transmission of the request for the network resource to a network resource provider;

obtain a response from the network resource provider, wherein the response comprises the requested network resource; and

determine a probability that processing content associated with the requested network resource will cause a performance of a high risk operation on the client computing device, wherein determining the probability comprises;

processing, in the instance of the browsing application hosted on the network computing component, at least a part of the network resource; and

observing for a signature of high risk activity when processing at least part of the network resource.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A browsing process is directed to the generation and management of a browse session at a network computing provider. A client computing device requests a remote browse session instance at a network computing provider. The browse session instance may correspond to requested network content. The network computing provider determines a browse configuration. The browse configuration may identify a communication protocol and various processing actions. The network computing provider retrieves the requested content through an instantiated network browse session instance, and performs a first set of processing actions to generate a processing result. The network computing provider determines whether the requested content is likely to perform high risk operations on the client computing device, and notifies the user or transmits a processed representation of the requested content to the user such that the likelihood of high risk operations being performed on the client computing device is reduced.

Citations

24 Claims

1. A system for protecting a client computing device from high risk operations, the system comprising:
- one or more computer processors;
  
  a computer memory accessible by at least one of the one or more computer processors; and
  
  a network computing component comprising an executable software module in the computer memory, the executable software module executed by the one or more computer processors, wherein the network computing component is operable to;
  
  host an instance of a browsing application, the instance of the browsing application in communication with a browsing application of a client computing device;
  
  receive, from the client computing device, a request for a network resource, wherein the request comprises a network address of the network resource;
  
  cause transmission of the request for the network resource to a network resource provider;
  
  obtain a response from the network resource provider, wherein the response comprises the requested network resource; and
  
  determine a probability that processing content associated with the requested network resource will cause a performance of a high risk operation on the client computing device, wherein determining the probability comprises;
  
  processing, in the instance of the browsing application hosted on the network computing component, at least a part of the network resource; and
  
  observing for a signature of high risk activity when processing at least part of the network resource.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The system of claim 1, wherein the network resource is a web site.
  - 3. The system of claim 1, wherein a high risk operation is at least one of accessing a system file, altering a system file, accessing an unexpected area of memory, allocating space in an unexpected area of memory, launching an unexpected process, causing network activity with unexpected network resources, or causing unexpected disk I/O.
  - 4. The system of claim 1, wherein the network computing component is further operable to:
    - in response to determining that the probability is below a threshold, cause transmission of the network resource to the client computing device.
  - 5. The system of claim 1, wherein the network computing component is further operable to:
    - in response to determining that the probability that the network resource will perform a high risk operation is above the threshold, establish a remote desktop connection with the client computing device, wherein the client computing device is capable of viewing the network resource as processed in the instance of the browsing application hosted on the network computing component.
  - 6. The system of claim 1, wherein the network computing component is further operable to:
    - in response to determining that the probability that the network resource will perform a high risk operation is above the threshold, cause transmission of a notification to the client computing device.
  - 7. The system of claim 6, wherein the network computing component is further operable to:
    - receive an override response from the client computing device, wherein the override response comprises a direction to the network computing component to transmit the network resource to the client;
      
      in response to receiving the override response, cause transmission of the network resource to the client computing device.
  - 8. The system of claim 6, wherein the notification is a passive notification.
  - 9. The system of claim 8, wherein the passive notification is at least one of:
    - causing a change to a color of a portion the browsing application on the client computing device;
      
      causing display of a textual message in a portion of the browsing application on the client computing device;
      
      or causing display of an icon in a portion of the browsing application on the client computing device.
  - 10. The system of claim 1, wherein the network computing component is further operable to:
    - in response to observing a signature of high risk activity when processing at least part of the network resource, terminate the instance of the browsing application hosted on the network computing component.
  - 11. The system of claim 1, wherein the network computing component is further operable to:
    - in response to observing a signature of high risk activity when processing at least part of the network resource, cause the browsing application on the client computing device to terminate processing of the network resource.
  - 12. The system of claim 1, wherein the network computing component is further operable to:
    - in response to observing a signature of high risk activity when processing at least part of the network resource, add the network resource to a blacklist.
  - 13. The system of claim 1, wherein determining a probability that the network resource will perform a high risk operation on the client computing device comprises determining whether the network resource is a blacklisted network resource.
  - 14. The system of claim 13, wherein the network computing component is further operable to generate a blacklist from a plurality of blacklist sources.

15. A computer-implemented method comprising:
- as implemented by a network computing component comprising one or more computing devices, the network computing component hosting an instance of a browsing application in communication with a browsing application of a client computing device,receiving, from the client computing device, a request for a network resource, wherein the request comprises a network address of the network resource;
  
  causing transmission of the request for the network resource to a network resource provider;
  
  obtaining a response from the network resource provider, wherein the response comprises the requested network resource; and
  
  determining that processing content associated with the requested network resource will cause a performance of a high risk operation on the client computing device, wherein the determining comprises;
  
  processing, in the instance of the browsing application hosted on the network computing component, at least a part of the network resource; and
  
  observing for a signature of high risk activity when processing at least part of the network resource.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The computer-implemented method of claim 15, wherein a high risk operation is at least one of accessing a system file, altering a system file, accessing an unexpected area of memory, allocating space in an unexpected area of memory, launching an unexpected process, causing network activity with unexpected network resources, or causing unexpected disk I/O.
  - 17. The computer-implemented method of claim 15, further comprising:
    - in response to determining that the network resource will perform a high risk operation, establishing a remote desktop connection with the client computing device, wherein the client computing device is capable of viewing the network resource as processed in the instance of the browsing application hosted on the network computing component.
  - 18. The computer-implemented method of claim 15, further comprising:
    - in response to determining that the network resource will perform a high risk operation, causing transmission of a notification to the client computing device.
  - 19. The computer-implemented method of claim 15, further comprising:
    - receiving an override response from the client computing device, wherein the override response comprises a direction to the network computing component to transmit the network resource to the client; and
      
      in response to receiving the override response, causing transmission of the network resource to the client computing device.
  - 20. The computer-implemented method of claim 15, further comprising:
    - in response to determining that the network resource will not cause performance of a high risk operation, causing transmission of the network resource to the client computing device.

21. Non-transitory computer storage storing an executable network computing component that, when executed by one or more computing devices, causes the one or more computing devices to perform a process comprising:
- hosting an instance of a browsing application in communication with a browsing application of a client computing device;
  
  receiving, from the client computing device, a request for a network resource, wherein the request comprises a network address of the network resource;
  
  causing transmission of the request for the network resource to a network resource provider;
  
  obtaining a response from the network resource provider, wherein the response comprises the requested network resource;
  
  processing, in the instance of the browsing application hosted on the network computing component, at least a part of the network resource;
  
  observing for a signature of high risk activity when processing at least part of the network resource; and
  
  responsive to observing the signature of high risk activity, performing a protective action regarding the network resource.
- View Dependent Claims (22, 23, 24)
- - 22. The non-transitory computer storage of claim 21, wherein the protective action comprises terminating the instance of the browsing application hosted on the network computing component.
  - 23. The non-transitory computer storage of claim 21, wherein the protective action comprises causing the browsing application on the client computing device to terminate processing of the network resource.
  - 24. The non-transitory computer storage of claim 21, wherein the protective action comprises adding the network resource to a blacklist.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Inventors
Jenkins, Jonathan A., Taylor, Brett R.
Primary Examiner(s)
BAYARD, DJENANE M

Application Number

US13/316,309
Time in Patent Office

1,222 Days
Field of Search
US Class Current

709/229
CPC Class Codes

G06F 21/50   Monitoring users, programs ...

G06F 21/55   Detecting local intrusion o...

G06F 2221/2119   Authenticating web pages, e...

H04L 63/10   for controlling access to d...

H04L 67/01   Protocols

H04L 67/025   for remote control or remot...

Remote browsing session management

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Remote browsing session management

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links