Online-monitoring agent, system, and method for improved detection and monitoring of online accounts

US 9,268,956 B2
Filed: 09/30/2011
Issued: 02/23/2016
Est. Priority Date: 12/09/2010
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented monitoring method comprising:

providing an online-monitoring agent configured for local monitoring of a personal computing device;

accessing via the online-monitoring agent a uniform resource locator (URL) list to determine if an outgoing connection to a targeted application server website should use Hypertext Transfer Protocol (HTTP) or Hypertext Transfer Protocol Secure (HTTPS) to meet the security requirements of the targeted application server website such that when the URL list indicates a HTTP level of security, the online-monitoring agent accesses the targeted application server website via HTTP and when the URL list indicates a HTTPS level of security, the online-monitoring agent accesses the targeted application server website via HTTPS;

removing via the online-monitoring agent an automatic redirect if the targeted application server executes a Hypertext Transfer Protocol (HTTP) redirect process;

accessing via the online-monitoring agent the targeted application server website directly such that at least one website page can be intercepted; and

rewriting via the online-monitoring agent the intercepted at least one website page to retain a connection using HTTP;

receiving identifying information associated with at least one of an account, email address, site, and service from the personal computing device via the online-monitoring agent; and

monitoring via a network the at least one of the account, email address, site, and service based on the identifying information received via the online-monitoring agent.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer-implemented subject monitoring method is provided. The method includes providing an online-monitoring agent configured for monitoring a personal computing device, receiving identifying information associated with at least one of an account, email address, site, and service from the personal computing device via the online-monitoring agent, and monitoring via a network the at least one of the account, email address, site, and service based on the identifying information received via the online-monitoring agent.

99 Citations

View as Search Results

25 Claims

1. A computer-implemented monitoring method comprising:
- providing an online-monitoring agent configured for local monitoring of a personal computing device;
  
  accessing via the online-monitoring agent a uniform resource locator (URL) list to determine if an outgoing connection to a targeted application server website should use Hypertext Transfer Protocol (HTTP) or Hypertext Transfer Protocol Secure (HTTPS) to meet the security requirements of the targeted application server website such that when the URL list indicates a HTTP level of security, the online-monitoring agent accesses the targeted application server website via HTTP and when the URL list indicates a HTTPS level of security, the online-monitoring agent accesses the targeted application server website via HTTPS;
  
  removing via the online-monitoring agent an automatic redirect if the targeted application server executes a Hypertext Transfer Protocol (HTTP) redirect process;
  
  accessing via the online-monitoring agent the targeted application server website directly such that at least one website page can be intercepted; and
  
  rewriting via the online-monitoring agent the intercepted at least one website page to retain a connection using HTTP;
  
  receiving identifying information associated with at least one of an account, email address, site, and service from the personal computing device via the online-monitoring agent; and
  
  monitoring via a network the at least one of the account, email address, site, and service based on the identifying information received via the online-monitoring agent.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The computer-implemented-monitoring method of claim 1 wherein the personal computing device includes at least one of a laptop, personal computer, smart-phone, router or other internet enabled device.
  - 3. The computer-implemented-monitoring method of claim 1 wherein the online-monitoring agent includes at least one of native software and cloud-based software.
  - 4. The computer-implemented-monitoring method of claim 1 wherein the cloud-based software includes at least one of a collection server, a poller server, a proxy server and obfuscation-system.
  - 5. The computer-implemented-monitoring method of claim 1 wherein the native software includes at least one of at least one of a key-logger, peer-to-peer processor, remote redirection agent, and HTTPS-down-grader.

6. A computer-implemented monitoring method comprising:
- providing an online-monitoring agent configured for local monitoring of a personal computing device;
  
  removing via the online-monitoring agent an automatic redirect if a targeted application server executes a Hypertext Transfer Protocol (HTTP) redirect process;
  
  accessing via the online-monitoring agent the targeted application server website directly such that at least one website page can be intercepted; and
  
  rewriting via the online-monitoring agent the intercepted at least one website page to retain a connection using HTTP;
  
  receiving identifying information associated with at least one of an account, email address, site, and service from the personal computing device via the online-monitoring agent; and
  
  monitoring via a network the at least one of the account, email address, site, and service based on the identifying information received via the online-monitoring agent.
- View Dependent Claims (7, 8, 9, 10, 11)
- - 7. The computer-implemented-monitoring method of claim 6 wherein the step of rewriting further includes at least one of rewriting POST uniform resource locators (URLs) in a form to be HTTP instead of Hypertext Transfer Protocol Secure (HTTPS), rewriting link URLs in pages to be HTTP instead of HTTPS, changing a HTTP BASE HREF to be HTTP instead of HTTPS and rewriting rules to circumvent specific website protections for websites having website specific login procedures.
  - 8. The computer-implemented-monitoring method of claim 6, further comprising:
    - tracking via the online-monitoring agent a URL of each element that is down-graded, whether the down-grade occurred via handling redirects or by rewriting website page contents; and
      
      storing the URL into a URL list.
  - 9. The computer-implemented-monitoring method of claim 8 further comprising sending intercepted user information from a down-graded HTTP sessions to a collection server.
  - 10. The computer-implemented-monitoring method of claim 9 wherein the intercepted user information includes at least one of usernames, passwords, e-mail addresses and URLs.
  - 11. The computer-implemented monitoring method of claim 6 further comprising:
    - extracting via the online-monitoring agent information associated with a first user associated with the at least one account, email address, site, and service; and
      
      providing via the online-monitoring agent the information to a second user.

12. A computer-implemented monitoring method comprising the steps of:
- maintaining device identifying information of at least one device associated with a first user;
  
  providing an online-monitoring agent configured for local monitoring of the at least one device;
  
  receiving identifying information associated with at least one of an account, email address, site, and service from the at least one device via the online-monitoring agent;
  
  monitoring via a network the at least one of the account, email address, site, and service based on the identifying information received via the online-monitoring agent;
  
  extracting via the online-monitoring agent information associated with the first user associated with the at least one account, email address, site, and service;
  
  determining via the online-monitoring agent whether the extracted information associated with the first user associated with the at least one account, email address, site, and service is associated with the at least one device; and
  
  providing via the online-monitoring agent to a second user the extracted information and the determination of whether the extracted information is associated with the at least one device.
- View Dependent Claims (13, 14, 15)
- - 13. The computer-implemented monitoring method of claim 12, further comprising:
    - determining via the online-monitoring agent that the extracted information is not associated with the at least one device of which the online-monitoring agent is configured for local monitoring;
      
      determining via the online-monitoring agent a location of a particular one of the at least one device, the location corresponding to the extracted information; and
      
      reporting via the online-monitoring agent to the second user the extracted information is not associated with the at least one device and reporting the determined location of the particular one of the at least one device corresponding to the extracted information.
  - 14. The computer-implemented monitoring method of claim 12, further comprising:
    - determining via the online-monitoring agent that the extracted information corresponds to an indication that the first user accessed a particular network-accessible application from a device of which the online-monitoring agent is not configured for local monitoring, the method further comprising;
      
      determining via the online-monitoring agent a location of a particular one of the at least one device of which the online-monitoring agent is configured for local monitoring, the location corresponding to a time at which the first user accessed the particular network-accessible application from the device of which the online-monitoring agent is not configured for local monitoring; and
      
      reporting via the online-monitoring agent to the second user that the first user accessed at the determined location the particular network-accessible application from the device of which the online-monitoring agent is not configured for local monitoring.
  - 15. The computer-implemented monitoring method of claim 14, further comprising reporting via the online-monitoring agent to the second user a particular time that the first user accessed the particular network-accessible application from the device of which the online-monitoring agent is not configured for local monitoring.

16. A network-connectable computer system comprising:
- a personal computing device for providing an online-monitoring agent configured for local monitoring;
  
  at least one server for receiving identifying information associated with at least one of an account, email address, site, and service from the personal computing device via the online-monitoring agent, and for accessing a uniform resource locator (URL) list to determine if an outgoing connection to a targeted application server website should use Hypertext Transfer Protocol (HTTP) or Hypertext Transfer Protocol Secure (HTTPS) to meet the security requirements of the targeted application server website wherein when the URL list indicates a HTTP level of security, the targeted application server website is accessed via HTTP and when the URL list indicates a HTTPS level of security, the targeted application server website is accessed via HTTPS, the at least one server further configured for;
  
  removing via the online-monitoring agent an automatic redirect if the targeted application server executes a Hypertext Transfer Protocol (HTTP) redirect process;
  
  accessing via the online-monitoring agent the targeted application server website directly such that at least one website page can be intercepted; and
  
  rewriting via the online-monitoring agent the intercepted at least one website page to retain a connection using HTTP; and
  
  a network for monitoring the at least one of the account, email address, site, and service based on the identifying information received via the online-monitoring agent.
- View Dependent Claims (17, 18)
- - 17. The network-connectable computer system of claim 16 wherein the personal computing device includes at least one of a laptop, a personal computer, a smart-phone, a router and an internet enabled device.
  - 18. The network-connectable computer system of claim 16 wherein the at least one server includes at least one of a collection server, a poller server, a proxy server and an obfuscation-system.

19. A network-connectable computer system comprising:
- a personal computer device for providing an online-monitoring agent configured for local monitoring, the online-monitoring agent configured for performing a method comprising;
  
  removing an automatic redirect if a targeted application server executes a Hypertext Transfer Protocol (HTTP) redirect process;
  
  accessing the targeted application, server website directly such that at least one website page can be intercepted; and
  
  rewriting the intercepted at least one website page to retain a connection using HTTP;
  
  at least one server for receiving identifying information associated with at least one of an account, email address, site, and service from the personal computing device via the online-monitoring agent; and
  
  a network for monitoring the at least one of the account, email address, site, and service based on the identifying information received via the online-monitoring agent.
- View Dependent Claims (20, 21, 22, 23, 24, 25)
- - 20. The network-connectable computer system of claim 19 wherein the online-monitoring agent includes at least one of native software and cloud-based software.
  - 21. The network-connectable computer system of claim 19 wherein the online-monitoring agent includes at least one of at least one of a key-logger, peer-to-peer processor, remote redirection agent, and HTTPS-down-grader.
  - 22. The network-connectable computer system of claim 19 wherein the step of rewriting further includes at least one of rewriting POST uniform resource locators (URLs) in a form to be HTTP instead of Hypertext Transfer Protocol Secure (HTTPS), rewriting link URLs in pages to be HTTP instead of HTTPS, changing a HTTP BASE HREF to be HTTP instead of HTTPS and rewriting rules to circumvent specific website protections for websites having website specific login procedures.
  - 23. The network-connectable computer system of claim 19 wherein the online-monitoring agent is further configured for:
    - tracking a URL of each element that is down-graded, whether the down-grade occurred via handling redirects or by rewriting website page contents; and
      
      storing the URL into a URL list.
  - 24. The network-connectable computer system of claim 19 wherein the online-monitoring agent is further configured for sending intercepted user information from down-graded HTTP sessions to the at least one server.
  - 25. The network-connectable computer system of claim 24 wherein the intercepted user information includes at least one of usernames, passwords, e-mail addresses and URLs.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Smith Micro Software Incorporated
Original Assignee
Location Labs (Gen Digital Inc.)
Inventors
Anakata, Joseph, Hodges, Daniel
Primary Examiner(s)
Barry, Lance L

Application Number

US13/249,996
Publication Number

US 20120151045A1
Time in Patent Office

1,607 Days
Field of Search

709/228, 709/229, 705/325
US Class Current

1/1
CPC Class Codes

G06F 11/3438   monitoring of user actions ...

G06F 21/604   Tools and structures for ma...

G06F 2221/2149   Restricted operating enviro...

G06Q 50/265   Personal security, identity...

H04L 63/1425   Traffic logging, e.g. anoma...

H04L 63/308   retaining data, e.g. retain...

Online-monitoring agent, system, and method for improved detection and monitoring of online accounts

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

99 Citations

25 Claims

Specification

Use Cases

Quick Links

Others

Online-monitoring agent, system, and method for improved detection and monitoring of online accounts

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

99 Citations

25 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others