Enhanced browsing with security scanning

US 9,270,699 B2
Filed: 07/11/2014
Issued: 02/23/2016
Est. Priority Date: 11/08/2004
Status: Active Grant

First Claim

Patent Images

1. A method of secure scanning of a second web page linked to a first web page being displayed by a browser in a browser window on a client computing device, the method comprising:

identifying, in the first web page, a target link to the second web page, wherein the target link is identified from one or more links that are contained within the first web page;

prior to receiving a user selection of the target link or of an indicator associated with the target link, prefetching content from the second web page, the content including web page data, applets, or scripts;

loading the prefetched content from the second web page into a safe cache on the client computing device before receiving the user selection of the target link or of the indicator associated with the target link and before the content of the second web page is opened by an application configured to provide access to the content of the second web page on the client computing device;

scanning the prefetched content from the second web page for a security threat, within the safe cache, wherein the safe cache is configured to prevent the prefetched content from altering a memory location or storage location external to the safe cache;

detecting placement of a cursor proximate to the target link or the indicator associated with the target link; and

in response to the detecting;

in response to identifying a security threat with the prefetched content, presenting a warning along with one or more selectable options, including an option to ignore the warning; and

in response to identifying no security threat with the prefetched content or receiving from the user a selectable option to ignore the warning, causing display of a second window comprising the prefetched content.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method scans a second web page linked to a first web page being displayed by a browser in a browser window. The method identifies, in the first web page, a target link to the second web page. Prior to receiving a user selection of the target link, the method prefetches content from the second web page and loads it into a safe cache before receiving the user selection of the target link and before the content of the second web page is opened by an application configured to provide access to the content of the second web page. The method scans the prefetched content from the second web page for a security threat, within the safe cache, which is configured to prevent the prefetched content from altering a memory location or storage location external to the safe cache.

162 Citations

17 Claims

1. A method of secure scanning of a second web page linked to a first web page being displayed by a browser in a browser window on a client computing device, the method comprising:
- identifying, in the first web page, a target link to the second web page, wherein the target link is identified from one or more links that are contained within the first web page;
  
  prior to receiving a user selection of the target link or of an indicator associated with the target link, prefetching content from the second web page, the content including web page data, applets, or scripts;
  
  loading the prefetched content from the second web page into a safe cache on the client computing device before receiving the user selection of the target link or of the indicator associated with the target link and before the content of the second web page is opened by an application configured to provide access to the content of the second web page on the client computing device;
  
  scanning the prefetched content from the second web page for a security threat, within the safe cache, wherein the safe cache is configured to prevent the prefetched content from altering a memory location or storage location external to the safe cache;
  
  detecting placement of a cursor proximate to the target link or the indicator associated with the target link; and
  
  in response to the detecting;
  
  in response to identifying a security threat with the prefetched content, presenting a warning along with one or more selectable options, including an option to ignore the warning; and
  
  in response to identifying no security threat with the prefetched content or receiving from the user a selectable option to ignore the warning, causing display of a second window comprising the prefetched content.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, further comprising prior to said causing display of a second window:
    - generating but not displaying the second window;
      
      populating the second window with the prefetched content; and
      
      caching the second window.
  - 3. The method of claim 1, wherein the second window is an enhanced browsing window lacking one or more functions provided by the browser window.
  - 4. The method of claim 1, wherein the second window is configured to close in response to movement of the cursor out of the second window.
  - 5. The method of claim 1, wherein:
    - the indicator is configured with a first appearance if no security threat is identified in the prefetched content; and
      
      the indicator is configured with a different appearance if a security threat is identified in the prefetched content.
  - 6. The method of claim 1, wherein the prefetched content contains executable code and said scanning comprises executing the code within the safe cache to determine a behavior of the executable code.
  - 7. The method of claim 1, further comprising:
    - notifying a central server of a result of the scanning the prefetched content for a security threat.
  - 8. The method of claim 7, further comprising:
    - prior to said scanning, querying the central server for a result of a previous scanning of the prefetched content.
  - 9. The method of claim 1, wherein the security threat comprises one or more of a virus, a worm, or a trojan horse.
  - 10. The method of claim 1, wherein the security threat comprises one or more of spyware or adware.
  - 11. The method of claim 1, wherein the security threat comprises one or more of a phishing attack, a cookie, or a script.

12. A non-transitory computer-readable storage medium storing instructions thereon that, if executed by a client computing device, cause the client computing device to perform operations of enhanced browsing with security scanning, the instructions comprising:
- instructions to identify, in a first web page, a target link to a second web page, wherein the target link is identified from one or more links that are displayed within the first web page;
  
  instructions to, prior to receiving a user selection of the target link or of an indicator associated with the target link, prefetch content from the second web page, the content including web page data, applets, or scripts;
  
  instructions to load the prefetched content into a safe cache on the client computing device before receiving the user selection of the target link or of the associated indicator and before the content of the second web page is opened by an application configured to provide access to the content of the second web page on the client computing device;
  
  instructions to scan the prefetched content for a security threat, within the safe cache, wherein the safe cache is configured to prevent the prefetched content from altering a memory location or storage location external to the safe cache;
  
  instructions to detect placement of a cursor proximate to the target link or the associated indicator; and
  
  instructions to, in response to said detecting;
  
  in response to identifying a security threat with the prefetched content, present a warning along with one or more selectable options, including an option to ignore the warning; and
  
  in response to identifying no security threat with the prefetched content or receiving from the user a selectable option to ignore the warning, cause display of a second window comprising the prefetched content.
- View Dependent Claims (13)
- - 13. The computer-readable storage medium of claim 12, wherein the instructions further comprise:
    - instructions to generate but not display the second window;
      
      instructions to populate the second window with the prefetched content; and
      
      instructions to cache the second window.

14. A method of enhanced browsing with security scanning, the method comprising:
- identifying, in a first document displayed on a client computing device, a target link to content, wherein the target link is identified by the client computing device from one or more links that are contained within the first document;
  
  prior to receiving a user selection of the target link or of an indicator associated with the target link, prefetching the content which, in addition to a Uniform Resource Locator (URL), includes web page data, applets, or scripts;
  
  loading the content into a safe cache on the client computing device before receiving a user selection of the target link and before the content is opened by an application configured to provide access to the content on the client computing device;
  
  while the content is in the safe cache;
  
  preventing the content from altering a memory location or storage location external to the safe cache; and
  
  scanning the content on the client computing device to identify a presence or absence of a security threat;
  
  detecting placement of a cursor proximate to the target link or the associated indicator; and
  
  in response to the detecting;
  
  in response to identifying a security threat within the content, presenting one or more selectable options to initiate in response to the identified security threat; and
  
  in response to identifying no security threat within the content or receiving from the user a selectable option to ignore an identified security threat, causing display of a second window comprising the content.
- View Dependent Claims (15, 16, 17)
- - 15. The method of claim 14, further comprising:
    - before receiving the user selection of the target link or of the associated indicator, displaying an indicator to indicate whether a security threat was detected within the content, wherein said displaying an indicator comprises altering an appearance of the indicator associated with the target link.
  - 16. The method of claim 14, wherein the content contains executable code and said scanning comprises executing the code within the safe cache to determine a behavior of the code.
  - 17. The method of claim 14, wherein the application is a word processing program.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cufer Asset Ltd LLC (Intellectual Ventures LLC)
Original Assignee
Cufer Asset Ltd LLC (Intellectual Ventures LLC)
Inventors
Milener, Scott, Brown, Wendell, Kelly, James
Primary Examiner(s)
To, Baotran N

Application Number

US14/329,861
Publication Number

US 20150013009A1
Time in Patent Office

592 Days
Field of Search

726/22, 726/23, 726/24, 726/25, 713/188, 709/224, 715/738, 715/804, 715/805, 715/822
US Class Current

1/1
CPC Class Codes

G06F 21/51   at application loading time...

G06F 21/566   Dynamic detection, i.e. det...

H04L 63/1408   by monitoring network traff...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1425   Traffic logging, e.g. anoma...

H04L 63/1433   Vulnerability analysis

H04L 63/145   the attack involving the pr...

H04L 67/5681   Pre-fetching or pre-deliver...

Enhanced browsing with security scanning

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

162 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Enhanced browsing with security scanning

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

162 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links