Systems and methods for risk rating and pro-actively detecting malicious online ads
First Claim
1. A non-transitory machine readable medium on which are stored instructions, comprising instructions that when executed cause a programmable device to:
- receive a web page including a SWF (small web format) file dynamically included in the web page as the web page is provided to the programmable device;
locate an embedded redirection URL (uniform resource locator) contained within the SWF file;
obtain a risk rating for the embedded redirection URL from a risk database if the risk rating for the embedded redirection URL is available in the risk database;
generate the risk rating for the embedded redirection URL when the risk rating for the embedded redirection URL was not obtained from the risk database; and
generate a risk rating for the SWF file based at least in part on the risk rating for the embedded redirection URL.
10 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems for risk rating and pro-actively detecting malicious online ads are described. In one example embodiment, a system for risk rating and pro-actively detecting malicious online ads includes an extraction module, an analysis engine, and a filter module. The extraction module is configured to extract a SWF file from a web page downloaded by the system. The analysis engine is communicatively coupled to the extraction module. The analysis engine is configured to determine a risk rating for the SWF file and send the risk rating to a web application for display. In an example, determining the risk rating includes locating an embedded redirection URL and determining a risk rating for the embedded redirection URL. The filter module is configured to determine, based on the risk rating, whether to block the SWF file and send a warning to the web application for display.
-
Citations
25 Claims
-
1. A non-transitory machine readable medium on which are stored instructions, comprising instructions that when executed cause a programmable device to:
-
receive a web page including a SWF (small web format) file dynamically included in the web page as the web page is provided to the programmable device; locate an embedded redirection URL (uniform resource locator) contained within the SWF file; obtain a risk rating for the embedded redirection URL from a risk database if the risk rating for the embedded redirection URL is available in the risk database; generate the risk rating for the embedded redirection URL when the risk rating for the embedded redirection URL was not obtained from the risk database; and generate a risk rating for the SWF file based at least in part on the risk rating for the embedded redirection URL. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system comprising:
-
an extraction module configured to extract an SWF (small web format) file from a web page received from a web server, the SWF file dynamically included in the web page as the web page is provided by the web server; an analysis engine communicatively coupled to the extraction module and configured to; locate an embedded redirection URL (uniform resource locator) contained within the SWF file; obtain a risk rating for the embedded redirection URL from a risk database if the risk rating for the embedded redirection URL is available in the risk database; generate the risk rating for the embedded redirection URL when the risk rating for the embedded redirection URL was not obtained from the risk database; and generate a risk rating for the SWF file based at least in part on the risk rating for the embedded redirection URL; and a filter module configured to determine, based on the risk rating for the SWF file, whether to filter the SWF file and whether to send an alert to a browser for display within the web page. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A computer-implemented method of generating a risk rating for a SWF (small web format) file, comprising:
-
extracting an SWF (small web format) file from a web page by a programmable device, the SWF file dynamically included in the web page as the web page is provided to the programmable device, locating an embedded redirection URL (uniform resource locator) contained within the SWF file; obtaining a risk rating for the embedded redirection URL from a risk database if the risk rating for the embedded redirection URL is available in the risk database; calculating the risk rating for the embedded redirection URL when the risk rating for the embedded redirection URL was not obtained from the risk database; and calculating a risk rating for the SWF file based at least in part on the risk rating for the embedded redirection URL. - View Dependent Claims (22, 23, 24, 25)
-
Specification