Analysis of scripts
First Claim
Patent Images
1. A method for determining whether a script from a web page includes malicious content, the method comprising:
- a first computer executing a plurality of text blocks of code derived from the script from the web page in response to a request for the web page from a client computer, said text blocks executed sequentially in a sequential order, wherein the script is a first text block of the plurality of text blocks, the execution of one text block of the plurality of text blocks by the first computer generating a new text block of code;
the first computer copying each text block to an output file in a data storage area of the first computer, wherein the first text block is copied before another text block of the plurality of text blocks is copied; and
after said copying each text block to the output file, the first computer determining that the new text block includes malicious code and in response, the first computer preventing transmission of the web page to the client computer.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for analyzing scripts. A script is analyzed to determine whether the script includes malicious content. A computer executes at least two text blocks of code derived from a script of a web page. The execution of a text block of the at least two text blocks generates an additional text block of code. The computer determines whether the additional text block includes new code that is malicious. If so, the computer prevents transmission of the web page to a client computer. If not, the computer transmits the web page to the client computer.
-
Citations
20 Claims
-
1. A method for determining whether a script from a web page includes malicious content, the method comprising:
-
a first computer executing a plurality of text blocks of code derived from the script from the web page in response to a request for the web page from a client computer, said text blocks executed sequentially in a sequential order, wherein the script is a first text block of the plurality of text blocks, the execution of one text block of the plurality of text blocks by the first computer generating a new text block of code; the first computer copying each text block to an output file in a data storage area of the first computer, wherein the first text block is copied before another text block of the plurality of text blocks is copied; and after said copying each text block to the output file, the first computer determining that the new text block includes malicious code and in response, the first computer preventing transmission of the web page to the client computer. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer program product for determining whether a script from a web page includes malicious content, the computer program product comprising:
one or more computer readable storage devices and program instructions stored on the one or more storage devices, wherein the program instructions comprise; program instructions to execute, by a first computer, a plurality of text blocks of code derived from the script from the web page in response to a request for the web page from a client computer, said text blocks executed sequentially in a sequential order, wherein the script is a first text block of the plurality of text blocks, the execution of one text block of the plurality of text blocks by the first computer generating a new text block of code; program instructions to co each text block to an output file in a data storage area of the first computer, wherein the first text block is copied before another text block of the plurality of text blocks is copied; and program instructions to determine, after each text block has been copied to the output file, that the new text block includes malicious code and in response, to prevent transmission, by the first computer, of the web page to the client computer. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
15. A computer system for analyzing a script to determine whether the script includes malicious content, the computer system comprising:
-
one or more processors, one or more computer-readable memories, one or more computer-readable storage devices, and program instructions stored on the one or more storage devices for execution by the one or more processors via the one or more memories, wherein the program instructions comprise; program instructions to execute, by a first computer, a plurality of text blocks of code derived from the script from the web page in response to a request for the web page from a client computer, said text blocks executed sequentially in a sequential order, wherein the script is a first text block of the plurality of text blocks, the execution of one text block of the plurality of text blocks by the first computer generating a new text block of code; program instructions to co each text block to an output file in a data storage area of the first computer, wherein the first text block is copied before another text block of the plurality of text blocks is copied; and program instructions to determine, after each text block has been copied to the output file, that the new text block includes malicious code and in response, to prevent transmission, by the first computer, of the web page to the client computer. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification