Mitigating scripted attacks using dynamic polymorphism
First Claim
1. A data processing system configured to improve resistance of a client computer to attacks and comprising:
- one or more hardware processors;
script analysis logic coupled to the one or more processors and configured to obtain a particular electronic document from a server computer;
script injection logic coupled to the one or more processors and configured to insert a set of script code into source code of the electronic document to result in producing a modified electronic document prior to providing the modified electronic document to a client computer;
wherein the script code is configured to;
improve resistance of the client computer to attacks by running upon loading in the client computer and to cause transforming, when running in the client computer, one or more values of one or more elements of the source code of the electronic document into obfuscated values of the one or more elements,repeatedly periodically execute in the client computer after loading in the client computer, andcause the transforming in a different manner at each time that the script code repeatedly periodically executes in the client computer.
3 Assignments
0 Petitions
Accused Products
Abstract
In an embodiment, a data processing system comprises one or more processors; script analysis logic coupled to the one or more processors and configured to obtain a particular electronic document from a server computer; script injection logic coupled to the one or more processors and configured to insert a set of script code into source code of the electronic document to result in producing a modified electronic document prior to providing the modified electronic document to a client computer; wherein the script code is configured to improve resistance of the client computer to attacks by running upon loading in the client computer and to cause transforming, when running in the client computer, one or more values of one or more elements of the source code of the electronic document into obfuscated values of the one or more elements. As a result, the system and method herein improve resistance of the client computer to attacks.
160 Citations
20 Claims
-
1. A data processing system configured to improve resistance of a client computer to attacks and comprising:
-
one or more hardware processors; script analysis logic coupled to the one or more processors and configured to obtain a particular electronic document from a server computer; script injection logic coupled to the one or more processors and configured to insert a set of script code into source code of the electronic document to result in producing a modified electronic document prior to providing the modified electronic document to a client computer; wherein the script code is configured to; improve resistance of the client computer to attacks by running upon loading in the client computer and to cause transforming, when running in the client computer, one or more values of one or more elements of the source code of the electronic document into obfuscated values of the one or more elements, repeatedly periodically execute in the client computer after loading in the client computer, and cause the transforming in a different manner at each time that the script code repeatedly periodically executes in the client computer. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A data processing method of improving resistance of a client computer to attacks comprising:
-
at an intermediary computer; obtaining a particular electronic document from a server computer; inserting a set of script code into source code of the electronic document to result in producing a modified electronic document; providing the modified electronic document to a client computer; wherein the script code is configured to; improve resistance of the client computer to attacks by running upon loading in the client computer and to cause transforming, when running in the client computer, one or more values of one or more elements of the source code of the electronic document into obfuscated values of the one or more elements, repeatedly periodically execute in the client computer after loading in the client computer, and cause the transforming in a different manner at each time that the script code repeatedly executes in the client computer. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A data processing method of improving resistance of a client computer to attacks comprising:
-
using a security computer that is logically interposed between a server computer that generates HTML documents and a client computer, obtaining a HTML electronic document from the server computer; inserting a set of JAVASCRIPT script code into HTML source code of the HTML document to result in producing a modified HTML document; providing the modified HTML document to the client computer; wherein the JAVASCRIPT code is configured to; improve resistance of the client computer to attacks by running upon loading in the client computer and to cause transforming, when running in the client computer, one or more values of one or more elements of the HTML source code of the HTML document into obfuscated values of the one or more elements, repeatedly periodically execute in the client computer at time intervals specified using a time interval value in the JAVASCRIPT code after loading in the client computer, and periodically updating the time interval value in the JAVASCRIPT code to a different time interval value. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification