Techniques for combating man-in-the-browser attacks
First Claim
Patent Images
1. A method, comprising:
- generating modified web page code by;
adding decoy code to web page code, wherein the decoy code is designed to be recognized by malware as web code that is vulnerable to attack;
adding monitoring code to the web page code, wherein the monitoring code is configured to detect interaction between malicious code and the decoy code when the modified web page code is executed at the client device;
transmitting the modified web page code to the client device;
wherein the method is performed by one or more computing devices.
3 Assignments
0 Petitions
Accused Products
Abstract
Methods and apparatus are described for automatically modifying web page code. Specific implementations relate to the modification of web page code for the purpose of combatting Man-in-the-Browser (MitB) attacks.
194 Citations
24 Claims
-
1. A method, comprising:
-
generating modified web page code by; adding decoy code to web page code, wherein the decoy code is designed to be recognized by malware as web code that is vulnerable to attack; adding monitoring code to the web page code, wherein the monitoring code is configured to detect interaction between malicious code and the decoy code when the modified web page code is executed at the client device; transmitting the modified web page code to the client device; wherein the method is performed by one or more computing devices. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system, comprising:
-
one or more hardware processors; memory coupled to the one or more hardware processors and storing one or more instructions which, when executed by the one or more hardware processors, cause the one or more hardware processors to; generate modified web page code by; adding decoy code to web page code, wherein the decoy code is designed to be recognized by malware as web code that is vulnerable to attack; and adding monitoring code to the web page code, wherein the monitoring code is configured to detect interaction between malicious code and the decoy code when the modified web page code is executed at the client device; transmit the modified web page code to the client device. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. One or more non-transitory computer-readable media storing instructions which, when executed by one or more hardware processors, cause the one or more hardware processors to:
-
generate modified web page code by; adding decoy code to web page code, wherein the decoy code is designed to be recognized by malware as web code that is vulnerable to attack; and adding monitoring code to the web page code, wherein the monitoring code is configured to detect interaction between malicious code and the decoy code when the modified web page code is executed at the client device; transmit the modified web page code to the client device. - View Dependent Claims (20, 21, 22, 23, 24)
-
Specification