Security systems for mitigating attacks from a headless browser executing on a client computer
First Claim
1. A computer system configured to improve security of server computers interacting with client computers, and comprising:
- a memory;
one or more processors coupled to the memory;
a processor logic coupled to the memory and the one or more processors, and programmed to;
send a set of one or more instructions to a browser at a client computer, wherein the set of one or more instructions define one or more checkpoints which are configured to, when executed, generate a set of telemetry data comprising one or more checkpoint tokens indicating that the one or more checkpoints were executed by the browser and to send the set of telemetry data to the computer system;
receive the set of telemetry data; and
determine whether the browser is legitimate or illegitimate based on the one or more checkpoint tokens in the set of telemetry data;
in response to determining that the one or more checkpoint tokens correspond to one or more valid checkpoint tokens, determine that the browser is legitimate.
3 Assignments
0 Petitions
Accused Products
Abstract
Computer systems and methods in various embodiments are configured for improving the security and efficiency of server computers interacting through an intermediary computer with client computers that may be executing malicious and/or autonomous headless browsers or “bots”. In an embodiment, a computer system comprises a memory; one or more processors coupled to the memory; a processor logic coupled to the memory and the one or more processors, and configured to: intercept, from a server computer, one or more original instructions to be sent to a browser of a client computer; send the one or more original instructions to the browser and one or more telemetry instructions, wherein the telemetry instructions are configured, when executed, to generate a set of telemetry data indicating one or more objects that were referenced by the browser and to send the set of telemetry data to the intermediary computer; receive the set of telemetry data and determine whether the browser is legitimate or illegitimate based on the set of telemetry data.
166 Citations
28 Claims
-
1. A computer system configured to improve security of server computers interacting with client computers, and comprising:
-
a memory; one or more processors coupled to the memory; a processor logic coupled to the memory and the one or more processors, and programmed to; send a set of one or more instructions to a browser at a client computer, wherein the set of one or more instructions define one or more checkpoints which are configured to, when executed, generate a set of telemetry data comprising one or more checkpoint tokens indicating that the one or more checkpoints were executed by the browser and to send the set of telemetry data to the computer system; receive the set of telemetry data; and determine whether the browser is legitimate or illegitimate based on the one or more checkpoint tokens in the set of telemetry data; in response to determining that the one or more checkpoint tokens correspond to one or more valid checkpoint tokens, determine that the browser is legitimate. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A computer system configured to improve security of server computers interacting with client computers, and comprising:
-
one or more processors; a memory; a processor logic coupled to the memory and the one or more processors and programmed to; send, to a browser of a client computer, a web page comprising JavaScript instructions, the instructions comprising one or more browser-detection JavaScript instructions, which when executed, cause one or more operations to be performed on the client computer and a set of telemetry data to be sent to the computer system, wherein the set of telemetry data comprises one or more checkpoint tokens indicating that one or more checkpoints were executed by the browser of the client computer; receive the set of telemetry data; and determine whether the browser is legitimate or illegitimate based on the one or more checkpoint tokens in the set of telemetry data; in response to determining that the one or more checkpoint tokens correspond to one or more valid checkpoint tokens, determine that the browser is legitimate. - View Dependent Claims (17, 18, 19)
-
-
20. A method for improving security of a server computer interacting with a client computer, the method comprising:
-
receiving, through a browser on the client computer, a set of instructions with one or more browser-detection instructions; executing the one or more browser-detection instructions, and in response, generating a set of telemetry data comprising one or more checkpoint tokens indicating that one or more checkpoints were executed by the browser; sending the set of telemetry data to the server computer, wherein the server computer is configured to determine whether the browser is legitimate or illegitimate based on the one or more checkpoint tokens in the set of telemetry data; wherein the server computer is configured to determine that the browser is legitimate in response to determining that the one or more checkpoint tokens correspond to one or more valid checkpoint tokens; wherein the method is performed by one or more computing devices. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28)
-
Specification