System and method for evaluating and enhancing source anonymity for encrypted web traffic

US 20060059091A1
Filed: 10/31/2005
Published: 03/16/2006
Est. Priority Date: 04/23/2002
Status: Abandoned Application

First Claim

Patent Images

1-18. -18. (canceled)

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method is provided for evaluating the effectiveness of data encryption for hiding the identity of the source of Web traffic. A signature is constructed from encrypted Web traffic for a Web page sent by a target Web site, and the signature is compared with archived traffic signatures obtained by accessing various Web pages of interest in advance. If the signature of the detected encrypted Web traffic matches a stored traffic signature beyond a pre-set statistical threshold, a positive match is found, and the source of the traffic is identified. Countermeasures for reducing the reliability of source identification based on traffic signature matching are provided.

157 Citations

42 Claims

1-18. -18. (canceled)

19. A computer-readable medium having computer-executable instructions for performing steps by an Internet client to access Web pages, the steps comprising:
- sending a request to access a target Web page;
  
  receiving a list of objects in the target Web page;
  
  identifying advertisement objects in the list of objects in the target Web page;
  
  selecting randomly a subset of the identified advertisement objects; and
  
  downloading, in an encrypted form, the objects in the target Web page except the subset of identified advertisement objects.
- View Dependent Claims (20, 26, 27, 28, 29)
- - 20. A computer-readable medium as in claim 19, wherein the step of identifying compares the list of objects in the target Web page with a list of advertisement sites in a name resolution file.
  - 26. A computer-readable medium as in claim 19, wherein receiving receives a Hypertext Transport Protocol document including the list of objects.
  - 27. A computer-readable medium as in claim 19, further comprising issuing a Hypertext Transport Protocol GET request for downloading objects in the target Web page.
  - 28. A computer-readable medium as in claim 19, further comprising referencing a file of unwanted advertisement sites to identify objects associated with the unwanted advertisement sites that may not be downloaded.
  - 29. A Web advertisement blocker resident on a computer-readable medium, the Web advertisement blocker comprising the computer-executable instructions according to claim 19.

21. A method for an Internet client to access Web pages, comprising:
- sending a request to access a target Web page;
  
  receiving a list of objects in the target Web page;
  
  identifying advertisement objects in the list of objects in the target Web page;
  
  selecting randomly a subset of the identified advertisement objects; and
  
  downloading, in an encrypted form, the objects in the target Web page except the subset of identified advertisement objects.
- View Dependent Claims (30, 31, 32, 33, 34, 35)
- - 30. A method according to claim 21, wherein identifying includes comparing the list of objects in the target Web page with a list of advertisement sites.
  - 31. A method according to claim 30, wherein a name resolution file includes the list of advertisement sites.
  - 32. A method according to claim 21, wherein receiving receives a Hypertext Transport Protocol document including the list of objects.
  - 33. A method according to claim 21, further comprising issuing a Hypertext Transport Protocol GET request for downloading objects in the target Web page.
  - 34. A method according to claim 21, further comprising referencing a file of unwanted advertisement sites to identify objects associated with the unwanted advertisement sites that may not be downloaded.
  - 35. A Web advertisement blocker comprising computer-executable instructions implementing the method of claim 21.

22-25. -25. (canceled)

36. A Web advertisement blocker, comprising:
- computer-executable instructions embodied on computer-readable media, and when executed, the computer-executable instructions facilitate, sending a request to access a target Web page;
  
  receiving a list of objects in the target Web page;
  
  identifying advertisement objects in the list of objects in the target Web page;
  
  selecting randomly a subset of the identified advertisement objects; and
  
  downloading, in an encrypted form, the objects in the target Web page except the subset of identified advertisement objects.
- View Dependent Claims (37, 38, 39, 40, 41, 42)
- - 37. A Web advertisement blocker according to claim 36, wherein receiving receives a Hypertext Transport Protocol document including the list of objects.
  - 38. A Web advertisement blocker according to claim 36, wherein the computer-executable instructions further facilitate issuing a Hypertext Transport Protocol GET request for downloading objects in the target Web page.
  - 39. A Web advertisement blocker according to claim 36, wherein the computer-executable instructions further facilitate referencing a file of unwanted advertisement sites to identify objects associated with the unwanted advertisement sites that may not be downloaded.
  - 40. A Web advertisement blocker according to claim 36, wherein identifying includes comparing the list of objects in the target Web page with a list of advertisement sites.
  - 41. A Web advertisement blocker according to claim 40, wherein a name resolution file includes the list of advertisement sites.
  - 42. A Web advertisement blocker according to claim 36, wherein the computer-executable instructions are embodied on computer-readable media associated with an Internet client computer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Simon, Daniel R., Wang, Yi-Min, Padmanabhan, Venkata N., Qiu, Lili, Russell, Wilfred, Sun, Qixiang

Application Number

US11/263,673
Publication Number

US 20060059091A1
Time in Patent Office

Days
Field of Search
US Class Current

705/50
CPC Class Codes

G06F 2221/2107   File encryption

G06F 2221/2119   Authenticating web pages, e...

G06Q 20/10   specially adapted for elect...

G06Q 20/102   Bill distribution or payments

G06Q 20/1085   involving automatic teller ...

G06Q 20/40   Authorisation, e.g. identif...

H04L 63/0407   wherein the identity of one...

H04L 63/1408   by monitoring network traff...

System and method for evaluating and enhancing source anonymity for encrypted web traffic

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

157 Citations

42 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for evaluating and enhancing source anonymity for encrypted web traffic

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

157 Citations

42 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links