System and method for risk rating and detecting redirection activities
First Claim
1. A method, comprising:
- receiving, from a client device in a network environment, a first network address to be evaluated;
searching predetermined risk ratings in a memory element for a first predetermined risk rating associated with the first network address;
configuring, when none of the predetermined risk ratings indicates the first network address is malicious, a first request to the first network address to prevent a redirection to another network address from being followed;
sending the first request to the first network address;
determining whether a first response to the first request indicates a first redirection from the first network address to a second network address; and
searching the predetermined risk ratings for a second predetermined risk rating associated with the second network address if the first redirection from the first network address to the second network address is indicated in the first response,wherein, if the second predetermined risk rating is found and indicates the second network address is malicious, the first redirection is not followed and information is provided to the client device based on the second predetermined risk rating.
10 Assignments
0 Petitions
Accused Products
Abstract
A method in one example implementation includes sending a first request to a first network address on a first server and determining whether the first network address has been redirected on the server to a second network address. The method further includes searching a memory element for a predetermined risk rating associated with the second network address if the first network address has been redirected to the second network address. The method also includes providing a risk response to a client if a predetermined risk rating is found. In more specific embodiments, the risk response includes sending an alert to the client or blocking the client from accessing the second network address if the predetermined risk rating indicates the second network address is malicious. In other more specific embodiments, the first network address is redirected to one or more other network addresses before being redirected to the second network address.
20 Citations
20 Claims
-
1. A method, comprising:
-
receiving, from a client device in a network environment, a first network address to be evaluated; searching predetermined risk ratings in a memory element for a first predetermined risk rating associated with the first network address; configuring, when none of the predetermined risk ratings indicates the first network address is malicious, a first request to the first network address to prevent a redirection to another network address from being followed; sending the first request to the first network address; determining whether a first response to the first request indicates a first redirection from the first network address to a second network address; and searching the predetermined risk ratings for a second predetermined risk rating associated with the second network address if the first redirection from the first network address to the second network address is indicated in the first response, wherein, if the second predetermined risk rating is found and indicates the second network address is malicious, the first redirection is not followed and information is provided to the client device based on the second predetermined risk rating. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. One or more non-transitory tangible media that includes code for execution and when executed by a processor is operable to perform operations comprising:
-
receiving, from a client device in a network environment, a first network address to be evaluated; searching predetermined risk ratings in a memory element for a first predetermined risk rating associated with the first network address; configuring, when none of the predetermined risk ratings indicates the first network address is malicious, a first request to the first network address to prevent a redirection to another network address from being followed; sending the first request to the first network address; determining whether a first response to the first request indicates a first redirection from the first network address has to a second network address; and searching the predetermined risk ratings for a second predetermined risk rating associated with the second network address if the first redirection from the first network address to the second network address is indicated in the first response, wherein, if the second predetermined risk rating is found and indicates the second network address is malicious, the first redirection is not followed and information is provided to the client device based on the second predetermined risk rating. - View Dependent Claims (11, 12, 13, 17, 18)
-
-
14. An apparatus, comprising:
-
a redirection module; a memory element configured to store one or more network addresses each having an associated risk rating; and a processor operable to execute instructions associated with the redirection module, including; receiving, from a client device in a network environment, a first network address to be evaluated; searching predetermined risk ratings in the memory element for a first predetermined risk rating associated with the first network address; configuring, when none of the predetermined risk ratings indicates the first network address is malicious, a first request to the first network address to prevent a redirection to another network address from being followed; sending the first request to the first network address; determining whether a first response to the first request indicates a first redirection from the first network address to a second network address; and searching the predetermined risk ratings for a second predetermined risk rating associated with the second network address if the first redirection from the first network address has been redirected to the second network address is indicated in the first response, wherein, if the second predetermined risk rating is found and indicates the second network address is malicious, the first redirection is not followed and information is provided to the client device based on the second predetermined risk rating. - View Dependent Claims (15, 16, 19, 20)
-
Specification