专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明公开

EP3021550A1 SYSTEM AND METHOD FOR IDENTIFYING INTERNET ATTACKS 审中-公开
标题翻译： VERFAHREN UND SYSTEM ZUR IDENTIFIZIERUNG VON INTERNETANGRIFFE
公开(公告)号：EP3021550A1
公开(公告)日：2016-05-18
申请号：EP15191950.3
申请日：2015-10-28
申请人： Pastore, Nicolo , Giangregorio, Carmine , Rimmaudo, Paolo , Bogana, Matteo Paolo
发明人： Pastore, Nicolo , Giangregorio, Carmine , Rimmaudo, Paolo , Bogana, Matteo Paolo
IPC分类号： H04L29/06
CPC分类号： H04L63/1466 , G06F21/554 , G06F2221/032
摘要： The present disclosure relates to a system (1) and a method that employs such system (1) to detect and counteract Internet attacks of Man-in-the-Browser and/or Man-in-the-Middle type. The system (1) comprises a Traffic Inspector (2) in signal communication with a client computer (3) having a Web browser (4) residing therein for Internet browsing and with a Web server (5) having a Web application (6) residing therein. The Traffic Inspector (2) is configured to receive a request associated with the Web application (6) from the Web browser (4) and to send it to the Web browser (5), the Traffic Inspector (2) is configured to receive a DOM server code associated with the request from the Web server (5). The system is characterized in that it comprises a Traffic Analyzer (7) in signal communication with the Traffic Inspector (2) and having an algorithm application (8) residing therein, the Traffic Inspector (2) is configured to add a default code portion to the DOM server code to thereby generate a DOM client code to be sent to the Web browser (4) to receive a DOM rendered code associated with the DOM client code, the Traffic Inspector (2) is configured to send the DOM client code and the DOM rendered code to the Traffic Analyzer (7), the algorithm application (8) is configured to process the DOM rendered code to compare it with the DOM client code, to thereby identify at least one code difference.
摘要翻译：本公开涉及一种使用该系统（1）来检测和抵消浏览器中和/或中间人类的因特网攻击的系统（1）和方法。系统（1）包括与客户计算机（3）进行信号通信的业务检查器（2），所述客户端计算机具有驻留在其中的用于因特网浏览的Web浏览器（4），以及具有驻留在其上的Web应用程序（6）的Web服务器（5）在其中。交通督察（2）被配置为从Web浏览器（4）接收与Web应用（6）相关联的请求，并将其发送到Web浏览器（5），流量检查器（2）被配置为接收与Web服务器的请求相关联的DOM服务器代码（5）。该系统的特征在于，其包括与业务检查器（2）进行信号通信并具有驻留在其中的算法应用（8）的业务分析器（7），所述业务检查器（2）被配置为将默认代码部分添加到 DOM服务器代码，从而生成要发送到Web浏览器（4）的DOM客户端代码，以接收与DOM客户端代码相关联的DOM渲染代码，流量检查器（2）被配置为发送DOM客户端代码和 DOM渲染代码到流量分析器（7），算法应用程序（8）被配置为处理DOM渲染代码以将其与DOM客户端代码进行比较，从而识别至少一个代码差异。

2. 发明公开

EP3021551A1 METHOD OF IDENTIFYING AND COUNTERACTING INTERNET ATTACKS 审中-公开
标题翻译： VERFAHREN ZUR IDENTIFIZIERUNG UND ENTGEGENWIRKEN VON INTERNETANGRIFFE
公开(公告)号：EP3021551A1
公开(公告)日：2016-05-18
申请号：EP15192252.3
申请日：2015-10-30
申请人： Pastore, Nicolo , Parrinello, Emanuele , Giangregorio, Carmine
发明人： Pastore, Nicolo , Parrinello, Emanuele , Giangregorio, Carmine
IPC分类号： H04L29/06
CPC分类号： H04L63/1466 , G06F21/554 , G06F2221/032 , G06F2221/2107 , H04L63/0281 , H04L63/0428 , H04L63/061 , H04L63/067 , H04L63/08 , H04L63/0876 , H04L63/1416 , H04L67/02
摘要： The present disclosure relates to a method of identifying and counteracting Internet attacks, of Man-in-the-Browser and/or Man-in-the-Middle and/or Bot attack types, comprising the steps of: generating a request by a Web browser, concerning a Web application residing in a Web server; sending the request by the Web browser to a box server, which is in signal communication with the Web server; receiving a server DOM code by the box server, which code has been automatically generated by the Web server according to the request; sending a service page code by the box server to the Web browser, in response to the request, the service page code comprising an obfuscated and polymorphic javascript code and/or HTML code; receiving and processing the javascript code and/or HTML code, by the Web browser, to automatically generate an asynchronous request, such that environment data of the Web server may be transmitted to the box server; processing the environment data by the box server, to identify Internet attacks; performing an encryption function on the server DOM code by the box server to generate an obfuscated DOM code, and sending the obfuscated DOM code to the Web browser in response to the asynchronous request; performing a decryption function on the obfuscated DOM code by the service page code, to obtain the server DOM code; rendering the server DOM code by the Web browser.
摘要翻译：本公开涉及一种识别和抵消浏览器和/或中间和/或Bot攻击类型的因特网攻击的方法，包括以下步骤：通过Web生成请求浏览器，涉及驻留在Web服务器中的Web应用程序; 将所述Web浏览器的请求发送到与所述Web服务器进行信号通信的盒服务器; 通过盒服务器接收服务器DOM代码，该代码已经由Web服务器根据请求自动生成; 响应于所述请求，所述服务页面代码由所述盒服务器发送到所述Web浏览器，所述服务页面代码包括混淆和多态的JavaScript代码和/或HTML代码; 通过Web浏览器接收和处理JavaScript代码和/或HTML代码以自动生成异步请求，使得Web服务器的环境数据可以被发送到盒服务器; 通过盒式服务器处理环境数据，识别Internet攻击; 通过盒服务器对服务器DOM代码执行加密功能以产生模糊的DOM代码，并且响应于异步请求将混淆的DOM代码发送到Web浏览器; 通过服务页面代码对混淆的DOM代码执行解密功能，以获得服务器DOM代码; 通过Web浏览器呈现服务器DOM代码。

3. 发明专利

ITMI20100514A1 SCHERMO DI VISUALIZZAZIONE TATTILE OLED. 未知
公开(公告)号：ITMI20100514A1
公开(公告)日：2011-09-27
申请号：ITMI20100514
申请日：2010-03-26
申请人： BOGANA MATTEO PAOLO , CELANI ANDREA , PASTORE NICOLO'
发明人： CELANI ANDREA , PASTORE NICOLO'

4. 发明专利

ITMI20102210A1 METODO PER INTERPRETARE GESTURES SU DI UNO SCHERMO A SFIORAMENTO DI TIPO RESISTIVO. 未知
公开(公告)号：ITMI20102210A1
公开(公告)日：2012-05-30
申请号：ITMI20102210
申请日：2010-11-29
申请人： BOGANA MATTEO PAOLO , CELANI ANDREA , PASTORE NICOLO
发明人： BOGANA MATTEO PAOLO , CELANI ANDREA , PASTORE NICOLO
IPC分类号： G06F3/048 , G06F3/0484 , G06F3/0488

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式