Detecting URL scheme hijacking
US10009374B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Aug 4, 2015 |
| Grant date | Jun 26, 2018 |
| Priority date | — |
| Expiry date | Apr 7, 2036 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/145
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A computer-implemented method for detecting malware is described. In some embodiments, the method includes identifying an application identifier of a first application paired with a universal resource locator (URL) scheme, and storing the identified pairing of the application identifier and URL scheme of the first application in a database. In some cases, the database stores URL scheme pairings of a plurality of applications. In some embodiments, the method includes identifying an application identifier of a first application paired with a universal resource locator (URL) scheme, identifying a second application as an unknown application, detecting a request to register a URL scheme pairing of the second application, querying the database based on the request to register the URL scheme pairing of the second application, and determining whether the second application is potential malware based on a result of the querying.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.