Detecting malicious code existing in internet advertisements by ongoing sandbox monitoring
US10614213B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Nov 18, 2019 |
| Grant date | Apr 7, 2020 |
| Priority date | — |
| Expiry date | Nov 18, 2039 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/2119
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
There are disclosed devices, system and methods for detecting malicious code existing in an internet advertisement (ad) requested by a published webpage viewed by a user. First, receipt of malicious code of the ad is detected, where that code may be malicious code that causes a browser unwanted action without user action. If the internet ad is an SCR type document, the malicious code may be wrapped in a java script (JS) closure to detect an unwanted action requested by the malicious code. The malicious code is executed a browser sandbox that activates the unwanted action, that displays execution of the internet ad and that allows execution of the unwanted action. When a security error resulting from the unwanted action is detected, executing the malicious code in the browser sandbox is discontinued, displaying of the internet ad on the display is discontinued, and execution of the unwanted action is stopped.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.