Passive detection of digital skimming attacks
US12074903B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jul 28, 2021 |
| Grant date | Aug 27, 2024 |
| Priority date | — |
| Expiry date | Nov 30, 2042 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/20
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Techniques to facilitate prevention of malicious attacks on a web service are disclosed herein. In at least one implementation, web resources associated with the web service are crawled to obtain information about internal and external web assets associated with the web service. Responses from the internal and external web assets are intercepted and content security policy headers are dynamically injected into the responses to determine internal and external dependency data associated with the internal and external web assets. The internal and external dependency data is processed with script reputation and domain reputation data to generate enriched dependency graph data. The enriched dependency graph data is analyzed to dynamically generate content security policies for the web service, and the dynamically generated content security policies are deployed to protect the web service.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.