Client side protection against drive-by pharming via referrer checking
US7827311B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | May 9, 2007 |
| Grant date | Nov 2, 2010 |
| Priority date | — |
| Expiry date | Jul 26, 2029 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L67/56
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
HTTP requests initiated from a web browser of a client computer system are proxied prior to release to a router, such as a home router. HTTP requests identifying a referrer URL corresponding to routable, public IP address and a target URL corresponding to a non-routable, private IP address are determined to be indicative of a drive-by pharming attack, and are blocked from sending to the router. HTTP requests not identifying a referrer URL corresponding to a routable, public IP address and a target URL corresponding to a non-routable, private IP address, the HTTP request are not determined to be indicative of a drive-by pharming attack, and are released for sending to the router. In some embodiments, an HTTP response received in response to a released HTTP request is proxied prior to release to the web browser. An HTTP response having content of type text/html or script is modified as indicated to prevent malicious activity and released to the web browser.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.