Patent · US Active

Methods and systems for detecting man-in-the-browser attacks

US8225401B2 · kind B2 · utility

52Cited by

1References

20Claims

0Family size

Assignee

Symantec Corporation · US

Inventors

William E. Sobel · Jamul, US
Sourabh Satish · Fremont, US

Key dates

Filing date	Dec 18, 2008
Grant date	Jul 17, 2012
Priority date	—
Expiry date	May 8, 2031

Classification

Technology area (CPC H)Electricity
CPC primaryH04L67/02
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A computer-implemented method for detecting man-in-the-browser attacks may include identifying a transaction fingerprint associated with a web site. The method may also include tracking a user's input to the web site. The user's input may be received through a web browser. The method may further include intercepting an outgoing submission to the web site. The method may additionally include determining whether, in light of the transaction fingerprint, the user's input generated the outgoing submission. Various other methods, systems, and computer-readable media are also disclosed.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.