Methods and systems for API-level intrusion detection

Assignee

• Wipro Limited · IN

Inventors

• Anand Thakadu · Redmond, US
• Anirban Bhattacharya · Bengaluru, IN
• Kuldip Shetty · Leh, IN
• Krishna Prasad Muraleedharan Pillai · Perumbavoor, IN
• Ravi Udaya Kumble · Bengaluru, IN
• Sourav Sam Bhattacharya · Fountain Hills, US
• Venu Aluri · Gudlavalleru, IN
• Vitesh Patel · Bengaluru, IN

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F21/554
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

This disclosure generally relates to computer security, and more particularly to methods and systems for application programming interface (API)-level intrusion detection. In some embodiments, a computer-readable medium is disclosed, storing instructions for: receiving an API call for a service at an API sandbox module; parsing the API call to extract at least one of: an API call name; and or one or more API call parameters; generating a copy of the at least one of: the API call name and or the one or more API call parameters; determining, via an intrusion detection rules execution engine, whether the API call violates one or more security rules obtained from a security rules object, using the copy of the at least one of: the API call name and or the one or more API call parameters; and providing an indication of whether the API call violates the one or more security rules.