Patent · US Active

Apparatus and methods for detecting malicious scripts in web pages

US9398032B1 · kind B1 · utility

8Cited by

13References

14Claims

0Family size

Assignee

Trend Micro Incorporated · JP

Inventors

Xiaochuan Wan · Xibeiwang, CN
Yongtao Cao · 安丰镇, CN
Xuewen Zhu · Suzhou, CN
Hua Ye · Nanjing, CN

Key dates

Filing date	Jul 9, 2009
Grant date	Jul 19, 2016
Priority date	—
Expiry date	Dec 9, 2034

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1491
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

One embodiment relates to a computer-implemented method for detecting malicious scripts in web pages. A local engine and an application are executed at a client computer. The local engine intercepts an access by the application to a web page at a universal resource locator (URL) under a domain. The local engine determines scripts at the URL and scripts at other URLs under the domain. Using that information, the local engine determines if the scripts at the URL include one or more unique script(s). The local engine sends the unique script(s), if any, via a network to a script analyzer. The script analyzer may then perform emulation of the unique script(s) to detect malicious code therein. Other embodiments, aspects and features are also disclosed.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.