[특허]Identifying and managing web risks

Identifying and managing web risks 원문보기

IPC분류정보
국가/구분	United States(US) Patent 등록
국제특허분류(IPC7판)	H04L-029/06
출원번호	US-0178772 (2008-07-24)
등록번호	US-8286239 (2012-10-09)
발명자 / 주소	Sutton, Michael
출원인 / 주소	Zscaler, Inc.
대리인 / 주소	Clements Bernard PLLC
인용정보	피인용 횟수 : 49 인용 특허 : 0

초록 ▼

Systems, methods and apparatus for identifying web risks use a web risk service external to network edges of at least one system. The web risk service receives a web request from a computer within the at least one system, the web request identifying at least one network address. The web risk service determines a web risk index score for the at least one network address, and compares the determined web risk index score to at least one threshold value. Based on the comparison, the service determines how to handle the web request, e.g., by forwarding, blocking, and/or logging the web request.

대표청구항 ▼

1. A network security system, comprising: a web risk service operating on a server comprising a processing node and external to network edges of at least one system, the web risk service configured to:receive a web request from a computer within the at least one system, the web request identifying at least one network address;determine a web risk index score for the at least one network address, the web risk index score based on a third party analysis, a passive analysis comprising an in-line analysis of the web request in real time, and an active analysis comprising a plurality of queries to the at least one network address with each query configured to solicit a different response in order to identify separate risk information;compare the determined web risk index score to at least one threshold value;handle the web request based on the comparison; andprovide the determined web risk index score to an authority node such that the authority node shares the determined web risk index score with a plurality of additional processing nodes;wherein the web risk service operates at the processing node with all web requests from the computer sent over the Internet via a tunnel, a transparent proxy, a forward proxy, or redirection to the processing node. 2. The system of claim 1, wherein the web risk service is further configured to transmit a status of the web request to the computer. 3. The system of claim 1, wherein the web risk service is further configured to perform a lookup in at least one web risk table to determine the web risk index score. 4. The system of claim 3, wherein the at least one web risk table resides within the web risk service. 5. The system of claim 4, wherein the at least one web risk table comprises the values of one or more web risk indicators for a particular domain name, URL, or server identified by the web request. 6. The system of claim 1, wherein the web risk service is further configured to: identify a plurality of values, each of the plurality of values associated with a respective risk indicator based on the third party analysis, the passive analysis and the active analysis, wherein at least some of the identified plurality of values contribute to the web risk index score. 7. The system of claim 6, wherein the web risk service is configured to determine the web risk index score by calculating a weighted average of at least some of the identified plurality of values. 8. The system of claim 1, wherein: the third party analysis comprises utilizing datasets of known malicious sites and analyzing datasets comprising factual data to provide insight into potential risk;the passive analysis comprises an in-line analysis of the web request in real time to obfuscated code, client side vulnerabilities, common indications of malicious activity, and invalid certificates; andthe active analysis comprises queries sent by the server to identify vulnerable components and fingerprint web sites. 9. The system of claim 1, wherein the web risk service is configured to handle the web request by permitting, blocking, or permitting but logging the web request. 10. The system of claim 1, wherein the web risk service is configured to handle the web request by permitting the web request and providing a warning message for display on the computer. 11. A network security system, comprising: a web risk service operating between a plurality of servers and external to network edges of at least one system, the web risk service configured to:perform a third party analysis, a passive analysis, and an active analysis to determine a plurality of values identifying risk indicators;receive a web request from a computer within the at least one system, the web request identifying at least one network address;determine at least one value of the plurality of values identifying a risk indicator for the at least one network address;compare the at least one value to a definitive rule list;handle the web request based on the comparison; andprovide the risk indicator for the at least one network address to an authority node such that the authority node shares the risk indicator with a plurality of processing nodes;wherein the passive analysis comprises an in-line analysis of the web request in real time to obfuscated code, client side vulnerabilities, common indications of malicious activity, and invalid certificates;wherein the active analysis comprises a plurality of queries sent by the server to identify vulnerable components and fingerprint web sites, wherein each query is configured to solicit a different response in order to identify separate risk information;wherein the plurality of servers comprise at least one processing node with all web requests from the computer sent over the Internet via a tunnel, a transparent proxy, a forward proxy, or redirection to the at least processing node. 12. A method of malware detection, comprising: a server comprising a processing node receiving a web request from a computer within the at least one system over the Internet via a tunnel, a transparent proxy, a forward proxy, or redirection, the web request identifying at least one network address, wherein the computer is connected to an external network directly through the processing node;the server determining a web risk index score for the at least one network address, the web risk score based on a third party analysis, a passive analysis, and an active analysis;the server comparing the determined web risk index score to at least one threshold value;the server handling the web request based on the comparison; andproviding the determined web risk index score to an authority node such that the authority node shares the determined web risk index score with a plurality of additional processing nodes;wherein the passive analysis comprises an in-line analysis of the web request in real time to obfuscated code, client side vulnerabilities, common indications of malicious activity, and invalid certificates; andwherein the active analysis comprises a plurality of queries sent by the server to identify vulnerable components and fingerprint web sites, wherein each query is configured to solicit a different response in order to identify separate risk information. 13. The method of claim 12, further comprising transmitting a status of the web request to the computer. 14. The method of claim 12, further comprising performing a lookup in at least one web risk table to determine the web risk index score. 15. The method of claim 14, wherein the at least one web risk table comprises the values of one or more web risk indicators for a particular domain name, URL, or server identified by the web request. 16. The method of claim 12, further comprising identifying a plurality of values, each of the plurality of values associated with a respective risk indicator, wherein at least some of the identified plurality of values contribute to the web risk index score. 17. The method of claim 16, wherein determining the web risk index score comprises calculating a weighted average of at least some of the identified plurality of values. 18. The method of claim 12, wherein handling the web request comprises handling the web request by permitting, blocking, or permitting but logging the web request. 19. The method of claim 12, wherein handling the web request comprises handling the web request by permitting the web request and providing a warning message for display on the computer.

이 특허를 인용한 특허 (49)

Thomson, Allan; Coleman, Christopher D., Apparatuses, methods and systems for a cyber threat confidence rating visualization and editing user interface.
상세보기
Thomson, Allan; Coleman, Christopher D., Apparatuses, methods and systems for a cyber threat visualization and editing user interface.
상세보기
Bhatt, Sandeep N.; Sander, Tomas; Singla, Anurag, Attack notification.
상세보기
Weith, Loren; Desai, Deepen; Sinha, Amit, Cloud based systems and methods for determining security risks of users and groups.
상세보기
Barday, Kabir A., Data processing and communications systems and methods for the efficient implementation of privacy by design.
상세보기
Barday, Kabir A., Data processing systems and communication systems and methods for the efficient generation of privacy risk assessments.
상세보기
Barday, Kabir A.; Brannon, Jonathan Blake, Data processing systems and communications systems and methods for integrating privacy compliance systems with software development and agile tools for privacy design.
상세보기
Barday, Kabir A.; Brannon, Jonathan Blake, Data processing systems and methods for efficiently assessing the risk of privacy campaigns.
상세보기
Barday, Kabir A., Data processing systems and methods for integrating privacy information management systems with data loss prevention tools or other tools for privacy design.
상세보기
Barday, Kabir A., Data processing systems and methods for operationalizing privacy compliance via integrated mobile applications.
상세보기
Barday, Kabir A., Data processing systems and methods for performing privacy assessments and monitoring of new versions of computer code for privacy compliance.
상세보기
Barday, Kabir A., Data processing systems and methods for performing privacy assessments and monitoring of new versions of computer code for privacy compliance.
상세보기
Barday, Kabir A.; Sabourin, Jason L.; Brannon, Jonathan Blake; Karanjkar, Mihir S.; Jones, Kevin, Data processing systems for fulfilling data subject access requests and related methods.
상세보기
Barday, Kabir A.; Karanjkar, Mihir S.; Finch, Steven W.; Browne, Ken A.; Heard, Nathan W.; Patel, Aakash H.; Sabourin, Jason L.; Daniel, Richard L.; Patton-Kuhl, Dylan D.; Brannon, Jonathan Blake, Data processing systems for generating and populating a data inventory.
상세보기
Barday, Kabir A.; Karanjkar, Mihir S.; Finch, Steven W.; Browne, Ken A.; Heard, Nathan W.; Patel, Aakash H.; Sabourin, Jason L.; Daniel, Richard L.; Patton-Kuhl, Dylan D.; Brannon, Jonathan Blake, Data processing systems for generating and populating a data inventory for processing data access requests.
상세보기
Barday, Kabir A.; Brannon, Jonathan Blake, Data processing systems for measuring privacy maturity within an organization.
상세보기
Barday, Kabir A.; Brannon, Jonathan Blake, Data processing systems for modifying privacy campaign data via electronic messaging systems.
상세보기
Barday, Kabir A.; Sabourin, Jason L.; Brannon, Jonathan Blake; Karanjkar, Mihir S.; Jones, Kevin, Data processing systems for prioritizing data subject access requests for fulfillment and related methods.
상세보기
Beaumont, Richard; Mannix, John, Data processing systems for tracking reputational risk via scanning and registry lookup.
상세보기
Popovici, Radu; Huang, Yi-An, Detecting compromised resources.
상세보기
Brandwine, Eric J., Detecting scans using a bloom counter.
상세보기
Speegle, Brian L.; Potlapally, Nachiketh Rao, Detecting unauthorized websites.
상세보기
Rubin, Gregory A., Detection of and responses to network attacks.
상세보기
Rubin, Gregory A., Detection of and responses to network attacks.
상세보기
Kgil, Taeho; Aissi, Selim, Device communication based on device trustworthiness.
상세보기
Liebmann, Nicholas; Tiddy, Raoul; Bishop, Michael, Distributed system and method for tracking and blocking malicious internet hosts.
상세보기
Liebmann, Nicholas; Tiddy, Raoul; Bishop, Michael, Distributed system and method for tracking and blocking malicious internet hosts.
상세보기
Liebmann, Nicholas; Tiddy, Raoul; Bishop, Mike, Distributed system and method for tracking and blocking malicious internet hosts.
상세보기
Klatt, Michael; Roberts, Bruce Wharton; Helming, Timothy C., Domain reputation evaluation process and method.
상세보기
Bahrs, Peter C.; Brown, Kyle G.; Nasser, Samir A., Dynamic system segmentation for service level agreements enforcement.
상세보기
Halabi, Mohamad, Firewall policy comparison.
상세보기
Deakin, Hannah; Jiang, Fenghui; McNamara, John; Whittick, Emlyn, Generating security permissions.
상세보기
Bhatt, Sandeep N.; Horne, William G.; Moor, Daniel L.; Pramanik, Suranjan; Sander, Tomas, Identifying participants for collaboration in a threat exchange community.
상세보기
Long, Zhuan, Method and apparatus for detecting website security.
상세보기
Wong, Onn Chee; Loh, Siew Keng; Yang, Hui; Wang, You Liang, Method and system for securing against leakage of source code.
상세보기
Giakouminakis, Anastasios; Malm, Sheldon E; Loder, Chad; Li, Richard D, Methods and systems for improved risk scoring of vulnerabilities.
상세보기
Robertson, Ian, Network security processing.
상세보기
Robertson, Ian, Network security processing.
상세보기
Schoenrock, Peter, Networked transmission of reciprocal identity related data messages.
상세보기
Schoenrock, Peter, Networked transmission of reciprocal identity related data messages.
상세보기
Tongshu, Li; Jing, Zheng; Jianzheng, Lin, SQL injection prevention.
상세보기
Rajagopalan, Siva Raj; Sander, Tomas; Pramanik, Suranjan, Security threat analysis.
상세보기
Huang, Wei; Zhou, Yizheng; Njemanze, Hugh, Space and time efficient threat detection.
상세보기
Hearn, Michael Christopher; Archer, Andrew M.; Thakur, Madhukar Narayan; Shen, Honghai; Doshi, Shreyas S., System and method for generating user authentication challenges.
상세보기
Dorrendorf, Leonid; Berengoltz, Pavel, System and method for validating and controlling applications.
상세보기
Shankar, Umesh; Bonneau, Joesph, Systems and methods for determining trust when interacting with online resources.
상세보기
Ashley, Peter, Systems and methods for modifying security based on reputation information.
상세보기
MaGill, Adam; Smith, Benjamin; Nedostup, Nicholas; Spinelli, Anthony, Systems and methods for network risk reduction.
상세보기
Horne, William G.; Moor, Daniel L.; Austin, Richard D.; Sander, Tomas; Rao, Prasad V.; Bhatt, Sandeep N., Threat exchange information protection.
상세보기

IPC	Description
A	생활필수품
A62	인명구조; 소방(사다리 E06C)
A62B	인명구조용의 기구, 장치 또는 방법(특히 의료용에 사용되는 밸브 A61M 39/00; 특히 물에서 쓰이는 인명구조 장치 또는 방법 B63C 9/00; 잠수장비 B63C 11/00; 특히 항공기에 쓰는 것, 예. 낙하산, 투출좌석 B64D; 특히 광산에서 쓰이는 구조장치 E21F 11/00)
A62B-1/08	.. 윈치 또는 풀리에 제동기구가 있는 것

내보내기 구분	파일저장 인쇄 메일전송
구성항목	기본정보 상세정보 관리번호, 국가코드, 자료구분, 상태, 출원번호, 출원일자, 공개번호, 공개일자, 등록번호, 등록일자, 발명명칭(한글), 발명명칭(영문), 출원인(한글), 출원인(영문), 출원인코드, 대표IPC 관리번호, 국가코드, 자료구분, 상태, 출원번호, 출원일자, 공개번호, 공개일자, 공고번호, 공고일자, 등록번호, 등록일자, 발명명칭(한글), 발명명칭(영문), 출원인(한글), 출원인(영문), 출원인코드, 대표출원인, 출원인국적, 출원인주소, 발명자, 발명자E, 발명자코드, 발명자주소, 발명자 우편번호, 발명자국적, 대표IPC, IPC코드, 요약, 미국특허분류, 대리인주소, 대리인코드, 대리인(한글), 대리인(영문), 국제공개일자, 국제공개번호, 국제출원일자, 국제출원번호, 우선권, 우선권주장일, 우선권국가, 우선권출원번호, 원출원일자, 원출원번호, 지정국, Citing Patents, Cited Patents
저장형식	Text(ASCII format) Excel format PIAS분석(.xls)
메일정보	받는사람 (필수) @ 보내는사람 (선택) @ 제목 내용 KISTI 검색결과 이메일 서비스
안내	총 건의 자료가 검색되었습니다. 다운받으실 자료의 인덱스를 입력하세요. (1-10,000) 검색결과의 순서대로 최대 10,000건 까지 다운로드가 가능합니다. 데이타가 많을 경우 속도가 느려질 수 있습니다.(최대 2~3분 소요) 다운로드 파일은 UTF-8 형태로 저장됩니다. 파일의 내용이 제대로 보이지 않을실 때는 웹브라우저 상단의 보기 -> 인코딩 -> 자동선택 여부를 확인하십시오. ~ Text(ASCII format) Excel format

연합인증

Identifying and managing web risks 원문보기

초록 ▼

대표청구항 ▼

연구과제 타임라인

이 특허를 인용한 특허 (49)

관련 콘텐츠

특허 원문 보기

IPC 상위 출원인

AI-Helper ※ AI-Helper는 오픈소스 모델을 사용합니다.

선택된 텍스트

연합인증

Identifying and managing web risks 원문보기

초록 ▼

대표청구항 ▼

연구과제 타임라인

전체(0) 논문(0) 특허(0) 보고서(0)

전체(0) 논문(0) 특허(0) 보고서(0)

이 특허를 인용한 특허 (49)

관련 콘텐츠

특허 원문 보기

IPC 상위 출원인

AI-Helper ※ AI-Helper는 오픈소스 모델을 사용합니다.

선택된 텍스트