US2016142437A1PendingUtilityA1

Method and system for preventing injection-type attacks in a web based operating system

Assignee: SAMSUNG ELECTRONICS CO LTDPriority: Nov 17, 2014Filed: Nov 17, 2014Published: May 19, 2016
Est. expiryNov 17, 2034(~8.3 yrs left)· nominal 20-yr term from priority
G06F 16/10G06F 21/53H04L 67/02G06F 40/221H04W 4/60G06F 21/562G06F 21/554G06F 21/563G06F 2221/2113G06F 16/986H04L 63/1466G06F 2221/2107G06F 2221/2119H04L 63/1425G06F 17/2247H04L 63/1408G06F 40/143H04W 12/128
52
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A method for detecting a malicious code which is injected into the command stream of a widget running by a web-based OS at a device is disclosed. The method requires (a) analyzing the widget at an App-Store to determine first invariant data; (b) recording within a metadata file first invariant data; (c) associating said metadata file with said widget, and supplying said widget within a user device; (d) upon running said widget, activating a monitoring module, analyzing the running widget and determining by said module a second invariants data, and comparing respectively said second determined invariant data with said first determined invariants data; and (e) issuing an alert upon detection of a variation above a predefined value between said second determined invariant data and said first determined invariant data, respectively.

Claims

exact text as granted — not AI-modified
1 . A method for detecting a malicious code which is injected into the command stream of a widget running by a web-based OS at a device, which comprises:
 a) analyzing the widget at an App-Store to determine a first collection of invariants;   b) recording within a metadata file first invariant data, said first invariant data being the determined first collection of invariants, a first structural representation of said invariants, or a first combination thereof;   c) associating said metadata file with said widget, and supplying said widget, including said associated metadata file to within a user device;   d) upon running said widget by a web based OS at said user device, activating a monitoring module, analyzing the running widget and determining by said module in a manner substantially the same as previously done at the App Store a second invariants data, said invariants data being a second collection of invariants, a second structural representation of said invariants, or a combination thereof, and comparing respectively said second determined invariant data with said first determined invariants data; and   e) issuing an alert upon detection of a variation above a predefined value between said second determined invariant data and said first determined invariant data, respectively.   
     
     
         2 . The method according to  claim 1 , wherein said first or second invariants data comprises one or more of (a) HTML pages; (b) a Java Script (JS) functional call graph; (c) external JS libraries items that are used by the widget; and (d) The CSSs (Cascading Style Sheets) that are used by the widget. 
     
     
         3 . The method according to  claim 1 , wherein said first or second invariants data of the HTML pages, is the DOM tree of the HTML pages. 
     
     
         4 . The method according to  claim 1 , wherein said monitoring module is a part of said web-based OS. 
     
     
         5 . The method according to  claim 1 , wherein when an update is introduced at the APP-Store to said widget, a corresponding updated metadata file is also prepared, and sent to the device together with said update to the widget. 
     
     
         6 . The method according to  claim 1 , wherein the monitoring module is a part of the web based OS rendering engine. 
     
     
         7 . The method according to  claim 1 , wherein all updates to said widget, said metadata file, and said web based OS are performed by the App-Store. 
     
     
         8 . The method according to  claim 1 , which is generic in terms of being independent from the nature of the specific widget, and from the nature of the malicious code which is injected into the command stream of a widget. 
     
     
         9 . The method according to  claim 1 , wherein the web based OS is the Tizen OS. 
     
     
         10 . The method according to  claim 1 , wherein the first or second invariants data are a partial relative to the entire invariants data of the widget, respectively. 
     
     
         11 . The method according to  claim 1 , wherein the metadata file is encoded, before supplying the same to the device.

Join the waitlist — get patent alerts

Track US2016142437A1 — get alerts on status changes and closely related new filings.

We store only your email — no account needed. See our privacy policy.