-
公开(公告)号:US20160149953A1
公开(公告)日:2016-05-26
申请号:US14481867
申请日:2014-09-09
申请人: SHAPE SECURITY, INC.
发明人: ARIYA HIDAYAT
IPC分类号: H04L29/06
摘要: Computer systems and methods in various embodiments are configured for improving the security and efficiency of client computers interacting with server computers through an intermediary computer using one or more polymorphic protocols. In an embodiment, a computer system comprises a memory; a processor coupled to the memory; a processor logic coupled to the processor and the memory, and configured to: intercept, from a server computer, a first file and a second file, wherein the first file defines a first object with a first identifier and the second file comprises a reference to the first object by the first identifier; generate a second identifier; replace the first identifier with the second identifier in the first file; add one or more first instructions to the first file; remove the reference to the first identifier from the second file; add, to the second file, one or more second instructions, which when executed cause the one or more first instructions to be executed and produce the second identifier.
摘要翻译: 各种实施例中的计算机系统和方法被配置为通过使用一个或多个多态协议的中间计算机来提高与服务器计算机交互的客户端计算机的安全性和效率。 在一个实施例中,计算机系统包括存储器; 耦合到存储器的处理器; 处理器逻辑,其耦合到所述处理器和所述存储器,并且被配置为:从服务器计算机截取第一文件和第二文件,其中所述第一文件定义具有第一标识符的第一对象,并且所述第二文件包括: 第一个对象由第一个标识符; 生成第二个标识符; 用第一个文件中的第二个标识符替换第一个标识符; 向第一个文件添加一个或多个第一条指令; 从第二个文件中删除对第一个标识符的引用; 向所述第二文件添加一个或多个第二指令,所述第二指令当被执行时导致所述一个或多个第一指令被执行并产生所述第二标识符。
-
公开(公告)号:US20180091492A1
公开(公告)日:2018-03-29
申请号:US15563509
申请日:2016-02-16
申请人: Shape Security, Inc.
发明人: ARIYA HIDAYAT , JUSTIN CALL
摘要: In an embodiment, a computer system configured to: generate a first challenge credential to be sent to a client computer; render one or more first dynamic-credential instructions, which when executed by the client computer, cause the client computer to generate a first dynamic credential that corresponds to the first challenge credential; modify a first set of instructions, which define one or more original operations, to produce a second set of instructions, wherein the second set of instructions include the first challenge credential and the one or more first dynamic-credential instructions, and which when executed by the client computer, cause the first challenge credential to be included in the one or more requests sent from the client computer; send the second set of instructions to a second computer.
-
公开(公告)号:US20170257385A1
公开(公告)日:2017-09-07
申请号:US15059080
申请日:2016-03-02
申请人: Shape Security, Inc.
发明人: JARROD S. OVERSON , ARIYA HIDAYAT , MICHAEL FICARRA , BEI ZHANG , JUSTIN CALL
CPC分类号: H04L63/1416 , H04L63/1433 , H04L63/1441 , H04L63/1466 , H04L63/168 , H04L67/02 , H04L67/2823 , H04L67/42
摘要: In an approach, an apparatus comprises: one or more processors; a processor logic coupled to the one or more processors and configured to: intercept, from a client computer, a request directed to a server computer that identifies a purported user agent executing on the client computer; send, to the server computer, the request from the client computer; intercept, from the server computer, one or more original instructions to be executed by the purported user agent of the client computer; determine one or more features supported by the purported user agent that are not utilized by the one or more original instructions; transform the one or more original instructions into one or more revised instructions which, when executed by the purported user agent, cause the purported user agent to utilize the one or more features; send, to the client computer, the one or more revised instructions.
-
4.发明申请公开(公告)号:US20160294796A1
公开(公告)日:2016-10-06
申请号:US14673669
申请日:2015-03-30
申请人: SHAPE SECURITY, INC.
发明人: ARIYA HIDAYAT , JUSTIN CALL
CPC分类号: H04L63/08 , G06F21/00 , G06F21/445 , H04L63/0807 , H04L67/02 , H04L67/42
摘要: Computer systems and methods in various embodiments are configured for improving the security and efficiency of server computers interacting through an intermediary computer with client computers that may be executing malicious and/or autonomous headless browsers or “bots”. In an embodiment, a computer system comprises: a memory; a processor coupled to the memory; a protocol client module that is coupled to the processor and the memory and configured to intercept a first set of instructions that define one or more original operations, which are configured to cause one or more requests to be sent to the server computer when executed by the client computer; a forward transformer module that is coupled to the processor and the memory and configured to: generate, at the intermediary computer system, a first challenge credential to be sent to the client computer; render one or more first dynamic-credential instructions, which when executed by the client computer, cause the client computer to generate a first dynamic credential that corresponds to the first challenge credential and to include the first dynamic credential in the one or more requests from the client computer; modify the first set of instructions to produce a second set of instructions, wherein the second set of instructions include the first challenge credential and the one or more first dynamic-credential instructions, and which when executed by the client computer, cause the first challenge credential to be included in the one or more requests sent from the client computer; send the second set of instructions to a second computer.
摘要翻译: 各种实施例中的计算机系统和方法被配置用于改善通过中间计算机与可能执行恶意和/或自主无头浏览器或“机器人”的客户端计算机交互的服务器计算机的安全性和效率。 在一个实施例中,计算机系统包括:存储器; 耦合到存储器的处理器; 协议客户机模块,其耦合到所述处理器和所述存储器并且被配置为拦截定义一个或多个原始操作的第一组指令,所述第一组指令被配置为当由所述原始操作执行时将一个或多个请求发送到所述服务器计算机 客户端计算机 正向变压器模块,其耦合到处理器和存储器并且被配置为:在中间计算机系统处生成要发送到客户端计算机的第一挑战凭证; 渲染一个或多个第一动态凭证指令,当客户端计算机执行时,该动态凭证指令使得客户端计算机生成对应于第一挑战证书的第一动态凭证,并且将第一动态凭证包括在来自 客户端计算机 修改第一组指令以产生第二组指令,其中第二组指令包括第一挑战凭证和一个或多个第一动态凭证指令,以及当由客户端计算机执行时,引起第一挑战凭证 被包括在从客户端计算机发送的一个或多个请求中; 将第二组指令发送到第二台计算机。
-
-
-
搜索结果
4 条记录 (耗时 0.013 秒)
