US2023080601A1PendingUtilityA1

Webpage integrity monitoring

64
Assignee: SECURITYMETRICS INCPriority: May 18, 2018Filed: Oct 31, 2022Published: Mar 16, 2023
Est. expiryMay 18, 2038(~11.8 yrs left)· nominal 20-yr term from priority
Inventors:Aaron Willis
H04L 63/1483G06F 21/51G06F 21/554H04L 67/02G06F 21/64H04L 63/123H04L 9/3236H04L 63/12G06F 2221/2119H04L 9/321
64
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A method to monitor integrity of webpages. The method includes obtaining rendered code generated using source code of a webpage from a server that hosts the webpage and using remotely called code referenced in the source code, the rendered code used to display the webpage. The method also includes determining a difference between the rendered code and previous rendered code of the webpage. The previous rendered code may be generated before obtaining the rendered code. The method further includes analyzing the difference between the rendered code and the previous rendered code to determine a change in integrity of security of the webpage and in response to a change in the integrity of security of the webpage, generating an alert regarding the integrity of security of the webpage that may indicate the integrity of the webpage may have changed.

Claims

exact text as granted — not AI-modified
1 . A method to monitor integrity of webpages, the method comprising:
 obtaining rendered code generated using source code of a webpage, the rendered code being finalized instructions to layout presentation of the webpage and the rendered code including elements not represented in the source code without parsing and/or executing the source code;   analyzing the rendered code to determine a code portion of the rendered code configured to establish a network connection and transmit financial information or personal information over the network connection;   determining a change in integrity of security of the webpage in response to the financial information or the personal information being transmitted over the network connection established by the code portion of the rendered code; and   in response to a change in the integrity of security of the webpage, generating an alert regarding the integrity of security of the webpage.   
     
     
         2 . The method of  claim 1 , wherein the determining a change in integrity of security of the webpage is based on both the code portion being configured to establish financial information or personal information and execution of the code portion occurring when establishment of a network connection is not expected during execution of the rendered code. 
     
     
         3 . The method of  claim 1 , wherein the code portion is associated with malware or not included in the source code of the webpage. 
     
     
         4 . The method of  claim 1 , wherein the code portion is available in the rendered code but is not available in the source code. 
     
     
         5 . The method of  claim 1 , wherein the change in the integrity of security of the webpage indicates an altering of the webpage. 
     
     
         6 . The method of  claim 1 , further comprising obtaining, from a webserver, the source code of the webpage, wherein obtaining the rendered code includes generating the rendered code using the source code. 
     
     
         7 . The method of  claim 6 , wherein before the source code of the webpage is obtained, the integrity of security of the source code of the webpage is evaluated at the webserver that hosts the source code of the webpage. 
     
     
         8 . The method of  claim 1 , wherein the source code of the webpage includes a reference to remotely called code, the rendered code being generated based on the source code and the remotely called code and the rendered code including elements not represented in the remotely called code and the source code without parsing and/or executing the remotely called code and the source code. 
     
     
         9 . The method of  claim 1 , wherein the method is performed in response to execution of one or more instructions stored on at least one non-transitory computer-readable media. 
     
     
         10 . A system comprising:
 at least one non-transitory computer-readable media configured to store one or more instructions; and   at least one processor coupled to the at least one non-transitory computer-readable media, the at least one processor configured to execute the instructions to cause or direct the system to perform operations, the operations comprising:
 obtain rendered code generated using source code of a webpage, the rendered code being finalized instructions to layout presentation of the webpage and the rendered code including elements not represented in the source code without parsing and/or executing the source code; 
 analyze the rendered code to determine a code portion of the rendered code configured to establish a network connection and transmit financial information or personal information over the network connection; 
 determine a change in integrity of security of the webpage in response to the financial information or the personal information being transmitted over the network connection established by the code portion of the rendered code; and 
 in response to a change in the integrity of security of the webpage, generate an alert regarding the integrity of security of the webpage. 
   
     
     
         11 . The system of  claim 10 , wherein determining a change in integrity of security of the webpage is based on both the code portion being configured to establish financial information or personal information and execution of the code portion occurring when establishment of a network connection is not expected during execution of the rendered code. 
     
     
         12 . The system of  claim 10 , wherein the code portion is associated with malware or not included in the source code of the webpage. 
     
     
         13 . The system of  claim 10 , wherein the code portion is available in the rendered code but is not available in the source code. 
     
     
         14 . The system of  claim 10 , wherein the change in the integrity of security of the webpage indicates an altering of the webpage. 
     
     
         15 . The system of  claim 10 , wherein the operations further comprise obtain, from a webserver, the source code of the webpage, wherein obtaining the rendered code includes generating the rendered code using the source code. 
     
     
         16 . The system of  claim 10 , wherein the source code of the webpage includes a reference to remotely called code, the rendered code being generated based on the source code and the remotely called code and the rendered code including elements not represented in the remotely called code and the source code without parsing and/or executing the remotely called code and the source code. 
     
     
         17 . A method to monitor integrity of webpages, the method comprising:
 obtaining rendered code generated using source code of a webpage, the rendered code including a code portion configured to establish a network connection and transmit financial information or personal information over the network connection and the rendered code being finalized instructions to layout presentation of the webpage and the rendered code including elements not represented in the source code without parsing and/or executing the source code;   determining a change in integrity of security of the webpage in response to the code portion being part of the rendered code and not part of the source code; and   in response to a change in the integrity of security of the webpage, generating an alert regarding the integrity of security of the webpage.   
     
     
         18 . The method of  claim 17 , further comprising obtaining, from a webserver, the source code of the webpage, wherein obtaining the rendered code includes generating the rendered code using the source code. 
     
     
         19 . The method of  claim 17 , the source code of the webpage includes a reference to remotely called code, the rendered code being generated based on the source code and the remotely called code and the rendered code including elements not represented in the remotely called code and the source code without parsing and/or executing the remotely called code and the source code. 
     
     
         20 . The method of  claim 17 , wherein the method is performed in response to execution of one or more instructions stored on at least one non-transitory computer-readable media.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.