Scripting attack detection and mitigation using content security policy violation reports

Scripting attack detection and mitigation using content security policy violation reports

Certain aspects of the present disclosure provide techniques for Scripting attack detection and mitigation. A method generally includes receiving a first report indicating a first violation for a first security policy applied to a first web application; identifying a first plurality of features asso...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Bhalode, Swapnil, Gallagher, Gabe, Puri, Hemant, Agrawal, Anant, Bhatkar, Sandeep, Lee, Erick, Yawalkar, Siddhesh, Shankar, Sangam
Format: Patent
Sprache:eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page
container_issue
container_start_page
container_title
container_volume
creator Bhalode, Swapnil
Gallagher, Gabe
Puri, Hemant
Agrawal, Anant
Bhatkar, Sandeep
Lee, Erick
Yawalkar, Siddhesh
Shankar, Sangam
description Certain aspects of the present disclosure provide techniques for Scripting attack detection and mitigation. A method generally includes receiving a first report indicating a first violation for a first security policy applied to a first web application; identifying a first plurality of features associated with the first violation; classifying the first violation as a first JavaScript attack based on the first plurality of features; and taking action to mitigate the first JavaScript attack on the first web application.
format Patent
fullrecord <record><control><sourceid>epo_EVB</sourceid><recordid>TN_cdi_epo_espacenet_US11997118B1</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>US11997118B1</sourcerecordid><originalsourceid>FETCH-epo_espacenet_US11997118B13</originalsourceid><addsrcrecordid>eNqNyj0OwjAMhuEsDAi4gzkAQ8QAXUEg9sLAVFmuqawGJ0pcpN6e3wMwfXr1PVN3rSlLMtEO0Ayph5aNySQqoLZwF5MOPzmUt6KoxmpQmIYsNkKKQWiEh8TwdZlTzFbmbnLDUHjx25lbHg_n_Wn1uhsuCYmVrbnU3lfVxvvtzq__MU97tjwb</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>Scripting attack detection and mitigation using content security policy violation reports</title><source>esp@cenet</source><creator>Bhalode, Swapnil ; Gallagher, Gabe ; Puri, Hemant ; Agrawal, Anant ; Bhatkar, Sandeep ; Lee, Erick ; Yawalkar, Siddhesh ; Shankar, Sangam</creator><creatorcontrib>Bhalode, Swapnil ; Gallagher, Gabe ; Puri, Hemant ; Agrawal, Anant ; Bhatkar, Sandeep ; Lee, Erick ; Yawalkar, Siddhesh ; Shankar, Sangam</creatorcontrib><description>Certain aspects of the present disclosure provide techniques for Scripting attack detection and mitigation. A method generally includes receiving a first report indicating a first violation for a first security policy applied to a first web application; identifying a first plurality of features associated with the first violation; classifying the first violation as a first JavaScript attack based on the first plurality of features; and taking action to mitigate the first JavaScript attack on the first web application.</description><language>eng</language><subject>ELECTRIC COMMUNICATION TECHNIQUE ; ELECTRICITY ; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><creationdate>2024</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&amp;date=20240528&amp;DB=EPODOC&amp;CC=US&amp;NR=11997118B1$$EHTML$$P50$$Gepo$$Hfree_for_read</linktohtml><link.rule.ids>230,308,780,885,25564,76547</link.rule.ids><linktorsrc>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&amp;date=20240528&amp;DB=EPODOC&amp;CC=US&amp;NR=11997118B1$$EView_record_in_European_Patent_Office$$FView_record_in_$$GEuropean_Patent_Office$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>Bhalode, Swapnil</creatorcontrib><creatorcontrib>Gallagher, Gabe</creatorcontrib><creatorcontrib>Puri, Hemant</creatorcontrib><creatorcontrib>Agrawal, Anant</creatorcontrib><creatorcontrib>Bhatkar, Sandeep</creatorcontrib><creatorcontrib>Lee, Erick</creatorcontrib><creatorcontrib>Yawalkar, Siddhesh</creatorcontrib><creatorcontrib>Shankar, Sangam</creatorcontrib><title>Scripting attack detection and mitigation using content security policy violation reports</title><description>Certain aspects of the present disclosure provide techniques for Scripting attack detection and mitigation. A method generally includes receiving a first report indicating a first violation for a first security policy applied to a first web application; identifying a first plurality of features associated with the first violation; classifying the first violation as a first JavaScript attack based on the first plurality of features; and taking action to mitigate the first JavaScript attack on the first web application.</description><subject>ELECTRIC COMMUNICATION TECHNIQUE</subject><subject>ELECTRICITY</subject><subject>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2024</creationdate><recordtype>patent</recordtype><sourceid>EVB</sourceid><recordid>eNqNyj0OwjAMhuEsDAi4gzkAQ8QAXUEg9sLAVFmuqawGJ0pcpN6e3wMwfXr1PVN3rSlLMtEO0Ayph5aNySQqoLZwF5MOPzmUt6KoxmpQmIYsNkKKQWiEh8TwdZlTzFbmbnLDUHjx25lbHg_n_Wn1uhsuCYmVrbnU3lfVxvvtzq__MU97tjwb</recordid><startdate>20240528</startdate><enddate>20240528</enddate><creator>Bhalode, Swapnil</creator><creator>Gallagher, Gabe</creator><creator>Puri, Hemant</creator><creator>Agrawal, Anant</creator><creator>Bhatkar, Sandeep</creator><creator>Lee, Erick</creator><creator>Yawalkar, Siddhesh</creator><creator>Shankar, Sangam</creator><scope>EVB</scope></search><sort><creationdate>20240528</creationdate><title>Scripting attack detection and mitigation using content security policy violation reports</title><author>Bhalode, Swapnil ; Gallagher, Gabe ; Puri, Hemant ; Agrawal, Anant ; Bhatkar, Sandeep ; Lee, Erick ; Yawalkar, Siddhesh ; Shankar, Sangam</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-epo_espacenet_US11997118B13</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>eng</language><creationdate>2024</creationdate><topic>ELECTRIC COMMUNICATION TECHNIQUE</topic><topic>ELECTRICITY</topic><topic>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</topic><toplevel>online_resources</toplevel><creatorcontrib>Bhalode, Swapnil</creatorcontrib><creatorcontrib>Gallagher, Gabe</creatorcontrib><creatorcontrib>Puri, Hemant</creatorcontrib><creatorcontrib>Agrawal, Anant</creatorcontrib><creatorcontrib>Bhatkar, Sandeep</creatorcontrib><creatorcontrib>Lee, Erick</creatorcontrib><creatorcontrib>Yawalkar, Siddhesh</creatorcontrib><creatorcontrib>Shankar, Sangam</creatorcontrib><collection>esp@cenet</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Bhalode, Swapnil</au><au>Gallagher, Gabe</au><au>Puri, Hemant</au><au>Agrawal, Anant</au><au>Bhatkar, Sandeep</au><au>Lee, Erick</au><au>Yawalkar, Siddhesh</au><au>Shankar, Sangam</au><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>Scripting attack detection and mitigation using content security policy violation reports</title><date>2024-05-28</date><risdate>2024</risdate><abstract>Certain aspects of the present disclosure provide techniques for Scripting attack detection and mitigation. A method generally includes receiving a first report indicating a first violation for a first security policy applied to a first web application; identifying a first plurality of features associated with the first violation; classifying the first violation as a first JavaScript attack based on the first plurality of features; and taking action to mitigate the first JavaScript attack on the first web application.</abstract><oa>free_for_read</oa></addata></record>
fulltext fulltext_linktorsrc
identifier
ispartof
issn
language eng
recordid cdi_epo_espacenet_US11997118B1
source esp@cenet
subjects ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
title Scripting attack detection and mitigation using content security policy violation reports
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-27T16%3A42%3A46IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-epo_EVB&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=Bhalode,%20Swapnil&rft.date=2024-05-28&rft_id=info:doi/&rft_dat=%3Cepo_EVB%3EUS11997118B1%3C/epo_EVB%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true