CN113645204A - Device for automatically providing false information for fraud website to prevent network fraud - Google Patents
Device for automatically providing false information for fraud website to prevent network fraud Download PDFInfo
- Publication number
- CN113645204A CN113645204A CN202110854878.1A CN202110854878A CN113645204A CN 113645204 A CN113645204 A CN 113645204A CN 202110854878 A CN202110854878 A CN 202110854878A CN 113645204 A CN113645204 A CN 113645204A
- Authority
- CN
- China
- Prior art keywords
- phishing
- information
- user
- website
- data server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012545 processing Methods 0.000 claims abstract description 13
- 230000002265 prevention Effects 0.000 claims description 21
- 230000004044 response Effects 0.000 claims description 15
- 238000000034 method Methods 0.000 claims description 9
- 230000001010 compromised effect Effects 0.000 claims description 5
- 230000006399 behavior Effects 0.000 abstract 1
- 230000008569 process Effects 0.000 description 4
- 238000004891 communication Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000012552 review Methods 0.000 description 2
- 241000282412 Homo Species 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 238000010801 machine learning Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Information Transfer Between Computers (AREA)
Abstract
An apparatus for automatically providing false information to a rogue web site to prevent network fraud, comprising: a data server, a network server and a client computer; the data server provides overall access, control and management of the database and control software; the data server is connected to the network server, and the user interacts with the request through the network server and obtains data; the data server includes a memory, the memory being operable to store operating system software for controlling the overall operation of the data processing apparatus, data server software for instructing the data server to execute computer-readable instructions; the functionality of the data server software is based on operations or decisions made automatically by rules encoded into the control logic, made manually by a user providing input into the system, and/or a combination of automated processing based on user input. The device can effectively prevent fraud and track corresponding fraud behaviors.
Description
Technical Field
The present invention relates generally to capturing individuals who maintain fraudulent web sites. More particularly, the present invention provides a means to detect fraudulent activity by automatically providing fraudulent or phishing websites with false information and tracking the use of the false information to locate the identity of a network attacker.
Background
A cyber attacker typically conducts phishing fraud by masquerading as a trusted entity to steal personal information, such as user name, password, address, credit card information, and ultimately money. Network attackers often entic victims by appearing to be e-mails from financial institutions, social networking websites, auction websites, online payment processors, or IT administrators. The victim may receive an email containing a false web link that points to what appears to be real. These false web pages typically require victim verification information by entering personal information in various information requests on the web site. Thus, the user may think that the information is requested by a legitimate source and the user may enter the requested information into a fake web page. A network attacker can then steal this information, for example, by fraudulently accessing a user's credit card and stealing money from a victim.
It is difficult for companies hosting accounts, such as financial institutions, to determine which users are targets of phishing fraud and whether a cyber attacker steals user information, because victims often provide personal information directly to the cyber attacker through a phishing website.
Disclosure of Invention
The present invention provides a method of catching phishers hosting phishing by providing false information to a phishing website or "bait" phishing website. To trick a phishing website, fictitious customer information may be entered into the phishing website. In this way, information can be tracked to know when and where a web attacker accessed a web site. By submitting a false set of credentials to a phishing website, an access log may be tracked for IP addresses attempting to log in using the false credentials. Centered on the IP address, it can be assumed that any valid customer login from the IP address is a compromised account, and these accounts can be marked as potentially compromised. In addition, network attackers can sometimes be located by tracking this IP address. For example, if a company website is logged in using fake customer information, the company can track the login by tracking the IP address. In this way, stolen accounts can be vetted to ensure that fraudulent activity does not occur.
An apparatus for automatically providing false information to a rogue web site to prevent network fraud, comprising: a processor; a memory for storing computer readable instructions for spoofing a phishing website.
In another exemplary embodiment, the computer instructions are configured to receive and store a user requested language, input the user requested language into a browser to view an internet resource linked to the user requested language, search for an information request for the internet resource, retrieve information from a database in response to the information request, input response information in the information request, and store and display the information request and the response information input into the information request. A predetermined delay occurs when response information is input into the information request.
In another exemplary embodiment, a method of spoofing a phishing website includes storing a plurality of user requested languages in a database and inputting each of the user requested languages into a browser to view internet resources linked to the user requested languages, scanning the internet resources to obtain information requests, obtaining response information to the information requests from the database, inputting the response information into the information requests, and storing the information requests and the response information input into the information requests for each of the user requested languages. The network resource may be a phishing website, and false information is input in the information request. The information request may relate to one of the following: username, password, name, full mailing address, telephone number, email address and related password, SSN, credit/debit card number, card expiration time, CVV, checking account and routing number, father and mother's name, and challenge questions directed to verifying customer identity. The type of information requested by the information request is identified using hypertext link language attributes. After the system inputs response information in the information request, the system searches for the hypertext link language attribute which identifies the information submitted through the Internet resources, and submits the information through the Internet resources. After submitting information through the internet resources, the system searches for additional information requests in the internet resources and inputs response information into the information requests in the database.
In another exemplary embodiment, once all of the responsive information is entered into the information request, the system enters a second user requested language into the browser to view a second internet resource linked to the second user requested language, searching the second internet resource for the information request; the information responding to the information request is acquired from the database, the response information is input into the information request, and the information request and the response information input into the information request are stored and displayed.
Drawings
FIG. 1 is an example of a network architecture and data processing device that may be used to implement the present invention.
Detailed Description
FIG. 1 shows one example of a network architecture and data processing device that may be used to implement one or more illustrative aspects of the invention. Various network nodes 103, 105, 107, and 109 may be interconnected via a Wide Area Network (WAN)101, such as the internet. Other networks may also or alternatively be used, including a private intranet, a corporate network, a LAN, a wireless network, a personal network (PAN), and so forth. Network 101 is for illustrative purposes and fewer or more computer networks may be substituted. A Local Area Network (LAN) may have one or more of any known LAN topology and may use one or more of a number of different protocols, such as ethernet. Devices 103, 105, 107, 109 and other devices (not shown) may be connected to one or more networks by twisted pair, coaxial cable, optical fiber, radio waves or other communication media.
The term "network" as used herein and depicted in the figures refers not only to systems in which remote storage devices are coupled together via one or more communication paths, but also refers to individual devices that may be coupled at times, to systems having storage capabilities. Thus, the term "network" includes not only "physical networks" but also "content networks" which are composed of data (attributable to a single entity) located in all physical networks.
The components may include a data server 103, a web server 105, and client computers 107, 109. The data server 103 provides overall access, control, and management of databases and control software for performing one or more illustrative aspects of the present invention as described herein. The data server 103 may be connected to a web server 105 through which the user interacts with the request and obtains data. Alternatively, the data server 103 itself may act as a web server and connect directly to the internet. The data server 103 may be connected to the network server 105 through a network 101 (e.g., the internet), through a direct or indirect connection, or through some other network. A user may interact with the data server 103 using a remote computer 107, 109, for example, using a web browser to connect to the data server 103 via one or more externally exposed websites hosted by the web server 105. The client computers 107, 109 may be used to access data stored therein with the data server 103, or may be used for other purposes. For example, a user may access web server 105 from client device 107 using an Internet browser, as is known in the art, or by executing over a computer network (e.g., as the Internet).
The server and application may be combined on the same physical machine and maintain separate virtual or logical addresses, or may reside on separate physical machines. Fig. 1 illustrates only one example of a network architecture that may be used, and those skilled in the art will appreciate that the particular network architecture and data processing devices used may vary and be secondary to the functionality they provide, e.g., the services provided by network server 105 and data server 103 may be combined on a single server, as described further herein.
Each component 103, 105, 107, 109 may be any type of known computer, server, or data processing device. Data server 103 may include, for example, a processor 111 that controls the overall operation of rate server 103. The data server 103 may also include RAM 113, ROM 115, network interface 117, input/output interface 119 (e.g., keyboard, mouse, display, or printer), and memory 121. The I/O119 may include various interface units and drivers for reading, writing, displaying, and/or printing data or files. The memory 121 may also store operating system software 123 for controlling the overall operation of the data processing device 103, control logic 125 for instructing the data server 103 to perform aspects of the present invention as described herein, and other functions that provide assistance, support, and/or may not be used in conjunction with aspects of the present invention. The control logic may also be referred to herein as data server software 125. The functionality of the data server software may refer to a combination of operations or decisions that are made automatically based on rules encoded into the control logic, made manually by a user providing input into the system, and/or automated processing based on user input (e.g., queries or data updates).
One or more aspects of the invention may be embodied in computer-usable or readable data and/or computer-executable instructions, such as in one or more program modules, executed by one or more computers or other devices as described herein. Generally, program modules include routines, programs, objects, components, or data structures. When executed by a processor in a computer or other device, performs particular tasks or implements particular abstract data types. A module may be written in a source code programming language that is then compiled for execution, or may be written in a scripting language such as, but not limited to, hypertext link language or extensible markup language. The computer executable instructions may be stored on a computer readable medium such as a hard disk, optical disk, removable storage media, solid state memory, or RAM. Those skilled in the art will appreciate that the functionality of the program modules may be combined or distributed as desired in various embodiments. Further, the functionality may be embodied in whole or in part in firmware or hardware equivalents such as integrated circuits, Field Programmable Gate Arrays (FPGAs), and the like. Particular data structures may be used to more effectively implement one or more aspects of the present invention, and such data structures are contemplated to be within the scope of computer-executable instructions and computer-usable data described herein.
A system and method for automatically providing false information to or enticing phishing websites will now be described. The system may be referred to as a network fraud prevention system. The phishing prevention system is configured to enter false customer information into a phishing website and track usage of the false information to catch up to a phishing perpetrator. A phishing prevention system obtains a predetermined list of phishing user requested languages and spoofs each user requested language with false information. The result of the anti-phishing system is then used to track the false information by looking at the access log of a particular website, and then locate a cyber attacker who accesses the website by tracking the IP address of the website using the false information.
First, a list of languages required by the phishing user is obtained. These are usually slight variations of corporate websites in which only a few letters or characters have been altered to entice the victim to believe that the website is a legitimate website, or a legitimate website that has been compromised and modified to be displayed as a legitimate corporate website. Current systems are capable of locating and generating phishing website lists. For example, the phishing user requested language may be retrieved from the provider in real time and then may be stored in a database for use by the phishing prevention system in automatically spoofing the phishing website.
The list of phishing websites may store one user-requested language at a time in the database. The phishing prevention system then opens one user-requested language at a time, which automatically populates the phishing website with the information requested by the user. For example, a system for preventing network fraud may retrieve one user-requested language at a time and then launch in a browser. The phishing prevention system can open the browser, launch the phishing website, and populate fields of the request with false information, such as name, street address, or username, password. The phishing prevention system can search the hypertext link language attribute or source code attribute of each field for each portion of the page to identify a particular field with a particular type of information (e.g., name, username, password, address, phone number). By looking at the attributes of each field, a network fraud system is prevented from knowing the type of data to be entered into each field.
In particular, using this approach, a network fraud prevention system will look at the "form", "name" and "address" attributes of each input element of a web page and determine which data should be entered in each field of the web site. The decision is made by combining these three attributes and applying them to the cascading rule set. The first level of determination is based on a type attribute, which may be, for example, "text," password, "" email, "or" check box. A single rule will result in the selection of all check boxes on the web site. For the other three types of input type attributes, 'text', 'password', 'email', rules are applied for the name and id attribute values to partially or fully match these attributes. A particular matching rule requires the type of information to be entered in this field. For example, if the name or id attribute contains the string "pass," this field will populate the account password in the database.
The second element found on a phishing page is the "select" element. These are drop-down boxes for selecting day/month/year or challenge questions from a specified list. Similar rules are applied to select the appropriate selection.
The system for preventing phishing can be further enhanced by incorporating machine learning such that decisions regarding data entered into a field are based on database queries, with the most likely correct response in all previous attempts to answer the same or similar fields. The anti-phishing system will review the website until data is entered into each field. The phishing prevention system is further configured to search for a "submit" button on the phishing website and click the submit button. The phishing prevention system would then scan to see if there are other fields to fill in to the next page, fill in these additional fields, and search the submit button on these pages again until all the requested information fills in to the phishing site.
The data entered into each field is either retrieved from a bait identification previously stored in the database or generated on the fly, depending on the information desired. If a street address is requested, the street address associated with the bait identification in use will be used. However, if the name of the parent is required to be provided, a name is randomly selected from the name pool. Likewise, if a credit card number is required to be provided, the credit card number is generated on the fly, which is sufficient to fool the underlying algorithm or check for invalid card numbers.
Ultimately the anti-phishing system will determine that there are no more fields to fill in and will determine that it has completed filling in the information requested on the phishing website. Typically, phishing websites are configured to guide users back to the actual company's website, so that the phishing website appears more legitimate to the user. The phishing prevention system may also detect this to determine that it has filled in all information on the phishing website. The phishing prevention system is configured to save each decision it makes and each piece of information it accesses the phishing website. All of this information can be saved to a centralized database for later review and use in tracking criminal logins, as described below.
To counteract any attempt to detect a system that populates a phishing site, care needs to be taken to have the system interact with the phishing site in the same way as humans. A pause of 5 to 20 seconds was observed on each page to simulate the way a human reads the web page content. Countermeasures are also taken in entering text in each field, with each character entered at a random rate of between 75 and 225 milliseconds to simulate human typing speed.
Spurious information input by a bait program into a phishing prevention system is tracked by determining when to log into a website using the spurious information. The log-ins can then be tracked to determine when and where information was entered into the website. In this way, other logins from the same location to valid customer accounts may also be tracked and it may be determined that these valid accounts have now been compromised.
The device automatically lures the process of the phishing website. First, a series of phishing user requested languages are received and stored in a database. Next, the phishing prevention system obtains the first user requested language in the database and enters the user requested language into the browser to view the phishing website linked to the user requested language. And then scan the phishing website to obtain the information request. A particular information request is identified based on the requested information type, preventing a network fraud system from obtaining the identified information type from the database. Information from the database is then entered into the information request. This continues until all information is entered into the first page of the phishing website. The fraud prevention system then finds the submit button and proceeds to the next page. The phishing prevention system is then prevented from scanning the next page and running the process again until all the information fills in the next page. This process continues until all information fills all pages of the phishing website, or until the phishing website will prevent the phishing system from being redirected to a legitimate corporate website. A network fraud prevention system stores specific information requests and response information entered into each information request. The network fraud prevention system then continues to process each user requested language stored in the database.
The network fraud prevention system may be configured to run multiple programs simultaneously. In this way, multiple applications can run and connect to the same central database. As multiple programs are run, each program will simultaneously input information into a different phishing website. Thus, for n times, the work will be done n times. By developing an automated system of bait phishing websites and storing the actions of the automated bait system, accurate data types can be retrieved, such as data requested by each phishing website, precise pieces of data submitted by a phishing prevention system, required provisioning of data, and the exact time at which the phishing website is being tricked. In addition, indicators can be compiled such as how long the phishing site should be removed from the internet, and if the bait is valid, how effective the bait waits immediately after detecting the site and before the bait site, can be compiled for completion using a rigorous procedure.
Claims (11)
1. An apparatus for automatically providing false information to a rogue web site to prevent network fraud, comprising: a data server, a network server and a client computer; the data server provides overall access, control and management of the database and control software; the data server is connected to the network server, and the user interacts with the request through the network server and obtains data;
the method is characterized in that: the data server includes a memory, the memory being operable to store operating system software for controlling the overall operation of the data processing apparatus, data server software for instructing the data server to execute computer-readable instructions; the functionality of the data server software is based on operations or decisions made automatically by rules encoded into the control logic, made manually by a user providing input into the system, and/or a combination of automated processing based on user input; the computer readable instructions, when executed, cause a client computer to perform the steps of:
receiving and storing a user requested language;
inputting a user requested language in a browser to view an internet resource linked to the user requested language;
searching information requests in internet resources;
responding to an information request from a database to acquire information;
inputting response information in the information request; and
the information request displayed by the internet resource and the response information input into the information request are stored and maintained for the user to access.
2. The apparatus for automatically providing false information to a rogue web site to prevent cyber-fraud as recited in claim 1, wherein: the memory may also store a database that stores user requested languages.
3. The apparatus for automatically providing false information to a rogue web site to prevent phishing as recited in claim 2, wherein: the user requested language is stored in the database using a list of phishing websites.
4. The apparatus for automatically providing false information to a rogue web site to prevent phishing as recited in claim 3, wherein: the device opens one user-requested language at a time and automatically populates the phishing website with the information requested by the user.
5. The apparatus for automatically providing false information to a rogue web site to prevent phishing according to claim 4, wherein: the device retrieves one user-requested language at a time and then launches in the browser.
6. The apparatus for automatically providing false information to a rogue web site to prevent phishing as recited in claim 5, wherein: the device opens the browser, starts the phishing website, and fills in the fields of the request with dummy information.
7. The apparatus for automatically providing false information to a rogue web site to prevent phishing as recited in claim 6, wherein: starting a phishing website to obtain a language list required by a phishing user; the phishing user requires that the language list be a slight variation of the company's website in which only a few letters or characters are altered to entice the victim to believe that the website is a legitimate website, or a legitimate website that has been compromised and modified to appear as a legitimate company's website.
8. The apparatus for automatically providing false information to a rogue web site to prevent phishing as recited in claim 7, wherein: the device is capable of locating and generating a list of phishing websites.
9. The apparatus for automatically providing false information to a rogue web site to prevent phishing as recited in claim 8, wherein: the apparatus retrieves the phishing user requested language in real time from the provider, which can then be stored in a database for use by the phishing prevention system in automatically spoofing the phishing website.
10. The apparatus for automatically providing false information to a rogue web site to prevent phishing as recited in claim 6, wherein: the fields are name, street address or username, password.
11. The apparatus for automatically providing false information to a rogue web site to prevent phishing as recited in claim 7, wherein: the apparatus searches for a hypertext link language attribute or a source code attribute of each field for each portion of the page to identify a particular field having a particular type of information; the type of data to be entered into each field is known by looking at the properties of each field.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110854878.1A CN113645204A (en) | 2021-07-27 | 2021-07-27 | Device for automatically providing false information for fraud website to prevent network fraud |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110854878.1A CN113645204A (en) | 2021-07-27 | 2021-07-27 | Device for automatically providing false information for fraud website to prevent network fraud |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113645204A true CN113645204A (en) | 2021-11-12 |
Family
ID=78418751
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110854878.1A Pending CN113645204A (en) | 2021-07-27 | 2021-07-27 | Device for automatically providing false information for fraud website to prevent network fraud |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113645204A (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090144308A1 (en) * | 2007-11-29 | 2009-06-04 | Bank Of America Corporation | Phishing redirect for consumer education: fraud detection |
| US20140041024A1 (en) * | 2012-08-01 | 2014-02-06 | Bank Of America Corporation | Method and Apparatus for Baiting Phishing Websites |
| US8695097B1 (en) * | 2007-08-28 | 2014-04-08 | Wells Fargo Bank, N.A. | System and method for detection and prevention of computer fraud |
| US20180007066A1 (en) * | 2016-06-30 | 2018-01-04 | Vade Retro Technology Inc. | Detection of phishing dropboxes |
| CN111201528A (en) * | 2017-09-22 | 2020-05-26 | 摩根大通国家银行 | System and method for integrating network fraud intelligence and payment risk decision |
-
2021
- 2021-07-27 CN CN202110854878.1A patent/CN113645204A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8695097B1 (en) * | 2007-08-28 | 2014-04-08 | Wells Fargo Bank, N.A. | System and method for detection and prevention of computer fraud |
| US20090144308A1 (en) * | 2007-11-29 | 2009-06-04 | Bank Of America Corporation | Phishing redirect for consumer education: fraud detection |
| US20140041024A1 (en) * | 2012-08-01 | 2014-02-06 | Bank Of America Corporation | Method and Apparatus for Baiting Phishing Websites |
| US20180007066A1 (en) * | 2016-06-30 | 2018-01-04 | Vade Retro Technology Inc. | Detection of phishing dropboxes |
| CN111201528A (en) * | 2017-09-22 | 2020-05-26 | 摩根大通国家银行 | System and method for integrating network fraud intelligence and payment risk decision |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9027126B2 (en) | Method and apparatus for baiting phishing websites | |
| US11245718B2 (en) | Method and system for tracking fraudulent activity | |
| US9954841B2 (en) | Distinguish valid users from bots, OCRs and third party solvers when presenting CAPTCHA | |
| US11722520B2 (en) | System and method for detecting phishing events | |
| US10496994B2 (en) | Enhanced authentication with dark web analytics | |
| USRE48382E1 (en) | Security for WAP servers | |
| US10574697B1 (en) | Providing a honeypot environment in response to incorrect credentials | |
| US20100269168A1 (en) | System And Method For Developing A Risk Profile For An Internet Service | |
| US20220180368A1 (en) | Risk Detection, Assessment, And Mitigation Of Digital Third-Party Fraud | |
| US20090187442A1 (en) | Feedback augmented object reputation service | |
| US9934310B2 (en) | Determining repeat website users via browser uniqueness tracking | |
| US20230040895A1 (en) | System and method for developing a risk profile for an internet service | |
| US9866587B2 (en) | Identifying suspicious activity in a load test | |
| Kaur et al. | Browser fingerprinting as user tracking technology | |
| CN108322427A (en) | A kind of method and apparatus carrying out air control to access request | |
| CN111385313B (en) | Method and system for verifying object request validity | |
| CN113645204A (en) | Device for automatically providing false information for fraud website to prevent network fraud | |
| CN113472768A (en) | Method for preventing network fraud | |
| Rakesh et al. | Detection of URL based attacks using reduced feature set and modified C4. 5 algorithm | |
| US20140040227A1 (en) | Method and Apparatus for Locating Phishing Kits | |
| CN112751844B (en) | Portal authentication method and device and electronic equipment | |
| US12034760B2 (en) | Method and system for tracking fraudulent activity | |
| de Sousa | XS-Leaks Crutch: Assisted Detection & Exploitation of Cross-Site Leaks | |
| CA3224095A1 (en) | Security risk remediation tool |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20211112 |
|
| WD01 | Invention patent application deemed withdrawn after publication |