WO2007007988A2 - Procede anti-filoutage - Google Patents
Procede anti-filoutage Download PDFInfo
- Publication number
- WO2007007988A2 WO2007007988A2 PCT/KR2006/002662 KR2006002662W WO2007007988A2 WO 2007007988 A2 WO2007007988 A2 WO 2007007988A2 KR 2006002662 W KR2006002662 W KR 2006002662W WO 2007007988 A2 WO2007007988 A2 WO 2007007988A2
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- site
- phishing
- user
- whitelist
- registered
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 59
- 238000012544 monitoring process Methods 0.000 claims description 3
- 238000004891 communication Methods 0.000 claims description 2
- 230000008569 process Effects 0.000 description 9
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 description 6
- 230000009471 action Effects 0.000 description 5
- 230000000694 effects Effects 0.000 description 4
- 231100001261 hazardous Toxicity 0.000 description 3
- 230000004913 activation Effects 0.000 description 2
- 230000003466 anti-cipated effect Effects 0.000 description 2
- 230000008901 benefit Effects 0.000 description 2
- 239000000284 extract Substances 0.000 description 2
- 230000007935 neutral effect Effects 0.000 description 2
- 150000001875 compounds Chemical class 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000011017 operating method Methods 0.000 description 1
- 239000003973 paint Substances 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/168—Implementing security features at a particular protocol layer above the transport layer
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2119—Authenticating web pages, e.g. with suspicious links
Definitions
- the present invention relates to a method of preventing phishing.
- Phishing which is a compound word made up of "private data” and "fishing” refers to a new type of swindling, in which an e-mail pretending to be an operator of a popular site is sent in order to induce a user to access a fake site and input his or her personal information, and extract important personal information such as a customer's account number or a password.
- anti-phishing is used as a terminology meaning a technique for preventing phishing.
- US Laid-open Patent No. 2006-021031 can be taken as an example.
- a spoof site list and a trusted site list i.e., a blacklist and a whitelist
- the uniform resource locator (URL) of a downloaded page is compared with the URLs in the lists, thereby indicating a warning or security directions to a user.
- the whitelist it is hazardous in that if a site is listed in the whitelist, the site is marked as a "safe site", so that even when a site listed in the whitelist pretends to be a popular site, it is still marked as a "safe site”, and thus this method supports attackers on the contrary.
- a phishing technique that is most widely known presently is using a fake e-mail disguising as an e-mail from an operator of a popular site, in which the e-mail contains an input form for inputting personal information or a link address plausible a user to a fake site.
- FIG. 1 is a view showing an example of a phishing attack of a new type.
- a Trojan horse is installed first in a victim's computer.
- the victim turns on the computer, and when the procedures of confirming a variety of on-line updates are processed, a fake on-line update window or a fake licensed version purchase guide window is floated on the screen.
- a user having a great interest in the corresponding program inputs his or her personal information without any doubt into the corresponding fake window as the attacker leads.
- FIG. 2 is a view showing an example of a phishing attack of another type.
- the present invention has been made in order to solve the above problems occurring in the prior art, and it is an object of the invention to provide a method of preventing phishing, in which an optimal warning message against any type of the aforementioned phishing attacks can be perfectly provided to users.
- Another object of the invention is to provide an anti-phishing program, in which a self-security function is provided so that the anti-phishing program itself can operate normally against a phishing attack.
- Phishing is an occasion, in which contents displayed on the screen and the address of a site are not real ones. Therefore, if the contents and address of a site are correctly understood, phishing can be prevented 100 %. However, the truth is not like that in reality.
- the computer determines falsehood of an address, and the human determines whether the screen shows a real site. Then, the result of checking the address performed by the computer and the result of examining the screen performed by the human are put together so as to correctly determine whether the site displayed on the screen is a phishing site, and this will be the most correct method.
- a method originated from such an idea is a whitelist based self-determination method, which is applied to the present invention.
- the whitelist based self- determination method will be described in detail.
- FIG. 3 is a view showing a basic principle of the present invention.
- Addresses of popular sites that become a target for phishing attacks are constructed as a database in association with known names of corresponding sites.
- the addresses are preferably domain names.
- a phishing client program is installed in a user's computer and monitors whether a key input is generated from the user's computer. If a key input is detected 100, the program extracts a real address of the web page to which the user has connected 110, and confirms whether the address exists in the database (the whitelist) 120.
- the address exists in the whitelist the name of a corresponding site is displayed on the user's screen 130, and the user self-determines whether the site is a normal site or a phishing site according to whether the genuine site name of the real connection address corresponds to the site that the user views on the screen with his or her own eyes. If the site name, the real connection address of which is registered in the whitelist, corresponds to the site that the user views on the screen with his or her own eyes, the site is a normal site 140, and contrarily, if the site name does not corresponds to the site that the user views, the site is a phishing site 150.
- Unregistered address is displayed on the user's screen 160, which makes the user suspect the site, thinking that 'If it were a popular site, the address should have been registered.', thereby helping the user not to be deceived by phishing.
- an interface that allows a user, who desires to confirm directly whether the site shown on the screen is registered in the whitelist, to use a query service on the spot 170. That is, the interface provides a guide message, an input form, and a query button, the guide message indicating that "Unregistered address.
- the inputted site name actually does not exist in the whitelist, it can be assumed that the site is a simple unpopular site or an attacker is phishing an unpopular site. Therefore, a guide message indicating that "The inputted site is not joined to an anti-phishing service. An operator's e-mail guiding to input personal information can be a phishing attack. Pay attention.” is displayed 190, thereby calling user's attention.
- the present invention is extremely effective in that all kinds of phishing attacks introduced above can be perfectly prevented, which has never been before by any technique.
- FIG. 1 is a view showing an example of a phishing attack of a new type
- FIG. 2 is a view showing an example of a phishing attack of another type
- FIG. 3 is a view showing a basic principle of the present invention.
- FIG. 4 is a flowchart illustrating the present invention
- FIGS. 5 to 11 are views showing examples of speech bubble indications
- FIG. 12 is a view showing another example of speech bubble indications
- FIG. 13 is a view showing another embodiment of the present invention.
- FIG. 14 is a view showing another embodiment of the present invention.
- An anti-phishing server is provided with a DB where a list of URLs of registered sites and a list of registered programs are stored.
- An anti-phishing program that communicates with the anti-phishing server and guides users to anti-phishing is a client program which is executed in a user's computer.
- the anti-phishing program installed and executed in the user's computer continuously monitors whether the user performs a keyboard input.
- a keyboard input event for example, the mouse is moved into a textbox and the input cursor is activated by pressing a mouse button
- a keyboard input event manual web pages set the focus in a textbox or the like as a default
- the program is a web browser
- whether the URL of the current web page is the URL of a registered site or the URL of an unregistered site is determined by querying the DB and displayed in the form of a speech bubble in the neighborhood of the user's cursor or of a point where the mouse is clicked. In this manner, correct information is provided so that the user can confirm with his or her own eyes whether the current web page is the very site that the user knows when the user is to input personal information.
- the window that has detected the keyboard input related event is an application program
- the name of the program is displayed in the form of a speech bubble in the neighborhood of the cursor or of a point where the mouse is clicked.
- the user can be safely protected from an application program window that disguises as a popup window subordinated to a popular site and steals personal information.
- the window is floated by a phishing application program, in stead of a guide message indicating that the window is a web page of a popular site into which the user desires to input data, a warning message indicating that "Unknown application program. Beware of phishing.” is displayed, and the user reconfirms the web page.
- Attribute information of a corresponding program can be obtained through window hooking. Through the attribute information, control types, the title of a corresponding window program, or the like can be identified. In addition, information on mouse actions, focus settings, cursor settings, child window openings, or the like of a corresponding program can be obtained through window message hooking.
- FIG. 4 is a flowchart illustrating the present invention.
- FIGS. 5 to 11 are views showing examples of speech bubble indications.
- the anti-phishing server is provided with a DB where a list of URLs of registered sites and a list of registered programs are stored.
- [70] 200 The process of installing an anti-phishing program in a user's computer.
- the anti-phishing program can be a general application program directly installed in a computer, or an ActiveX or a Java applet inserted into a web page.
- the anti-phishing program can be downloaded and installed using a launcher function and periodically smart updated.
- the anti-phishing program is preferably implemented to be eternally executed in background when the computer is booted.
- Java applet if the anti-phishing program is not executed, the anti-phishing program is executed through the launcher function.
- the installed and executed anti-phishing program continuously monitors events generated from the user's computer and detects either preliminary actions for keyboard input or keyboard input operations.
- [76] 230. The process of determining whether a web browser or an application program.
- [78] 240. The process of extracting a URL address and determining whether the address is registered in the DB.
- the window that has detected the keyboard input related event is a web browser
- the URL address of the current web page is extracted and it is determined whether the URL address is registered by querying DB.
- the extracted URL is a URL registered in the DB
- a corresponding site name matched to the DB is guided through a speech bubble 5.
- the speech bubble 5 is preferably displayed in a space near the input box 3 to be inputted so as to be easily seen when inputting data.
- the speech bubble 5 is a speech bubble of a symbolic meaning. A variety of displaying techniques that give similar effects should all be included within the scope of the present invention.
- the window that has detected the keyboard input related event in step 230 is an application program
- the name of the application program is extracted, and it is determined whether the application program is registered by querying the DB.
- a warning message 5 indicating that "Unknown application program. Beware of phishing.” is displayed in a speech bubble. The user views the warning message indicating that the window is not a web page of a popular site that the user knows, but an unknown application program, and reconfirms the window, thereby not being attacked by phishing.
- FIG. 12 is a view showing another example of speech bubble indications.
- step 240 or 231 i.e., immediately before a speech bubble guide is displayed, it is inquired whether a registered service (a service registered to be protected from an attack pretending to be a corresponding service) is currently operating, and the result is displayed in the speech bubble 5 together with the guide, thereby further solidly preventing a service pretense.
- a registered service a service registered to be protected from an attack pretending to be a corresponding service
- whether a corresponding service is currently provided to the computer is determined by querying a registered service server in real-time. That is, the registered service server is queried in real-time, and if the corresponding service is provided, a guide message 'In Service' can be displayed, whereas if the corresponding service is not provided, a guide message 'Out of Service' can be displayed.
- the registered service server whether or not the service is provided can be reported to the anti-phishing client according to the present invention executed in the user's computer when a service window is opened.
- the anti-phishing client Upon a speech bubble 5 is displayed, if the anti-phishing client receives a corresponding report, it displays a guide message 'In Service', and if the anti-phishing client does not receive a corresponding report, it displays a guide message 'Out of Service'.
- FIG. 12 shows an example of a valid site registered in an anti-phishing service that floats a fake electronic payment window and tries to steal user's payment information. Regardless of whether or not the current site is a member of an electronic payment service, the user views a message 'Internet Secure Payment ? Out of Service' displayed in the speech bubble 5 and is not swindled.
- the DB and the program information may not be constructed in the server, but can be embedded within the anti- phishing program itself.
- Newly added URLs can be periodically updated on-line. That is, the stand-alone type anti-phishing program processes whether a URL is registered or whether a program is registered without server's assistance, and communicates with the server only when preventing a service pretense.
- FIG. 13 is a view showing another embodiment of the present invention.
- a symbolic image 13 of a site is displayed together with a speech bubble guide so that a user can recognize the guide further easily and rapidly.
- the good point of this method is that a site such as ThirtyBamk' mimicking 'Citibank' can be easily sifted out.
- it can overcome a problem such that if only text is used as a guide, a lot of fake names, such as 'ThirtyBamk', 'Citibamko', 'Citebank', and the like, should be registered.
- a symbolic image 13 of a site is added into the whitelist, and text based speech bubbles need to be changed into a method of outputting images.
- FIG. 14 is a view showing another embodiment of the present invention.
- an attacker may intentionally hide a target address in order to evade an anti-phishing guide.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Software Systems (AREA)
- General Physics & Mathematics (AREA)
- Data Mining & Analysis (AREA)
- Databases & Information Systems (AREA)
- Mathematical Physics (AREA)
- Information Transfer Between Computers (AREA)
Abstract
Procédé anti-filoutage, à auto-détermination : sur la base d'une liste blanche établie à partir d'URL officiels de sites populaires devenant la cible d'attaques de filoutage, l'adresse d'un site Web auquel un utilisateur est relié est comparée avec la liste, et si l'adresse y figure, le nom du site correspondant est affiché sur l'écran, ce qui permet à l'utilisateur de voir lui-même si le site à l'écran est effectivement un site auquel il souhaite être relié. Sinon, le fait que l'adresse n'y figure pas est affiché à l'écran, ce qui donne des avertissements appropriés pour que l'utilisateur ne puisse pas être victime de filoutage. De plus, si l'adresse n'y figure pas, un service d'interrogation est fourni, et le nom du site affiché à l'écran peut être entré directement, avec possibilité de confirmation immédiate de la présence du site dans la liste : ainsi, l'utilisateur peut suspecter immédiatement un site qui prétend être un site populaire enregistré utilisant une adresse non enregistrée,
Applications Claiming Priority (10)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR20050061357 | 2005-07-07 | ||
KR10-2005-0061357 | 2005-07-07 | ||
KR10-2005-0070857 | 2005-08-03 | ||
KR20050070857 | 2005-08-03 | ||
KR10-2005-0104821 | 2005-11-03 | ||
KR20050104821 | 2005-11-03 | ||
KR10-2006-0017130 | 2006-02-22 | ||
KR20060017130 | 2006-02-22 | ||
KR10-2006-0053310 | 2006-06-14 | ||
KR20060053310 | 2006-06-14 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2007007988A2 true WO2007007988A2 (fr) | 2007-01-18 |
WO2007007988A3 WO2007007988A3 (fr) | 2007-03-08 |
Family
ID=37637605
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/KR2006/002662 WO2007007988A2 (fr) | 2005-07-07 | 2006-07-07 | Procede anti-filoutage |
Country Status (2)
Country | Link |
---|---|
KR (1) | KR20070006559A (fr) |
WO (1) | WO2007007988A2 (fr) |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102110210A (zh) * | 2009-12-24 | 2011-06-29 | 英特尔公司 | 用于移动设备上的安全浏览的可信图形渲染 |
US8091118B2 (en) * | 2007-12-21 | 2012-01-03 | At & T Intellectual Property I, Lp | Method and system to optimize efficiency when managing lists of untrusted network sites |
US8528079B2 (en) | 2008-08-12 | 2013-09-03 | Yahoo! Inc. | System and method for combating phishing |
US9038171B2 (en) | 2008-10-20 | 2015-05-19 | International Business Machines Corporation | Visual display of website trustworthiness to a user |
WO2015156640A1 (fr) * | 2014-04-11 | 2015-10-15 | Samsung Electronics Co., Ltd. | Procédé et dispositif de commande d'un écran de sécurité dans un dispositif électronique |
KR20150118041A (ko) * | 2014-04-11 | 2015-10-21 | 삼성전자주식회사 | 전자장치에서 보안화면을 제어하는 방법 및 장치 |
US9621566B2 (en) | 2013-05-31 | 2017-04-11 | Adi Labs Incorporated | System and method for detecting phishing webpages |
US11381597B2 (en) * | 2019-07-19 | 2022-07-05 | Mcafee, Llc | Expedition of web phishing detection for suspicious sites |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR100904311B1 (ko) * | 2006-09-15 | 2009-06-23 | 인포섹(주) | 트러스티드 네트워크를 이용한 파밍 방지 방법 |
KR100929693B1 (ko) * | 2007-10-10 | 2009-12-03 | 김진우 | 라우팅 포인트를 활용한 피싱 방지 방법 |
WO2010090357A1 (fr) * | 2009-02-04 | 2010-08-12 | 주식회사 이스트소프트 | Système et procédé pour vérifier une adresse de site web |
KR101436495B1 (ko) * | 2013-02-25 | 2014-09-02 | 주식회사 안랩 | 컴퓨터시스템 및 컴퓨터시스템의 악성사이트 여부 판단 방법 |
KR102131943B1 (ko) | 2013-09-11 | 2020-07-08 | 삼성전자주식회사 | Url 분석 방법 및 그 전자 장치 |
-
2006
- 2006-06-29 KR KR1020060059271A patent/KR20070006559A/ko not_active Application Discontinuation
- 2006-07-07 WO PCT/KR2006/002662 patent/WO2007007988A2/fr active Application Filing
Non-Patent Citations (2)
Title |
---|
GEER D.: 'Security Technologies Go Phishing' IEEE COMPUTER vol. 38, no. 6, June 2005, pages 18 - 21, XP011134755 * |
SPRING T.: 'SpamSlayer: New Tools Fight Fraud and Phishing' PC WORLD 25 April 2005, XP003008910 * |
Cited By (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8091118B2 (en) * | 2007-12-21 | 2012-01-03 | At & T Intellectual Property I, Lp | Method and system to optimize efficiency when managing lists of untrusted network sites |
US8528079B2 (en) | 2008-08-12 | 2013-09-03 | Yahoo! Inc. | System and method for combating phishing |
US9038171B2 (en) | 2008-10-20 | 2015-05-19 | International Business Machines Corporation | Visual display of website trustworthiness to a user |
CN102110210A (zh) * | 2009-12-24 | 2011-06-29 | 英特尔公司 | 用于移动设备上的安全浏览的可信图形渲染 |
US20110161667A1 (en) * | 2009-12-24 | 2011-06-30 | Rajesh Poornachandran | Trusted graphics rendering for safer browsing on mobile devices |
EP2348442A1 (fr) * | 2009-12-24 | 2011-07-27 | Intel Corporation | Rendu graphique sécurisé pour navigation sécurisée sur des dispositifs mobiles |
US8650653B2 (en) | 2009-12-24 | 2014-02-11 | Intel Corporation | Trusted graphics rendering for safer browsing on mobile devices |
US9621566B2 (en) | 2013-05-31 | 2017-04-11 | Adi Labs Incorporated | System and method for detecting phishing webpages |
KR20150118041A (ko) * | 2014-04-11 | 2015-10-21 | 삼성전자주식회사 | 전자장치에서 보안화면을 제어하는 방법 및 장치 |
CN106164925A (zh) * | 2014-04-11 | 2016-11-23 | 三星电子株式会社 | 在电子设备中控制安全性屏幕的方法和设备 |
WO2015156640A1 (fr) * | 2014-04-11 | 2015-10-15 | Samsung Electronics Co., Ltd. | Procédé et dispositif de commande d'un écran de sécurité dans un dispositif électronique |
EP3129910A4 (fr) * | 2014-04-11 | 2017-08-30 | Samsung Electronics Co., Ltd. | Procédé et dispositif de commande d'un écran de sécurité dans un dispositif électronique |
US10002255B2 (en) | 2014-04-11 | 2018-06-19 | Samsung Electronics Co., Ltd. | Method and device for controlling security screen in electronic device |
CN106164925B (zh) * | 2014-04-11 | 2020-06-09 | 三星电子株式会社 | 在电子设备中控制安全性屏幕的方法和设备 |
KR102348217B1 (ko) | 2014-04-11 | 2022-01-10 | 삼성전자 주식회사 | 전자장치에서 보안화면을 제어하는 방법 및 장치 |
US11381597B2 (en) * | 2019-07-19 | 2022-07-05 | Mcafee, Llc | Expedition of web phishing detection for suspicious sites |
Also Published As
Publication number | Publication date |
---|---|
KR20070006559A (ko) | 2007-01-11 |
WO2007007988A3 (fr) | 2007-03-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2007007988A2 (fr) | Procede anti-filoutage | |
US7770002B2 (en) | Multi-factor authentication | |
EP1863240B1 (fr) | Procédé et système de détection d'hameçonnage | |
Wu et al. | Effective defense schemes for phishing attacks on mobile computing platforms | |
US8019689B1 (en) | Deriving reputation scores for web sites that accept personally identifiable information | |
US8291065B2 (en) | Phishing detection, prevention, and notification | |
US7698442B1 (en) | Server-based universal resource locator verification service | |
Kirda et al. | Protecting users against phishing attacks | |
US8701165B2 (en) | Credentials phishing prevention protocol | |
US7802298B1 (en) | Methods and apparatus for protecting computers against phishing attacks | |
US7634810B2 (en) | Phishing detection, prevention, and notification | |
CN101304418B (zh) | 一种客户端侧经由提交者核查来防止偷渡式域欺骗的方法及系统 | |
Kirda et al. | Protecting users against phishing attacks with antiphish | |
US8079087B1 (en) | Universal resource locator verification service with cross-branding detection | |
US8893243B2 (en) | Method and system protecting against identity theft or replication abuse | |
US8381289B1 (en) | Communication-based host reputation system | |
US20160036849A1 (en) | Method, Apparatus and System for Detecting and Disabling Computer Disruptive Technologies | |
US20080092242A1 (en) | Method and system for determining a probability of entry of a counterfeit domain in a browser | |
US20060123478A1 (en) | Phishing detection, prevention, and notification | |
US20060070126A1 (en) | A system and methods for blocking submission of online forms. | |
EP2447878A1 (fr) | Détection de programmes malveillants à distance par Internet | |
Shrivastava et al. | XSS vulnerability assessment and prevention in web application | |
WO2019095856A1 (fr) | Procédé et système d'authentification d'identité de réseau, et dispositif d'agent utilisateur utilisé | |
WO2008146292A2 (fr) | Système et procédé de sécurisation d'informations sensibles dans une connexion réseau | |
WO2006056992A2 (fr) | Obtention et evaluation de donnees objectives relatives a des ressources de reseau |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 06769204 Country of ref document: EP Kind code of ref document: A2 |
|
32PN | Ep: public notification in the ep bulletin as address of the adressee cannot be established |
Free format text: NOTING OF LOSS OF RIGHTS EPO FORM 1205A DATED 18.04.2008. |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 06769204 Country of ref document: EP Kind code of ref document: A2 |