A browser is a software application enabling a user to display and interact with information (text, images, audios and videos records and streams, forms, etc.) located on a page (also called, webpage) at a website on a network (such as the World Wide Web or an intranet). Any information on a webpage has an associated attribute allowing the linking of this information to other information at another location of a network.
Different protocols are available and allow communication through a network, and handling data in a large number of formats, such as HTML.
As an example, FIG. 1 is a simplified model of “client-server architecture”. A client 101 (a browser) initiates a request 103 to a server 105 (a website). A server 105 receives the request 103, and replies with a message 107 containing, a requested file, an acknowledgement, an error message, or some other information.
U.S. Ser. No. 12/189,444 addresses problems related to malicious plug-ins, and its architecture is useful to understand the present invention and, therefore, shall be described herein in some detail, although the full specification of U.S. Ser. No. 12/189,444 is incorporated herein by reference. A plug-in (also called “browser plug-in”) expands the functionalities of a browser by adding extra features to it. Many browser plug-ins are visible to the user and he/she can interact with these plug-ins. A plug-in can be, as an example, a toolbar, a search assistant or a set of functions allowing blocking pop-up windows. Others plug-ins are not visible to users and run without Graphical User Interface (GUI). However, some plug-ins, visible and invisible, can be malicious and can, for example, spy on the users (e.g. obtain unauthorized access to personal information and transmit it to a third party).
In order to reduce the risks generated by malicious plug-ins and more generally by malicious software, some approaches are available, such as the firewall technologies, which can highly limit the intrusion and the hijacking of personal data.
A firewall is a device or a software dedicated and configured in order to permit, to deny, to encrypt or to proxy computer traffic over a network connection, according a set of rules. Said network can be an organization network or the Internet. In all contexts, personal firewalls can be used in order to protect a single host by limiting the types of processes that are allowed to perform specified activities.
It is a severe drawback of network/personal firewalls, that they are useless when the user installs a malicious plugin. The plugin runs in the context of a trusted process (the browser, e.g. Microsoft Internet Explorer), and uses standard outgoing traffic (HTTP) to send stolen data out to an unauthorized location. Such activity cannot be distinguished from legitimate traffic sent by the same browser process. So a personal firewall doesn't affect malicious plug-ins, because they run within the realm of a trusted process and behave, for all it matters to the personal firewall, like the browser. Likewise, once the PC is infected, a network firewall is useless against malicious plug-ins, because they generate traffic that is indistinguishable from that of the browser.
As said, the above-described problem has been addressed in U.S. patent application Ser. No. 12/189,444, filed Aug. 11, 2008, by the same assignee hereof, having common inventors with the present invention. However, further protection can be provided by addressing the “Man in the Browser” attacks executed “remotely”, i.e. from a process external to the browser. This attack is particularly relevant when a user navigates to a site using a browser (such as Microsoft Internet explorer). During his/her visit to the site, the user needs to ensure that the sensitive data entered into the site (such as login credentials) or displayed by the site (e.g. account status, health information) are not compromised by a malicious process that interrogates the DOM (Document Object Model) at that time.
This type of attack can be illustrated through the non-malicious program Snadboy Software's Revelation V2 (www.snadboy.com), a software utility that can be used to reveal concealed passwords fields from browsers. While this utility is not malicious per se, it illustrates a technique that can be used by malicious processes to obtain credentials entered into forms inside browsers.
It is an object of the present invention to increase the security of the data exchanged between a web browser and a website.
It is another object of the invention to provide protection on a per-page and per-process basis.
It is a further object of the invention to provide a system which can allow a process to access all sites except a set of “more sensitive” sites.
It is still another object of the present invention to provide software allowing to prevent malicious software from getting data.
Further purposes and advantages of this invention will become apparent as the description proceeds.