There is a wealth of prior art relating to data security systems for the Internet, which are intended to guard against undesired downloading of viruses, spyware adware, worms, Trojan horses and other malicious code.
US 2009/0287653 discloses an Internet browser adapted to prevent access to portion of contents that contain malware.
WO2010029036 discloses a malware detection method implemented within a computer based on checking for a valid digital signature and verifying that the signature belongs to a trusted source. If the signature cannot be verified as belonging to a trusted source a malware scan is carried out.
US 2008/0262991 discloses systems and methods for processing data flows, which use a set of artificial neurons for pattern recognition, such as a self-organizing map, in order to provide security and protection to a computer or computer system and which support unified threat management based at least in part on patterns relevant to a variety of types of threats that relate to computer systems, including computer networks. The system detects security threats and intrusions across accessible layers of the IP-stack by applying content matching and behavioral anomaly detection techniques based on regular expression matching and self-organizing maps.
U.S. Pat. No. 7,565,550 discloses a network level virus monitoring system capable of monitoring a flow of network traffic in any of a number of inspection modes depending upon the particular needs of a system administrator. The system includes a controller storing a rules engine used to store and source a plurality of detection rules for detecting computer viruses and worms, and using statistical results of observed abnormal events defined in policies and in the plurality of detection rules. An abnormal behavior report is generated and is evaluated by one of the server computers to determine an action to perform.
U.S. Pat. No. 7,296,274 discloses a method and apparatus providing deception and/or altered execution of logic in an information system. In specific embodiments, deceptions and/or protections are provided by intercepting and/or modifying operation of one or more system calls of an operating system.
Known systems and methods are generally directed to the need to protect the client machine from malware that is present on the client machine. However, rogue operators are also known to hack into a web provider's server and corrupt data that is subsequently downloaded by a client, who is thereby presented with information that was not intended by the web provider. The resulting web page as seen on the machine not only presents factually incorrect data to the client, but also misrepresents the web provider and militates against the web provider conveying his message.
However, provided that no malware is embedded in the web page, known systems will do nothing to detect that the content of the web page is corrupted. Even where malware is embedded, known systems may intercept the malware and block and possibly alert the end-user but they are unable to check the integrity of the web content.