1. Field of the Invention
Embodiments of the present invention generally relate to a computer security system and, more particularly, to a method and apparatus for detecting potentially misleading visual representation objects that are created by a browser to secure a computer.
2. Description of the Related Art
Widespread Internet usage by small to large organizations results in an increase in computer-related attacks. Various malicious software programs (e.g., viruses, Trojan horses, worms and/or the like) cause many of these related computer attacks. These malicious software programs may be transmitted (i.e. downloaded) to a vulnerable computer without user consent and/or knowledge as executable programs, email attachments, multimedia files (e.g., video files, audio files and/or the like), malicious HTML code on web pages and/or the like.
The malicious software programs may exert control over an operating system and modify various files (e.g., system registry entries) and/or settings (e.g., background color, screen saver and/or the like) in order to disrupt normal operation. The malicious software programs may also exploit the user computer for illegitimate purposes. For example, a certain malicious software program may misappropriate sensitive data, such as intellectual property, customer data, medical histories, financial records, purchase orders, legal documents, privileged and/or confidential information, social security numbers, addresses, pictures, documents, contacts and/or the like.
Occasionally, a user may be enticed and/or redirected to a website that hosts such malicious software programs. The user may be enticed by an email or a posting on social networking websites (e.g., Orkut, Facebook, MySpeace and/or the like) that includes a link to the website. The user may also be enticed through a browser window that misrepresents legitimate system messages from an operating system. Such a browser window is made to appear very similar to an operating system dialog box, which normally notifies a computer user as to any computer problems.
The browser window includes web elements that, when rendered, presents the user with content (e.g., images, text, web objects and/or the like) that imitate user interface elements normally used for the legitimate system messages. The imitating content is used to mislead the computer user as to a source of the content. Because the computer cannot easily distinguish between the web elements and the user interface elements, the computer user is under the incorrect belief that the content includes an important system message from the operating system. After being confronted with the imitating content and following given instructions, the user computer downloads the malicious software programs, which may corrupt critical data and/or cause a system crash or system malfunctioning.
Therefore, there is a need in the art for a method and apparatus for detecting potentially misleading visual representation objects, such as browser windows, to secure a computer.