1. Field of the Invention
This invention pertains in general to computer security and in particular to identifying referrer information for a remote object link received via a network.
2. Description of the Related Art
Applications executed on modern computers are often susceptible to a wide variety of network-based attacks. Web browsers, for example, are particularly susceptible to attacks because browsers receive large amounts of content from the Internet. Other types of applications are also vulnerable. For example, email programs and even word processors provide interfaces for executing network-based content.
Malicious attackers can compromise such applications by crafting specially-formulated input that exploits vulnerabilities in the programs. This input contains code that, when executed, gives the attackers control over the applications and allows them to perform malicious acts such as capturing keystrokes, sending messages on the network, deleting files, installing malicious software (malware) such as spyware and adware, etc.
Many such malicious attacks are received at the computer as remote object links in network traffic received via various protocols, such as email, instant messaging, or HTTP associated with a website. Traditional threat analysis, detection, repair, and avoidance systems lack the ability to reliably identify the referrer, or sender, to a remote object associated with a link received in the network traffic.