The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Jan. 11, 2022
Filed:
Jan. 07, 2018
Microsoft Technology Licensing, Llc, Redmond, WA (US);
Hani Hana Neuvirth, Redmond, WA (US);
Ram Haim Pliskin, Rishon Lezion, IL;
Tomer Koren, Tel Aviv, IL;
Josef Weizman, Halfa, IL;
Karl William Reinsch, Snoqualmie, WA (US);
Efim Hudis, Bellevue, WA (US);
Microsoft Technology Licensing, LLC, Redmond, WA (US);
Abstract
A previously-unknown type of attack on a web application can be detected dynamically using server logs. An alert can be raised for an application that returns a valid response to the potential attacker (e.g., when an http (hypertext transfer protocol) status code of 200 is returned to the requestor). Server logs can be analyzed to identify an external computer that uses the same attack methodology on multiple targets. The external computer may attempt to access the same Uniform Resource Identifier (URI) on various web sites. In many cases, the http status code that is returned is an error code. Characteristics such as but not limited to fast crawling and numerous error status codes being returned to a particular requestor can be used by a machine learning (ML) system to identify potentially malicious external computing devices and/or vulnerable URIs.