Apple Files Security Patent for Preventing URL Confusion Attacks
On June 4, 2015, the U.S. Patent & Trademark Office published a patent application from Apple that relates generally to detection of spoofing attacks that involve illegitimate text that is visually similar to legitimate text. More particularly, the present embodiments relate to detection of illegitimate web links via fuzzy matching techniques.
Apple notes in their filing that an illegitimate site can, for example, display information or advertisements, attempt to convince the user to perform a transaction, request information from the user, attempt to install malware or spyware on the user's computer, and perform other malicious or potentially damaging operations. Spoofed web links can lead users to phishing attacks, in which an illegitimate site is designed to mimic sites that contain important user information and convince the user to login, thereby providing an attacker with their user name and password.
Apple's solution is to protect users against illegitimate "spoofed" links on web pages by detecting and disabling illegitimate hyperlinks in web pages received from web sites. For those that are interested in all things security related, you'll find Apple's patent application 20150156210 of interest. For more information on this security patent, click here.
Patent Credits
Apple credits Oliver Hunt and Ivan Krstic as the inventors of this patent application that was originally filed in Q4 2013. Considering that this is a patent application, the timing of such a product to market is unknown at this time.
Patently Apple presents a detailed summary of patent applications with associated graphics for journalistic news purposes as each such patent application is revealed by the U.S. Patent & Trade Office. Readers are cautioned that the full text of any patent application should be read in its entirety for full and accurate details. About Making Comments on our Site: Patently Apple reserves the right to post, dismiss or edit any comments. Comments are reviewed daily from 5am to 7pm MST and sporadically over the weekend.
Comments