Abstract: A method for protecting a browser from malicious processes, comprises providing at least one process-proxy object and at least a browser-proxy object, interposed between the browser and a process, such that when the process invokes one of the DOM entry points, the process-proxy object isolates it from the real browser implementation and executes the process-proxy object's code instead.

Abstract: Some demonstrative embodiments of the invention include a system and method for detecting related transactions, e.g., fraudulent transactions by for example associating transactions and creating lists of related transactions. Other embodiments are described and claimed.

Abstract: A method and system for determining whether a proxy is present in a communication link between a client and a server, and if so, certain characteristics of the proxy.

Abstract: A browser plug-in firewall manages data exchanged between a browser and a plug-in according to a pre-defined list of rights.

Abstract: A method for rendering a login theft ineffective includes detecting a submission of a first login request from the user's client to a Web site; redirecting the first login request to the traffic processor for copying at least one of the user supplied login fields; forwarding the first login request from the traffic processor to the site; requesting replacements of at least one of the user supplied login fields from the site; and replacing the at least one of user supplied login fields with at least one new corresponding login field(s) in the site.

Abstract: The present invention relates to a method for preventing an unauthorized activity including a transaction in a web site comprising the steps of: (a) receiving a response containing at least one HTML page, from said site, by the traffic processor; (b) modifying said response by obfuscating said at least one HTML page of said response; (c) storing de-obfuscation information in a transaction table; (d) forwarding the modified response from said traffic processor to the client's browser; (e) redirecting a request from said browser to the traffic processor, by the redirector; (f) checking said request for an unauthorized command; (g) de-obfuscating said request using the stored information in said transaction table; and (h) forwarding the modified request to said site.

Abstract: Embodiments of the present invention relate to a method and system for detecting and/or mitigating domain name system (DNS) spoofing Trojan horse (or Trojan) code. Trojan code (sometimes called malware or malicious software) is a common computer security problem. Some Trojans modify the DNS resolution mechanism employed by the infected computer, such that the computer traffic, when browsing the Internet, is routed to a location not intended by the rightful owner of the computer. The present invention can detect this phenomenon from a remote device or location and may take action to mitigate its effects.

Abstract: Embodiments of the present invention include a system, device, and method for persistent user tracking including associating a session management item with a client computer identification item, wherein said session management item and said client computer identification item are both associated with a single value of a marker. Embodiments of the present invention include a system, device, and method for persistent user tracking including, associating a first session management item, the first session management item pertaining to a session conducted by a user on a first server with a client computer identification item, and associating a second session management item, the second session management item pertaining to a session conducted by the user on a second server with the client computer identification item. In some embodiments, the client computer identification item may be received from a client computer by a code executed thereon.

Abstract: A system and method of conducting a transaction comprising accepting transaction information from a user, producing a customized statement, the customized statement relating to at least a portion of the transaction information and including a challenge to the user, and sending the user an obscured representation of the customized statement. The system and method may accept from the user a response to the challenge. The system and method may further allow the transaction to proceed if the response is correct and prevent the transaction from proceeding if the response is incorrect.