	US 11,947,666 B2
	Systems and methods for exploit prevention and malicious code neutralization using non-predictable results for JavaScript-enabled applications
Avihay Cohen, Tel-Aviv (IL)
Assigned to SERAPHIC ALGORITHMS LTD, Tel Aviv (IL)
Filed by Seraphic Algorithms Ltd., Tel-Aviv (IL)
Filed on Nov. 7, 2022, as Appl. No. 18/053,038.
Application 18/053,038 is a continuation of application No. 17/575,139, filed on Jan. 13, 2022, granted, now 11,507,658.
Application 17/575,139 is a continuation of application No. PCT/IL2021/051062, filed on Aug. 31, 2021.
Claims priority of provisional application 63/072,581, filed on Aug. 31, 2020.
Prior Publication US 2023/0083463 A1, Mar. 16, 2023
Int. Cl. G06F 21/55 (2013.01); G06F 21/12 (2013.01); G06F 21/54 (2013.01); G06F 9/455 (2018.01); G06F 9/54 (2006.01)

CPC G06F 21/554 (2013.01) [G06F 21/128 (2013.01); G06F 21/54 (2013.01); G06F 9/45529 (2013.01); G06F 9/54 (2013.01); G06F 2221/033 (2013.01)]

41 Claims

1. A cyber security system, comprising:

at least one processor configured to:

receive, by an application capable of JavaScript execution, code executable by a web browser;

execute, before execution of the received code executable by the web browser, an intercepting code, wherein the intercepting code is configured to intercept at least one application programming interface (API) invocation by the received code executable by the web browser;

intercept, by the intercepting code, an API invocation by the received code executable by the web browser;

determine that the intercepted API invocation results in a manipulation of a first backing store object in browser process memory; and

modify an execution of the intercepted API invocation, wherein the modified execution of the intercepted API invocation results in at least one of: a non-predictable memory layout, a non-predictable memory behavior, or a non-predictable property of the first backing store object or a second backing store object.