| CPC H04L 63/105 (2013.01) [G06F 9/45558 (2013.01); G06F 16/9562 (2019.01); H04L 63/20 (2013.01); G06F 2009/45587 (2013.01); G06F 2009/45591 (2013.01)] | 21 Claims |
|
1. A computer-implemented method, comprising:
detecting a request to access a suspicious website through a native browser application, wherein the request is detected by a browser extension application that continuously monitors user interactions with the native browser application, wherein the request includes a Uniform Resource Identifier (URI) associated with the suspicious website, and wherein the request is detected by the browser extension application through user interaction with one or more interaction elements presented through the native browser application;
processing the URI and the one or more interaction elements through a trained machine learning algorithm to identify a legitimate URI corresponding to a legitimate website, wherein the trained machine learning algorithm is trained using a dataset of sample suspicious URIs, corresponding interaction elements, and known elements associated with legitimate websites;
executing a virtual browser application on a virtual machine instance in a cloud computing environment, wherein access to the virtual browser application is isolated from other functionalities of the virtual machine instance in the cloud computing environment; and
re-directing the native browser application to a viewer page associated with the virtual browser application, wherein when the native browser application is re-directed to the viewer page, the legitimate website corresponding to the legitimate URI is presented through the virtual browser application.
|