CPC G06F 21/6263 (2013.01) [G06F 16/955 (2019.01); G06F 21/577 (2013.01); G06F 2221/032 (2013.01); G06F 2221/2115 (2013.01)] | 19 Claims |
1. A method for identifying software capable of capturing personally identifiable information sent from a local device to a remote server, comprising the steps of:
connecting to the remote server via the local device in order to send at least one request for data and retrieve at least one packet of data in response to the request, wherein the remote server is in communication with at least one third party server;
sending at least one request for data and retrieving, from the remote server, at least one packet of data in response to the request;
determining via an unpacking and decoding module that unpacks the at least one packet of data and decodes data residing in header fields, cookies, URL's, and request bodies in the at least one packet of data and detects third party domains residing in the header fields, cookies, URL's, and request bodies whether the at least one packet of data, received by the local device, originated from the at least one third party server other than the remote server, and
if so, determining, using machine learning, whether the at least one packet of data contains evidence of the presence of the personally identifiable information provided to the remote server by the local device; and
indicating, to a user, the presence of personally identifiable information by outputting a machine learning classification output.
|