SAP SE
Client-side attack detection in web applications

Abstract:

A client comprising a web browser is provided. The client is configured to: run an application in the web browser, the application comprising a sensor including sensor JavaScript code, wherein running the application comprises executing the sensor JavaScript code as the first JavaScript code in the web browser to activate the sensor; and wherein the sensor is configured to: gather data with respect to the application at runtime; and check predetermined application-specific rules against the gathered data for detecting client-side attacks at runtime.