Method and system for uniquely identifying a user computer in real time using a plurality of processing parameters and servers
First Claim
1. A method for distinguishing a compromised client device from a masquerading device, the method comprising:
- capturing, by a hardware processor of one or more servers, a plurality of attributes from a network device connecting to a web service, each of the attributes representing a parameter, the plurality of parameters uniquely identifying the network device from a plurality of other networks devices;
maintaining the network device free from any software programs associated with the capturing of the plurality of attributes;
determining, by the hardware processor, a device identifier based on a programmatic transformation of the plurality of attributes captured from the network device;
comparing, by the hardware processor, the device identifier against at least one existing device identifier determined by the hardware processor, wherein the at least one existing device identifier is generated based on a programmatic transformation of a plurality of attributes captured from a respective device; and
determining, by the hardware processor, if the network device is compromised based at least in part the comparison between the device identifier and an existing device identifier.
1 Assignment
0 Petitions
Accused Products
Abstract
A method is provided for identifying a compromised client device from a masquerading device. The method includes capturing a plurality of attributes from a network device connecting to a web service. In a specific embodiment, each of the attributes represents a parameter, and the plurality of parameters uniquely identifying the network device from a plurality of other networks devices. The method maintains the network device substantially free from any software programs associated with the capturing of the plurality of attributes. That is, in a specific embodiment, the method does not rely on installing executable code in the network device to capture the attributes. Based on information associated with the attributes, the method can determine if the network device is compromised.
-
Citations
53 Claims
-
1. A method for distinguishing a compromised client device from a masquerading device, the method comprising:
-
capturing, by a hardware processor of one or more servers, a plurality of attributes from a network device connecting to a web service, each of the attributes representing a parameter, the plurality of parameters uniquely identifying the network device from a plurality of other networks devices; maintaining the network device free from any software programs associated with the capturing of the plurality of attributes; determining, by the hardware processor, a device identifier based on a programmatic transformation of the plurality of attributes captured from the network device; comparing, by the hardware processor, the device identifier against at least one existing device identifier determined by the hardware processor, wherein the at least one existing device identifier is generated based on a programmatic transformation of a plurality of attributes captured from a respective device; and determining, by the hardware processor, if the network device is compromised based at least in part the comparison between the device identifier and an existing device identifier. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method for identifying a network device, the method comprising:
-
capturing, by a hardware processor of one or more servers, a plurality of attributes from the network device, each of the attributes representing a parameter; maintaining the network device free from any executable software programs associated with the capturing of the plurality of attributes; forming, by the hardware processor, a device identifier for the network device based on information related to the plurality of parameters, the identifier uniquely identifying the network device from a plurality of other networks devices; capturing, by the hardware processor, a second plurality of attributes from the network device; and evolving, by the hardware processor, the device identifier based on information related to the second plurality of parameters. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 52, 53)
-
-
51. A system for uniquely identifying a network device associated with a web service, the system comprising:
-
a measurement server comprising at least one hardware processor for measuring, collating, and classifying a plurality of attributes associated with the network device connecting to the web service, the plurality of attributes uniquely identifying the network device from a plurality of other networks devices; a fingerprint server comprising at least one hardware processor for receiving the plurality of attributes from the measurement server and generating an unique identifier for the network device based on a programmatic transformation of the measured plurality of attributes associated with the network device; and an application server comprising at least one hardware processor for receiving a verification request from the web service, the request being associated with the network device, the application server processing the request in communication with the matching server to compare the unique identifier against one or more existing unique identifiers stored in association with the matching server and receiving a matching unique identifier from the matching server.
-
Specification