Network attack detection on a mobile API of a web service

US 10,135,904 B2
Filed: 01/27/2016
Issued: 11/20/2018
Est. Priority Date: 01/27/2015
Status: Active Grant

First Claim

Patent Images

1. A method of operating a communication system to validate web service requests from applications executing on wireless communication devices, the method comprising:

in a wireless communication device;

executing an application that generates an original web service request;

executing a client security component of the application to;

collect security information, andtransparently inject the security information in the original web service request to create a modified web service request,wherein the security information comprises a plurality of user behavior attributes representing how the wireless communication device is being utilized; and

utilizing a mobile application programming interface to transfer the modified web service request that includes the security information to a web server; and

in the web server, executing a server security component of a web service to;

extract the security information from the modified web service request,validate the security information to verify that the user behavior attributes are indicative of human operation of the wireless communication device,strip, upon successful validation of the security information, the security information from the modified web service request, andprovide the original web service request to the web service upon successful validation.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques to validate web service requests from applications executing on wireless communication devices are disclosed herein. In at least one implementation, an application that generates a web service request is executed on a wireless communication device. The wireless communication device executes a client security component of the application to collect security information and include the security information in the web service request, and utilizes a mobile application programming interface to transfer the web service request including the security information for delivery to a web server. The web server executes a server security component of a web service to extract the security information from the web service request, validate the web service request based on the security information, and provide the web service request to the web service upon successful validation.

18 Citations

View as Search Results

20 Claims

1. A method of operating a communication system to validate web service requests from applications executing on wireless communication devices, the method comprising:
- in a wireless communication device;
  
  executing an application that generates an original web service request;
  
  executing a client security component of the application to;
  
  collect security information, andtransparently inject the security information in the original web service request to create a modified web service request,wherein the security information comprises a plurality of user behavior attributes representing how the wireless communication device is being utilized; and
  
  utilizing a mobile application programming interface to transfer the modified web service request that includes the security information to a web server; and
  
  in the web server, executing a server security component of a web service to;
  
  extract the security information from the modified web service request,validate the security information to verify that the user behavior attributes are indicative of human operation of the wireless communication device,strip, upon successful validation of the security information, the security information from the modified web service request, andprovide the original web service request to the web service upon successful validation.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1 wherein the security information comprises device attributes associated with the wireless communication device or unique transaction identifiers associated with the wireless communication device.
  - 3. The method of claim 1 wherein the user behavior attributes comprise a manner of navigating through content of the application.
  - 4. The method of claim 1 wherein the user behavior attributes include velocity and sequence of navigation between various views, displays, pages, or content of the application.
  - 5. The method of claim 1 wherein the web server executing the server security component of the web service to validate the security information comprises executing the server security component of the web service to compare a total number of attributes received in the security information to a threshold number of attributes to determine whether or not the original web service request is legitimate.
  - 6. The method of claim 1 wherein the web server executing the server security component of the web service, upon failing to verify that the user behavior attributes are indicative of human operation of the wireless communication device, block the original web service request.
  - 7. The method of claim 1 wherein the wireless communication device executing the client security component of the application to collect the security information comprises executing the client security component to detect hardware components present in the wireless communication device.

8. A communication system to validate web service requests from applications executing on wireless communication devices, the communication system comprising:
- a wireless communication device configured to execute an application that generates an original web service request and to execute a client security component of the application to collect security information, transparently inject the security information in the original web service request to create a modified web service request, and utilize a mobile application programming interface to transfer the modified web service request that includes the security information to a web server, wherein the security information comprises a plurality of user behavior attributes that indicate whether an operator operating the wireless communication device is a human user or a machine; and
  
  the web server configured to execute a server security component of a web service to extract the security information from the modified web service request, validate the security information by, at least in part, analyzing the user behavior attributes to determine whether the operator of the wireless communication device is the automated computer or the human user, strip the security information from the modified web service request, and provide the original web service request to the web service upon successful validation that the operator is the human user.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The communication system of claim 8 wherein the security information comprises device attributes associated with the wireless communication device.
  - 10. The communication system of claim 8 wherein the user behavior attributes comprise a manner of navigating through content of the application.
  - 11. The communication system of claim 8 wherein the security information comprises unique transaction identifiers associated with the wireless communication device.
  - 12. The communication system of claim 8 wherein the web server configured to execute the server security component of the web service to validate the security information comprises the web server configured to execute the server security component of the web service to compare a total number of attributes received in the security information to a threshold number of attributes to determine whether or not the web service request is legitimate.
  - 13. The communication system of claim 8 wherein the web server configured to execute the server security component of the web service upon determining that the operator of the wireless communication device is an automated computer, blocks the original web service request.
  - 14. The communication system of claim 8 wherein the wireless communication device configured to execute the client security component of the application to collect the security information comprises the wireless communication device configured to execute the client security component to detect hardware components present in the wireless communication device.

15. An apparatus comprising:
- one or more computer-readable storage media; and
  
  first program instructions comprising a client security component of an application, the first program instructions stored on the one or more computer-readable storage media that, when executed by a wireless communication device, direct the wireless communication device to at least;
  
  collect security information, andcreate, in response to an original web service request generated by the application, a modified web service request by injecting the security information into an original web service request,wherein the security information comprises a plurality of user behavior attributes and device attributes; and
  
  utilize a mobile application programming interface to transfer the modified web service request including the security information to a web server; and
  
  second program instructions comprising a server security component of a web service, the second program instructions stored on the one or more computer-readable storage media that, when executed by the web server, direct the web server to at least;
  
  extract the security information from the modified web service request;
  
  validate the original web service request by analyzing the security information to determine whether the original web service request is a legitimate request that originates from a genuine application and is associated with usage indicative of a human user or whether the original web service request is a malicious request that did not originate from the genuine application or is associated with usage indicative of an automated machine; and
  
  provide the original web service request to the web service upon determining that the original web service request is legitimate.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The apparatus of claim 15 wherein the wireless communication device is operatively coupled to the one or more computer-readable storage media and the wireless communication device reads and executes the first program instructions.
  - 17. The apparatus of claim 15 wherein the web server is operatively coupled to the one or more computer-readable storage media and the web server reads and executes the second program instructions.
  - 18. The apparatus of claim 15 wherein the user behavior attributes include velocity and sequence of navigation between various views, displays, pages, or content of the application.
  - 19. The apparatus of claim 15 wherein the user behavior attributes comprise a manner of navigating through content of the application.
  - 20. The apparatus of claim 15 wherein the security information comprises unique transaction identifiers associated with the wireless communication device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cequence Security, Inc.
Original Assignee
Stealth Security, Inc.
Inventors
Mehta, Shreyans, Talwalkar, Ameya
Primary Examiner(s)
Homayounmehr, Farid
Assistant Examiner(s)
Bucknor, Olanrewaju J

Application Number

US15/007,730
Publication Number

US 20160219072A1
Time in Patent Office

1,028 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 21/606   by securing the transmissio...

H04L 63/168   above the transport layer

H04L 67/02   based on web technology, e....

H04W 12/10   Integrity

H04W 12/12   Detection or prevention of ...

H04W 12/71   Hardware identity

H04W 12/72   Subscriber identity

Network attack detection on a mobile API of a web service

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

18 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Network attack detection on a mobile API of a web service

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

18 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links