Authentication of client devices using modified images

US 10,212,189 B2
Filed: 10/11/2016
Issued: 02/19/2019
Est. Priority Date: 10/11/2016
Status: Active Grant

First Claim

Patent Images

1. A computer program for detection of phishing attacks to be stored by one or more non-transitory computer-readable media of a server system, the computer program comprising a set of instructions, wherein execution of the set of instructions by a hardware processor system of the server system is to cause the server system to:

obtain, from a user system, a first message comprising a request for a login page and first user information associated with the user system other than authentication credentials for accessing a platform provided by the server system;

modify, based on the first user information, a first image to obtain a second image;

provide, to the user system in response to the first message, a second message comprising the login page and the second image;

obtain, from the user system, a third message comprising the authentication credentials for accessing the platform, second user information other than the authentication credentials, and a third image, wherein the third image is a version of the second image as rendered by the user system; and

authenticate the user system using the authentication credentials and based on the second user information and third user information embedded in the third image, the third user information not including the authentication credentials.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for detecting phishing attacks and identifying attackers are described. In embodiments, a server system may modify a template image based on user information and provide the modified image to a user system with a login page. The server system may obtain authentication credentials with an image rendered by the user system. The server system may authenticate the user system based on the authentication credentials and information included in the rendered image. Other embodiments may be described and/or claimed.

186 Citations

19 Claims

1. A computer program for detection of phishing attacks to be stored by one or more non-transitory computer-readable media of a server system, the computer program comprising a set of instructions, wherein execution of the set of instructions by a hardware processor system of the server system is to cause the server system to:
- obtain, from a user system, a first message comprising a request for a login page and first user information associated with the user system other than authentication credentials for accessing a platform provided by the server system;
  
  modify, based on the first user information, a first image to obtain a second image;
  
  provide, to the user system in response to the first message, a second message comprising the login page and the second image;
  
  obtain, from the user system, a third message comprising the authentication credentials for accessing the platform, second user information other than the authentication credentials, and a third image, wherein the third image is a version of the second image as rendered by the user system; and
  
  authenticate the user system using the authentication credentials and based on the second user information and third user information embedded in the third image, the third user information not including the authentication credentials.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The computer program of claim 1, wherein to modify the first image, the set of instructions is operable to:
    - determine a user information number based on a numeric representation of the first user information; and
      
      one or both of;
      
      perform a stenographic procedure on a first image to hide the user information number in a set of pixels in the first image;
      
      orencode the first image with the user information number during a compression operation of the first image.
  - 3. The computer program of claim 2, wherein to perform the stenographic procedure, the set of instructions is operable to:
    - adjust bits located at desired bit positions in a first number to match bits of a corresponding portion of the user information number, wherein the first number with the adjusted bits is a second number, and wherein the first number is a numeric representation of the first image and the second number is a numeric representation of the second image.
  - 4. The computer program of claim 3, wherein the desired bit positions comprise a least significant bit (LSB) of each of color value of each pixel in the set of pixels.
  - 5. The computer program of claim 2, wherein to encode the first image with the user information number, the set of instructions is further operable to:
    - apply a discrete cosign transform (DCT) on a first number to obtain an array of DCT coefficients, wherein the first number is a numeric representation of the first image; and
      
      adjust bits located at desired bit positions in each of the DCT coefficients to match bits of a corresponding portion of the user information number, wherein the array with the adjusted DCT coefficients is a second number, and wherein the second number is a numeric representation of the second image.
  - 6. The computer program of claim 5, wherein the desired bit positions are an LSB position of each of the DCT coefficients.
  - 7. The computer program of claim 1, wherein to authenticate the user system, the set of instructions is operable to:
    - extract the second user information from the third message;
      
      extract the third user information from the third image; and
      
      determine whether the second user information matches the third user information.
  - 8. The computer program of claim 7, wherein to extract third user information from the third image, the set of instructions is operable to:
    - identify desired bit positions within a numeric representation of the third image;
      
      obtain numerals located at the desired bit positions;
      
      group the removed numerals together to obtain a numeric representation of the third user information; and
      
      convert the numeric representation of the third user information into the third user information.
  - 9. The computer program of claim 2, wherein the set of instructions is further operable to:
    - encrypt the user information number,wherein to perform the stenographic procedure, the set of instructions is further operable to hide the encrypted user information number in the set of pixels,wherein to encode the first image, the set of instructions is further operable to encode the first image with the encrypted user information number during the compression operation, andwherein to authenticate the user system, the set of instructions is further operable to decrypt the numeric representation of the third user information to obtain the third user information.
  - 10. The computer program of claim 1, whereinthe first user information and the second user information comprises one or more of an internet IP address of the user system, an operating system (OS) implemented by the user system, a version of the OS, a browser used to send the request, a version of the browser, a browser window size, a rendering engine implemented by the browser, a version of the rendering engine, a time that the request was submitted, a time zone in which the user system is located, a screen resolution of the user system, and a device type of the user system, andthe authentication credentials comprise one or more of a user name, a password, a personal identification number (PIN), a digital certificate, and biometric data.

11. A computer program to authenticate a user system to be stored by one or more non-transitory computer-readable media of the user system, the computer program comprising a set of instructions, wherein execution of the set of instructions by a hardware processor system of the user system is to cause the user system to:
- provide, to a server system, a first message to request a login page, wherein the first message comprises user information associated with the user system;
  
  obtain, from the server system in response to the request message, a second message comprising the login page with a user-specific image, wherein the user-specific image is a version of a template image that is modified based on the user information, and wherein the user-specific image has a color scheme that is different and imperceptible than a color scheme of the template image;
  
  render, in an application container implemented by the user system, the login page including the user-specific image; and
  
  provide, to the server system via an interface of the login page, a third message comprising authentication credentials and a rendered image, wherein;
  
  the rendered image is a version of the user-specific image as rendered in the application container, andthe rendered image and the authentication credentials are to be used by the server system to authenticate the user system.
- View Dependent Claims (12, 13, 14)
- - 12. The computer program of claim 11, wherein the third message further comprises second user information, and the user system is to be authenticated based on the second user information and third user information embedded in the rendered image.
  - 13. The computer program of claim 12, wherein the set of instructions is operable to:
    - obtain, from the server system, a homepage to be rendered in the application container upon proper authentication of the user system.
  - 14. The computer program of claim 11, wherein the template image comprises a plurality of pixels, wherein each pixel of the plurality of pixels has a corresponding color value, and the set of instructions is further operable to:
    - convert the rendered image into a number according to instructions included in the login page;
      
      encrypt the number; and
      
      insert the encrypted number in the third message.

15. A server system comprising:
- a communications system to;
  
  obtain, from a user system, a first message to request a login page with first user information,send, to the user system in response to the request, a second message including the login page and a user-specific image, wherein the user-specific image is a modified version of a template image based on the first user information, andobtain, from the user system, a third message including authentication credentials, a rendered image, and second user information, wherein the rendered image is a version of the user-specific image as rendered by the user system; and
  
  a hardware processor system including a memory device, the hardware processor system communicatively coupled with the communication system, and the hardware processor system is to;
  
  generate the user-specific image by modification of the template image to include the first user information, wherein the user-specific image has a color scheme that is different and imperceptible than a color scheme of the template image,extract second user information from the third message, and extract third user information from the rendered image, andauthenticate the user system based on the authentication credentials and the second and third user information.
- View Dependent Claims (16, 17, 18, 19)
- - 16. The server system of claim 15, wherein to modify the template image, the hardware processor system is to:
    - determine a user information number based on a numeric representation of the first user information;
      
      encrypt the user information number; and
      
      one or both of;
      
      perform a stenographic procedure on the template image to hide the encrypted user information number in a set of pixels of the template image;
      
      orencode the template image with the encrypted user information number during a compression operation of the template image.
  - 17. The server system of claim 16, wherein to perform the stenographic procedure, the hardware processor system is to:
    - determine a numeric representation of the template image;
      
      adjust bits located at desired bit positions in the numeric representation of the template image to match bits of a corresponding portion of the encrypted user information number; and
      
      generate the user-specific image using the numeric representation of the template image with the adjusted bits as a color scheme.
  - 18. The server system of claim 16, wherein to encode the first image with the user information number, the hardware processor system is:
    - split the template image into a plurality of blocks;
      
      determine a numeric representation of each block of the plurality of blocks;
      
      perform a discrete cosign transform (DCT) on each block to obtain an array of DCT coefficients;
      
      adjust bits located at desired bit positions in each of the DCT coefficients to match bits of a corresponding portion of the encrypted user information number; and
      
      generate the user-specific image by performance of a quantization operation and an entropy encoding operation on the array of the adjusted DCT coefficients.
  - 19. The server system of claim 16, wherein to authenticate the user system, the hardware processor system is to:
    - identify desired bit positions within a numeric representation of the rendered image;
      
      identify numerals located at the desired bit positions;
      
      group the identified numerals together to obtain a numeric representation of third user information;
      
      decrypt the numeric representation of the third user information to obtain the third user information; and
      
      determine whether the third user information matches the second user information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Salesforce.com, Inc.
Original Assignee
Salesforce.com, Inc.
Inventors
Mason, Paul Anthony
Primary Examiner(s)
Rahman, Mahfuzur

Application Number

US15/290,367
Publication Number

US 20180103050A1
Time in Patent Office

861 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1483   service impersonation, e.g....

H04L 63/168   above the transport layer

Authentication of client devices using modified images

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

186 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Authentication of client devices using modified images

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

186 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links