Method and system for network resource attack detection using a client identifier
First Claim
1. A method for network resource attack detection using a client identifier, the method comprising:
- (a) receiving, at a server, the client identifier and user credentials from a device, wherein the user credentials comprise a user identifier and password;
(b) determining whether the client identifier and user credentials are authentic, wherein the device does not learn from the server which of the client identifier and user credentials are inauthentic when one or both of the client identifier and user credentials are determined to be inauthentic;
(c) when at least one of the client identifier and user credentials are inauthentic, determining whether the device is an attacker of the network resource; and
(d) performing one or both of prophylactic and remedial action in response to determining that the device is an attacker.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, systems, and techniques for network resource attack detection using a client identifier. A server receives from a device the client identifier and user credentials. The client identifier and user credentials are assessed to determine their authenticity. If one or both of the credentials and identifier are inauthentic, the device does not learn from the server which of the identifier and credentials have been found to be inauthentic. When at least one of the identifier and credentials are inauthentic, the device that sent them is assessed to determine whether it is an attacker of the network resource. If the device is determined to be an attacker, one or both of prophylactic and remedial action is taken in response.
-
Citations
20 Claims
-
1. A method for network resource attack detection using a client identifier, the method comprising:
-
(a) receiving, at a server, the client identifier and user credentials from a device, wherein the user credentials comprise a user identifier and password; (b) determining whether the client identifier and user credentials are authentic, wherein the device does not learn from the server which of the client identifier and user credentials are inauthentic when one or both of the client identifier and user credentials are determined to be inauthentic; (c) when at least one of the client identifier and user credentials are inauthentic, determining whether the device is an attacker of the network resource; and (d) performing one or both of prophylactic and remedial action in response to determining that the device is an attacker. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for network attack detection using a client identifier, the system comprising:
-
(a) ports for communication with devices comprising clients and attackers; (b) a processor communicatively coupled to the ports; and (c) a non-transitory computer readable medium communicatively coupled to the processor, the medium having computer program code stored thereon that is executable by the processor and that, when executed by the processor, causes the processor to; (i) receive the client identifier and user credentials from a device, wherein the user credentials comprise a user identifier and password; (ii) determine whether the client identifier and user credentials are authentic, wherein the device does not learn from the system which of the client identifier and user credentials are inauthentic when one or both of the client identifier and user credentials are determined to be inauthentic; (iii) when at least one of the client identifier and user credentials are inauthentic, determining whether the device is an attacker of the network resource; and (iv) performing one or both of prophylactic and remedial action in response to determining that the device is an attacker. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer readable medium having program code stored thereon that is executable by a processor comprising part of a server and that, when executed by the processor, causes the processor to:
-
(a) receive the client identifier and user credentials from a device, wherein the user credentials comprise a user identifier and password; (b) determine whether the client identifier and user credentials are authentic, wherein the device does not learn from the server which of the client identifier and user credentials are inauthentic when one or both of the client identifier and user credentials are determined to be inauthentic; (c) when at least one of the client identifier and user credentials are inauthentic, determining whether the device is an attacker of the network resource; and (d) performing one or both of prophylactic and remedial action in response to determining that the device is an attacker. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification