SYSTEMS AND METHODS FOR AUTOMATICALLY IDENTIFYING AND REMOVING WEAK STIMULI USED IN STIMULUS-BASED AUTHENTICATION
First Claim
1. An authentication system, comprising:
- a memory, the memory configured to store a plurality of stimuli, a first count associated with each stimulus of the stimuli, and a second count associated with each stimulus;
a network interface component configured to transmit at least one of the stimuli and receive events associated with each transmitted stimulus; and
one or more processors coupled to the memory and the network interface component, the one or more processors configured to;
increment the first count when a first event occurs and increment the second count when a second event occurs;
determine a ratio of the second count to the first count;
compare the ratio to a threshold; and
determine an output action when the ratio is greater than the threshold.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for identifying a weak stimulus in a stimulus-based authentication system is provided. Counters are associated with each stimulus used in the authentication and a first counter is incremented when the stimulus is used in an authentication session and a second counter is incremented when a successful event occurs with respect to the stimulus during the authentication session, but the authentication session ultimately fails. A ratio of the second counter and the first counter is compared to a threshold and the stimulus is identified as weak when the ratio exceeds the threshold. The stimulus may then be removed and no longer be used in the stimulus-based authentication system.
61 Citations
20 Claims
-
1. An authentication system, comprising:
-
a memory, the memory configured to store a plurality of stimuli, a first count associated with each stimulus of the stimuli, and a second count associated with each stimulus; a network interface component configured to transmit at least one of the stimuli and receive events associated with each transmitted stimulus; and one or more processors coupled to the memory and the network interface component, the one or more processors configured to; increment the first count when a first event occurs and increment the second count when a second event occurs; determine a ratio of the second count to the first count; compare the ratio to a threshold; and determine an output action when the ratio is greater than the threshold. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for identifying a weak stimulus used in a stimulus-based authentication, comprising:
-
transmitting, by a network interface component of at least one server, at least one stimulus from a stimulus database during a stimulus-based authentication session; increasing, by one or more processors of the at least one server, a first count associated with the transmitted stimulus; increasing, by the one or more processors, a second count associated with the transmitted stimulus if the transmitted stimulus is successfully selected during an authentication round of the authentication session and the authentication session fails; determining, by the one or more processors, a ratio of the second count to the first count; and indicating, by the one or more processors, that the stimulus is vulnerable when the determined ratio exceeds a threshold. - View Dependent Claims (10, 11, 12)
-
-
13. A tangible, non-transitory computer-readable medium including instructions that, when executed by one or more processors of an authentication system, cause the authentication system to perform a method comprising:
-
transmitting at least one stimulus from a stimulus database in response to an authentication request; receiving at least one event related to the transmitted at least one stimulus; incrementing a first count associated with the transmitted at least one stimulus when a first event related to the transmitted at least one stimulus occurs; incrementing a second count associated with the transmitted at least one stimulus when a second event related to the transmitted at least one stimulus occurs; determining a ratio of the second count to the first count; comparing the ratio to a threshold; and determining an output action when the ratio is greater than the threshold. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
Specification