Validating active computer terminal sessions
First Claim
1. A system for validating an active terminal session, comprising:
- a processing device in communication with an idle session timer, an authorized terminal device, computer readable memory and a computer readable storage media;
first instructions to analyze non-idle keystroke input from an authorized terminal device and ascertain human-like behavior as a function of a timing characteristic of the keystroke input during an open active terminal session;
second instructions to determine whether the terminal device input is likely from a human user or from an automaton in response to the timing characteristic; and
third instructions to;
terminate the session, generate a time-out warning to the user or present a challenge to the user in response to a determination that the terminal device input is likely from an automaton;
manipulate the idle session timer in response to a determination that the terminal device input is likely from a human user or to the user passing the challenge;
orterminate the session in response to the user failing the challenge;
wherein the timing characteristic is at least one of a maximum generation rate, a burstiness indicated by keystroke intensity over a given time period, and a predictable keystroke sequence delay between certain keystrokes in a specified sequence due to an ease or a difficulty of finger manipulations required to generate the specific sequence through a known input element; and
wherein the first, second and third program instructions are stored on the computer readable storage media for execution by the processing device via the computer readable memory.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems, methods and program codes are provided wherein an analyzer analyzes input from a terminal device; ascertains human-like behavior; and terminates an active session, generates a time-out warning, manipulates an idle session timer or presents a challenge in response to a humanness likelihood determination or to a challenge result. In one aspect a keystroke analyzer and a command sequence analyzer determine whether the terminal device input is likely from a human user or from an automaton. In another aspect a Completely Automated Public Turing Test to tell Computers and Humans Apart challenge is presented. Timing characteristics include maximum generation rate, burstiness, and keystroke sequence delays, and command characteristics include a no-action-required characteristic and a query characteristic. A command sequence analyzer may have an affinity for a command line interface. Weighting algorithms or artificial intelligence routines may be applied to humanness likelihood outputs.
23 Citations
20 Claims
-
1. A system for validating an active terminal session, comprising:
-
a processing device in communication with an idle session timer, an authorized terminal device, computer readable memory and a computer readable storage media; first instructions to analyze non-idle keystroke input from an authorized terminal device and ascertain human-like behavior as a function of a timing characteristic of the keystroke input during an open active terminal session; second instructions to determine whether the terminal device input is likely from a human user or from an automaton in response to the timing characteristic; and third instructions to; terminate the session, generate a time-out warning to the user or present a challenge to the user in response to a determination that the terminal device input is likely from an automaton; manipulate the idle session timer in response to a determination that the terminal device input is likely from a human user or to the user passing the challenge;
orterminate the session in response to the user failing the challenge; wherein the timing characteristic is at least one of a maximum generation rate, a burstiness indicated by keystroke intensity over a given time period, and a predictable keystroke sequence delay between certain keystrokes in a specified sequence due to an ease or a difficulty of finger manipulations required to generate the specific sequence through a known input element; and wherein the first, second and third program instructions are stored on the computer readable storage media for execution by the processing device via the computer readable memory. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for validating an active terminal session, comprising:
-
ascertaining a human-like behavior likelihood of non-idle keystroke input from an authorized terminal device via a processing device during an open active terminal session by a user by analyzing the keystroke input for a timing characteristic and generating a keystroke humanness likelihood output in response to the timing characteristic; determining whether the terminal device input is likely from a human user or from an automaton as a function of the keystroke humanness likelihood output; terminating the session, generating a time-out warning to the user or presenting a challenge to the user in response to determining that the input is likely from an automaton; manipulating an idle session timer in response to determining that the input is likely from a human user or to the user passing the challenge; terminating the session in response to the user failing the challenge; and wherein the timing characteristic is at least one of a maximum generation rate, a burstiness indicated by keystroke intensity over a given time period, and a predictable keystroke sequence delay between certain keystrokes in a specified sequence due to an ease or a difficulty of finger manipulations required to generate the specific sequence through a known input element. - View Dependent Claims (8, 9, 10)
-
-
11. A computer-readable storage device storing executable program code instructions, the executable program code instructions comprising:
-
first instructions to ascertain a human-like behavior likelihood of non-idle input from an authorized terminal device during an open active terminal session and responsively generate a keystroke humanness likelihood output as a function of a timing characteristic of the keystroke input; second instructions to determine whether the terminal device input is likely from a human user or from an automaton as a function of the keystroke humanness likelihood output; and third program instructions to; terminate the session, generate a time-out warning to the user or present a challenge to the user in response to determining that the input is likely from an automaton; manipulate an idle session timer in response to determining that the input is likely from a human user or to the user passing the challenge; and terminate the session in response to the user failing the challenge; wherein the timing characteristic is at least one of a maximum generation rate, a burstiness indicated by keystroke intensity over a given time period, and a predictable keystroke sequence delay between certain keystrokes in a specified sequence due to an ease or a difficulty of finger manipulations required to generate the specific sequence through a known input element. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A service for validating an active terminal session, the service comprising:
-
providing a computer infrastructure that; ascertains a human-like behavior likelihood of non-idle input from an authorized terminal device during an open active terminal session and responsively generates a keystroke humanness likelihood output as a function of a timing characteristic of the keystroke input; determines whether the terminal device input is likely from a human user or from an automaton as a function of the keystroke humanness likelihood output; and terminates the session, generates a time-out warning to the user or presents a challenge to the user in response to determining that the input is likely from an automaton; manipulates an idle session timer in response to determining that the input is likely from a human user or to the user passing the challenge; terminates the session in response to the user failing the challenge; and wherein the timing characteristic is at least one of a maximum generation rate, a burstiness indicated by keystroke intensity over a given time period, and a predictable keystroke sequence delay between certain keystrokes in a specified sequence due to an ease or a difficulty of finger manipulations required to generate the specific sequence through a known input element. - View Dependent Claims (17, 18, 19, 20)
-
Specification