Validating active computer terminal sessions

US 8,056,129 B2
Filed: 04/19/2007
Issued: 11/08/2011
Est. Priority Date: 04/19/2007
Status: Expired due to Fees

First Claim

Patent Images

1. A system for validating an active terminal session, comprising:

a processing device in communication with an idle session timer, an authorized terminal device, computer readable memory and a computer readable storage media;

first instructions to analyze non-idle keystroke input from an authorized terminal device and ascertain human-like behavior as a function of a timing characteristic of the keystroke input during an open active terminal session;

second instructions to determine whether the terminal device input is likely from a human user or from an automaton in response to the timing characteristic; and

third instructions to;

terminate the session, generate a time-out warning to the user or present a challenge to the user in response to a determination that the terminal device input is likely from an automaton;

manipulate the idle session timer in response to a determination that the terminal device input is likely from a human user or to the user passing the challenge;

orterminate the session in response to the user failing the challenge;

wherein the timing characteristic is at least one of a maximum generation rate, a burstiness indicated by keystroke intensity over a given time period, and a predictable keystroke sequence delay between certain keystrokes in a specified sequence due to an ease or a difficulty of finger manipulations required to generate the specific sequence through a known input element; and

wherein the first, second and third program instructions are stored on the computer readable storage media for execution by the processing device via the computer readable memory.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems, methods and program codes are provided wherein an analyzer analyzes input from a terminal device; ascertains human-like behavior; and terminates an active session, generates a time-out warning, manipulates an idle session timer or presents a challenge in response to a humanness likelihood determination or to a challenge result. In one aspect a keystroke analyzer and a command sequence analyzer determine whether the terminal device input is likely from a human user or from an automaton. In another aspect a Completely Automated Public Turing Test to tell Computers and Humans Apart challenge is presented. Timing characteristics include maximum generation rate, burstiness, and keystroke sequence delays, and command characteristics include a no-action-required characteristic and a query characteristic. A command sequence analyzer may have an affinity for a command line interface. Weighting algorithms or artificial intelligence routines may be applied to humanness likelihood outputs.

23 Citations

View as Search Results

20 Claims

1. A system for validating an active terminal session, comprising:
- a processing device in communication with an idle session timer, an authorized terminal device, computer readable memory and a computer readable storage media;
  
  first instructions to analyze non-idle keystroke input from an authorized terminal device and ascertain human-like behavior as a function of a timing characteristic of the keystroke input during an open active terminal session;
  
  second instructions to determine whether the terminal device input is likely from a human user or from an automaton in response to the timing characteristic; and
  
  third instructions to;
  
  terminate the session, generate a time-out warning to the user or present a challenge to the user in response to a determination that the terminal device input is likely from an automaton;
  
  manipulate the idle session timer in response to a determination that the terminal device input is likely from a human user or to the user passing the challenge;
  
  orterminate the session in response to the user failing the challenge;
  
  wherein the timing characteristic is at least one of a maximum generation rate, a burstiness indicated by keystroke intensity over a given time period, and a predictable keystroke sequence delay between certain keystrokes in a specified sequence due to an ease or a difficulty of finger manipulations required to generate the specific sequence through a known input element; and
  
  wherein the first, second and third program instructions are stored on the computer readable storage media for execution by the processing device via the computer readable memory.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The system of claim 1 wherein the first instructions are further to:
    - generate a keystroke humanness likelihood output in response to the timing characteristic; and
      
      wherein the second instructions are further to determine whether the terminal device input is likely from a human user or from an automaton as a function of the keystroke humanness likelihood output.
  - 3. The system of claim 2 wherein the challenge is a Completely Automated Public Turing Test to tell Computers and Humans Apart challenge.
  - 4. The system of claim 2 wherein the first instructions are further to parse a command pattern of the terminal device keystroke input for a command characteristic determinative of whether the keystroke input changes a state of a host computer in communication with the terminal device, and to responsively generate a command humanness likelihood output;
    - andwherein the second instructions are to determine whether the terminal device input is likely from the human user or from the automaton as a function of the keystroke humanness likelihood output and the command humanness likelihood output by applying a weighting algorithm or an artificial intelligence routine.
  - 5. The system of claim 4 wherein the third instructions are further to interrupt a user session and present the user with a URL showing where the challenge is being presented.
  - 6. The system of claim 4 wherein the first instructions are further to parse the command pattern for the command characteristic through an affinity for a command line interface of a platform of the host computer;
    - andwherein the command characteristic is at least one of a no-action-required characteristic indicated by the parsed command pattern comprising a plurality of enter key keystrokes that are not associated with a meaningful input, and a query characteristic indicated by the parsed command pattern comprising a sequence of query commands that each query for a response from the host computer but do not change the state of the host computer.

7. A method for validating an active terminal session, comprising:
- ascertaining a human-like behavior likelihood of non-idle keystroke input from an authorized terminal device via a processing device during an open active terminal session by a user by analyzing the keystroke input for a timing characteristic and generating a keystroke humanness likelihood output in response to the timing characteristic;
  
  determining whether the terminal device input is likely from a human user or from an automaton as a function of the keystroke humanness likelihood output;
  
  terminating the session, generating a time-out warning to the user or presenting a challenge to the user in response to determining that the input is likely from an automaton;
  
  manipulating an idle session timer in response to determining that the input is likely from a human user or to the user passing the challenge;
  
  terminating the session in response to the user failing the challenge; and
  
  wherein the timing characteristic is at least one of a maximum generation rate, a burstiness indicated by keystroke intensity over a given time period, and a predictable keystroke sequence delay between certain keystrokes in a specified sequence due to an ease or a difficulty of finger manipulations required to generate the specific sequence through a known input element.
- View Dependent Claims (8, 9, 10)
- - 8. The method of claim 7 wherein the step of presenting a challenge comprises presenting a Completely Automated Public Turing Test to tell Computers and Humans Apart to the terminal user.
  - 9. The method of claim 7 wherein the ascertaining the human-like behavior likelihood of the keystroke input further comprises parsing a command pattern of the keystroke input for a command characteristic determinative of whether the keystroke input changes a state of a host computer in communication with the terminal device, and generating a command likelihood output in response to the command characteristic;
    - wherein the step of determining whether the terminal device input is likely from the human user or from the automaton is a function of applying a weighting algorithm or applying an artificial intelligence routine to the keystroke humanness likelihood output and the command likelihood output; and
      
      wherein the command characteristic is at least one of;
      
      a no-action-required characteristic indicated by the parsed command pattern comprising a plurality of enter key keystrokes that are not associated with a meaningful input; and
      
      a query characteristic indicated by the parsed command pattern comprising a sequence of query commands that each query for a response from the host computer but do not change the state of the host computer.
  - 10. The method of claim 9 wherein the parsing the command pattern for the command characteristic is through an affinity for a command line interface of a platform of the host computer.

11. A computer-readable storage device storing executable program code instructions, the executable program code instructions comprising:
- first instructions to ascertain a human-like behavior likelihood of non-idle input from an authorized terminal device during an open active terminal session and responsively generate a keystroke humanness likelihood output as a function of a timing characteristic of the keystroke input;
  
  second instructions to determine whether the terminal device input is likely from a human user or from an automaton as a function of the keystroke humanness likelihood output; and
  
  third program instructions to;
  
  terminate the session, generate a time-out warning to the user or present a challenge to the user in response to determining that the input is likely from an automaton;
  
  manipulate an idle session timer in response to determining that the input is likely from a human user or to the user passing the challenge; and
  
  terminate the session in response to the user failing the challenge;
  
  wherein the timing characteristic is at least one of a maximum generation rate, a burstiness indicated by keystroke intensity over a given time period, and a predictable keystroke sequence delay between certain keystrokes in a specified sequence due to an ease or a difficulty of finger manipulations required to generate the specific sequence through a known input element.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The computer-readable storage device of claim 11 wherein the third instructions are to present a Completely Automated Public Turing Test to tell Computers and Humans Apart as the challenge.
  - 13. The computer-readable storage device of claim 11 wherein the first instructions are further to ascertain the human-like behavior likelihood of the keystroke input by parsing a command pattern of the keystroke input for a command characteristic determinative of whether the keystroke input changes a state of a host computer in communication with the terminal device, and generating a command likelihood output in response to the command characteristic;
    - andwherein the second instructions are further to determine whether the terminal device input is likely from the human user or from the automaton as a function of applying a weighting algorithm or applying an artificial intelligence routine to the keystroke humanness likelihood output and the command likelihood output.
  - 14. The computer-readable storage device of claim 13 wherein the first instructions are further to parse the command pattern for the command characteristic through an affinity for a command line interface of a platform of the host computer.
  - 15. The computer-readable storage device of claim 14 wherein the command characteristic is at least one of:
    - a no-action-required characteristic indicated by the parsed command pattern comprising a plurality of enter key keystrokes that are not associated with a meaningful input; and
      
      a query characteristic indicated by the parsed command pattern comprising a sequence of query commands that each query for a response from the host computer but do not change the state of the host computer.

16. A service for validating an active terminal session, the service comprising:
- providing a computer infrastructure that;
  
  ascertains a human-like behavior likelihood of non-idle input from an authorized terminal device during an open active terminal session and responsively generates a keystroke humanness likelihood output as a function of a timing characteristic of the keystroke input;
  
  determines whether the terminal device input is likely from a human user or from an automaton as a function of the keystroke humanness likelihood output; and
  
  terminates the session, generates a time-out warning to the user or presents a challenge to the user in response to determining that the input is likely from an automaton;
  
  manipulates an idle session timer in response to determining that the input is likely from a human user or to the user passing the challenge;
  
  terminates the session in response to the user failing the challenge; and
  
  wherein the timing characteristic is at least one of a maximum generation rate, a burstiness indicated by keystroke intensity over a given time period, and a predictable keystroke sequence delay between certain keystrokes in a specified sequence due to an ease or a difficulty of finger manipulations required to generate the specific sequence through a known input element.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The service of claim 16 wherein the presented challenge is a Completely Automated Public Turing Test to tell Computers and Humans Apart.
  - 18. The service of claim 16 wherein the computer infrastructure further:
    - ascertains the human-like behavior likelihood of the keystroke input by parsing a command pattern of the keystroke input for a command characteristic determinative of whether the keystroke input changes a state of a host computer in communication with the terminal device;
      
      generates a command likelihood output in response to the command characteristic; and
      
      determines whether the terminal device input is likely from the human user or from the automaton as a function of applying a weighting algorithm or applying an artificial intelligence routine to the keystroke humanness likelihood output and the command likelihood output.
  - 19. The service of claim 18 wherein the computer infrastructure parses the command pattern for the command characteristic through an affinity for a command line interface of a platform of the host computer.
  - 20. The service of claim 19 wherein the command characteristic is at least one of:
    - a no-action-required characteristic indicated by the parsed command pattern comprising a plurality of enter key keystrokes that are not associated with a meaningful input; and
      
      a query characteristic indicated by the parsed command pattern comprising a sequence of query commands that each query for a response from the host computer but do not change the state of the host computer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Hamilton, Rick A. II, O'Connell, Brian M., Walker, Keith R., Gusler, Carl P.
Primary Examiner(s)
Srivastava; Vivek
Assistant Examiner(s)
Woldemariam; Nega

Application Number

US11/737,452
Publication Number

US 20080263636A1
Time in Patent Office

1,664 Days
Field of Search

726/9, 726/26, 726/27, 726/28, 726/29, 726/22, 713/224, 713/201, 713/212, 713/213, 713/220, 713/223, 380/200, 380/201, 380/202, 380/203, 380/277, 709/204, 709/201, 709/220, 709/227
US Class Current

726/22
CPC Class Codes

G06F 21/316   by observing the pattern of...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2103   Challenge-response

H04L 63/083   using passwords cryptograph...

H04L 63/1466   Active attacks involving in...

Validating active computer terminal sessions

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

23 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Validating active computer terminal sessions

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

23 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links