Method, device, and system of protecting a log-in process of a computerized service
First Claim
1. A method comprising:
- determining whether a user, who utilizes a computing device to interact with a computerized service, is either an authorized user or an attacker;
wherein the determining comprises;
modifying a log-in screen of the computerized service to cause said log-in screen to exhibit a temporary input/output interference that causes an anomaly between (A) input gestures that the user performs via an input unit of said computing device, and (B) output that is displayed on a display unit of said computing device;
tracking user interactions via said input unit in response to said temporary input/output interference at the log-in screen;
if said tracking of user interactions indicates that said user performed a manual correction operation to correct said anomaly, then determining that said user is an authorized user;
if said tracking of user interactions indicates that said user did not perform manual correction operations that adequately correct said anomaly, then determining that said user is an attacker.
6 Assignments
0 Petitions
Accused Products
Abstract
Devices, systems, and methods of detecting user identity, differentiating between users of a computerized service, and detecting a cyber-attacker. An end-user device (a desktop computer, a laptop computer, a smartphone, a tablet, or the like) interacts and communicates with a server of a computerized server (a banking website, an electronic commerce website, or the like). The interactions are monitored, tracked and logged. User Interface (UI) interferences or irregularities are intentionally introduced to the communication session; and the server tracks the response or the reaction of the end-user to such communication interferences. The system determines whether the user is a legitimate human user, or a cyber-attacker or automated script posing as the legitimate human user. The system further detects click-fraud, and prevents or mitigates Application Distributed Denial-of-Service attacks.
35 Citations
15 Claims
-
1. A method comprising:
-
determining whether a user, who utilizes a computing device to interact with a computerized service, is either an authorized user or an attacker;
wherein the determining comprises;modifying a log-in screen of the computerized service to cause said log-in screen to exhibit a temporary input/output interference that causes an anomaly between (A) input gestures that the user performs via an input unit of said computing device, and (B) output that is displayed on a display unit of said computing device; tracking user interactions via said input unit in response to said temporary input/output interference at the log-in screen; if said tracking of user interactions indicates that said user performed a manual correction operation to correct said anomaly, then determining that said user is an authorized user; if said tracking of user interactions indicates that said user did not perform manual correction operations that adequately correct said anomaly, then determining that said user is an attacker. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
Specification