Systems and methods for assessing security risk

US 9,842,204 B2
Filed: 03/15/2013
Issued: 12/12/2017
Est. Priority Date: 04/01/2008
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for analyzing responses to challenge graphics, comprising:

monitoring, by a third party computer system, responses to a plurality of challenge graphics, the plurality of challenge graphics comprising a first challenge graphic requested by a first publisher computer system to determine whether to grant access to a first resource in connection with a first transaction on a first web site hosted by the first publisher computer system, the plurality of challenge graphics further comprising a second challenge graphic requested by a second publisher computer system to determine whether to grant access to a second resource in connection with a second transaction on a second web site hosted by the second publisher computer system, the second web site being different from the first web site;

associating each response with a same network address identifying at least one user computer system to which the plurality of challenge graphics are served;

measuring, by the third party computer system, at least one characteristic of the responses to identify a pattern, wherein;

the at least one characteristic relates to a duration of an event; and

the pattern relates to a number of responses for which the duration of the event is below a selected threshold; and

providing, by the third party computer system, based at least in part on the identified pattern, score information in association with the network address, the score information indicative of a level of trustworthiness of the at least one user computer system to which the plurality of challenge graphics are served.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for providing identification tests. In some embodiments, a system and a method are provided for generating and serving to a user an animated challenge graphic comprising a challenge character set whose appearance may change over time. In some embodiments, marketing content may be incorporated into a challenge message for use in an identification test. The marketing content may be accompanied by randomly selected content to increase a level of security of the identification test. In some embodiments, a challenge message for use in an identification test may be provided based on information regarding a transaction for which the identification test is administered. For example, the transaction information may include a user identifier such as an IP address. In some embodiments, identification test results may be tracked and analyzed to identify a pattern of behavior associated with a user identifier. A score indicative of a level of trustworthiness may be computed for the user identifier.

98 Citations

View as Search Results

23 Claims

1. A computer-implemented method for analyzing responses to challenge graphics, comprising:
- monitoring, by a third party computer system, responses to a plurality of challenge graphics, the plurality of challenge graphics comprising a first challenge graphic requested by a first publisher computer system to determine whether to grant access to a first resource in connection with a first transaction on a first web site hosted by the first publisher computer system, the plurality of challenge graphics further comprising a second challenge graphic requested by a second publisher computer system to determine whether to grant access to a second resource in connection with a second transaction on a second web site hosted by the second publisher computer system, the second web site being different from the first web site;
  
  associating each response with a same network address identifying at least one user computer system to which the plurality of challenge graphics are served;
  
  measuring, by the third party computer system, at least one characteristic of the responses to identify a pattern, wherein;
  
  the at least one characteristic relates to a duration of an event; and
  
  the pattern relates to a number of responses for which the duration of the event is below a selected threshold; and
  
  providing, by the third party computer system, based at least in part on the identified pattern, score information in association with the network address, the score information indicative of a level of trustworthiness of the at least one user computer system to which the plurality of challenge graphics are served.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, further comprising:
    - storing the score information in association with the network address;
      
      receiving a request for a challenge graphic;
      
      associating the request for a challenge graphic with the network address; and
      
      providing a challenge graphic based at least in part on the score information stored in association with the network address.
  - 3. The method of claim 1, wherein the at least one characteristic comprises an amount of time between delivering a challenge graphic and receiving a response to the challenge graphic.
  - 4. The method of claim 1, wherein the responses are actual responses, and wherein the score information is provided based at least in part on a difference between an actual response and a correct response.
  - 5. The method of claim 1, further comprising:
    - monitoring a rate at which requests for challenge graphics are received at the third party computer system, the requests for challenge graphics being associated with the network address.
  - 6. The method of claim 1, further comprising:
    - at the third party computer system, monitoring a time of day at which a request for a challenge graphic is received, the request for a challenge graphic being associated with the network address.
  - 7. The method of claim 1, further comprising:
    - determining, based at least in part on the responses to the plurality of challenge graphics, that the network address is associated with a bot attack; and
      
      providing an updated assessment regarding at least one of the responses to the plurality of challenge graphics, the updated assessment being different from an earlier assessment given to the at least one of the responses to the plurality of challenge graphics.
  - 8. The method of claim 1, wherein the score information is provided based at least in part on information indicative of a purpose for which at least one of the plurality of challenge graphics is requested.
  - 9. The computer-implemented method of claim 1, wherein the plurality of challenge graphics comprise at least one animated challenge graphic.

10. At least one non-transitory computer-readable medium encoded with a plurality of instructions that, when executed by at least one processor, perform a method for analyzing responses to challenge graphics, the method comprising:
- monitoring, by a third party computer system, responses to a plurality of challenge graphics, the plurality of challenge graphics comprising a first challenge graphic requested by a first publisher computer system to determine whether to grant access to a first resource in connection with a first transaction on a first web site hosted by the first publisher computer system, the plurality of challenge graphics further comprising a second challenge graphic requested by a second publisher computer system to determine whether to grant access to a second resource in connection with a second transaction on a second web site hosted by the second publisher computer system, the second web site being different from the first web site;
  
  associating each response with a same network address identifying at least one user computer system to which the plurality of challenge graphics are served;
  
  measuring, by the third party computer system, at least one characteristic of the responses to identify a pattern, wherein;
  
  the at least one characteristic relates to a duration of an event; and
  
  the pattern relates to a number of responses for which the duration of the event is below a selected threshold; and
  
  providing, by the third party computer system, based at least in part on the identified pattern, score information in association with the network address, the score information indicative of a level of trustworthiness of the at least one user computer system to which the plurality of challenge graphics are served.
- View Dependent Claims (11)
- - 11. The at least one non-transitory computer-readable medium of claim 10, wherein the plurality of challenge graphics comprise at least one animated challenge graphic.

12. A computer system for analyzing responses to challenge graphics, comprising at least one processor programmed to:
- monitor responses to a plurality of challenge graphics, the plurality of challenge graphics comprising a first challenge graphic requested by a first publisher computer system to determine whether to grant access to a first resource in connection with a first transaction on a first web site hosted by the first publisher computer system, the plurality of challenge graphics further comprising a second challenge graphic requested by a second publisher computer system to determine whether to grant access to a second resource in connection with a second transaction on a second web site hosted by the second publisher computer system, the second web site being different from the first web site;
  
  associate each response with a same network address identifying at least one user computer system to which the plurality of challenge graphics are served;
  
  measure at least one characteristic of the responses to identify a pattern, wherein;
  
  the at least one characteristic relates to a duration of an event; and
  
  the pattern relates to a number of responses for which the duration of the event is below a selected threshold; and
  
  provide, based at least in part on the identified pattern, score information in association with the network address, the score information indicative of a level of trustworthiness of the at least one user computer system to which the plurality of challenge graphics are served.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
- - 13. The computer system of claim 12, wherein the at least one processor is further programmed to:
    - store the score information in association with the network address;
      
      receive a request for a challenge graphic;
      
      associate the request for a challenge graphic with the network address; and
      
      provide a challenge graphic based at least in part on the score information stored in association with the network address.
  - 14. The computer system of claim 13, wherein the at least one processor is programmed to provide a challenge graphic at least in part by:
    - determining a difficulty category based at least in part on the score information stored in association with the network address; and
      
      selecting a challenge graphic in the difficulty category.
  - 15. The computer system of claim 13, wherein the at least one processor is further programmed to modify, based at least in part on a response to the challenge graphic, the score information stored in association with the network address.
  - 16. The computer system of claim 12, wherein the at least one characteristic comprises an amount of time between delivering a challenge graphic and receiving a response to the challenge graphic.
  - 17. The computer system of claim 12, wherein the responses are actual responses, and wherein the score information is provided based at least in part on a difference between an actual response and a correct response.
  - 18. The computer system of claim 17, wherein the actual response comprises a first character string and the correct response comprises a second character string, and wherein the at least one processor is programmed to determine a difference between the first and second character strings.
  - 19. The computer system of claim 12, wherein the at least one processor is further programmed to monitor a rate at which requests for challenge graphics are received at the computer system, the requests for challenge graphics being associated with the network address.
  - 20. The computer system of claim 12, wherein the at least one processor is further programmed to monitor a time of day at which a request for a challenge graphic is received, the request for a challenge graphic being associated with the network address.
  - 21. The computer system of claim 12, wherein the at least one processor is further programmed to:
    - determine, based at least in part on the responses to the plurality of challenge graphics, that the network address is associated with a bot attack; and
      
      provide an updated assessment regarding at least one of the responses to the plurality of challenge graphics, the updated assessment being different from an earlier assessment given to the at least one of the responses to the plurality of challenge graphics.
  - 22. The computer system of claim 12, wherein the score information is provided based at least in part on information indicative of a purpose for which at least one of the plurality of challenge graphics is requested.
  - 23. The computer system of claim 12, wherein the plurality of challenge graphics comprise at least one animated challenge graphic.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NuData Security Inc. (MasterCard Incorporated)
Original Assignee
NuData Security Inc. (MasterCard Incorporated)
Inventors
Bailey, Christopher Everett
Primary Examiner(s)
Hailu, Tadeese
Assistant Examiner(s)
Hope, Darrin

Application Number

US13/834,733
Publication Number

US 20130276125A1
Time in Patent Office

1,733 Days
Field of Search

715764, 726 25
US Class Current
CPC Class Codes

G06F 21/36   by graphic or iconic repres...

G06F 21/46   by designing passwords or c...

G06F 21/577   Assessing vulnerabilities a...

G06F 2221/2133   Verifying human interaction...

H04L 2463/144   Detection or countermeasure...

H04L 63/083   using passwords cryptograph...

H04L 63/1433   Vulnerability analysis

Systems and methods for assessing security risk

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

98 Citations

23 Claims

Specification

Use Cases

Quick Links

Others

Systems and methods for assessing security risk

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

98 Citations

23 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others