Systems and methods for detecting and preventing spoofing
First Claim
Patent Images
1. A method, performed by at least one computer, the method comprising:
- receiving a communication from a client device different from the at least one computer;
identifying from the communication an asserted type of the client device; and
determining whether the client device is of the asserted type at least in part by;
interacting with the client device to measure an amount of time it takes the client device to perform a task, the interacting comprising;
providing a software program to the client device for execution by the client device; and
measuring an amount of time it takes the client device to execute the software program;
determining whether the measured amount of time it takes the client device to perform the task is consistent with the asserted type of the client device, the determining comprising;
comparing the measured amount of time for the client device to perform the task to a range of expected performance times for devices of the asserted type;
granting the client device access to a resource in response to determining that the client device is of the asserted type; and
denying the client device access to the resource in response to determining that the client device is not of the asserted type.
3 Assignments
0 Petitions
Accused Products
Abstract
Techniques for detecting device type spoofing. The techniques include: receiving a communication from a client device different from the at least one computer; identifying from the communication an asserted type of the client device; and verifying the asserted type of the client device at least in part by: interacting with the client device to obtain additional information about the client device, and determining whether the additional information about the client device is consistent with the asserted type of the client device.
-
Citations
20 Claims
-
1. A method, performed by at least one computer, the method comprising:
-
receiving a communication from a client device different from the at least one computer; identifying from the communication an asserted type of the client device; and determining whether the client device is of the asserted type at least in part by; interacting with the client device to measure an amount of time it takes the client device to perform a task, the interacting comprising; providing a software program to the client device for execution by the client device; and measuring an amount of time it takes the client device to execute the software program; determining whether the measured amount of time it takes the client device to perform the task is consistent with the asserted type of the client device, the determining comprising; comparing the measured amount of time for the client device to perform the task to a range of expected performance times for devices of the asserted type; granting the client device access to a resource in response to determining that the client device is of the asserted type; and denying the client device access to the resource in response to determining that the client device is not of the asserted type. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A system, comprising:
-
at least one computer; at least one non-transitory computer-readable medium storing processor-executable instructions that, when executed by the at least one computer, cause the at least one computer to perform; receiving a communication from a client device different from the at least one computer; identifying from the communication an asserted type of the client device; and determining whether the client device is of the asserted type at least in part by; interacting with the client device to measure an amount of time it takes the client device to perform a task, the interacting comprising; providing a software program to the client device for execution by the client device; and measuring an amount of time it takes the client device to execute the software program; determining whether the measured amount of time it takes the client device to perform the task is consistent with the asserted type of the client device, the determining comprising; comparing the measured amount of time for the client device to perform the task to a range of expected performance times for devices of the asserted type; granting the client device access to a resource in response to determining that the client device is of the asserted type; and denying the client device access to the resource in response to determining that the client device is not of the asserted type. - View Dependent Claims (15, 16, 17)
-
-
18. At least one non-transitory computer-readable medium storing processor-executable instructions that, when executed by at least one computer, cause the at least one computer to perform:
-
receiving a communication from a client device different from the at least one computer; identifying from the communication an asserted type of the client device; and determining whether the client device is of the asserted type at least in part by; interacting with the client device to measure an amount of time it takes the client device to perform a task, the interacting comprising; providing a software program to the client device for execution by the client device; and measuring an amount of time it takes the client device to execute the software program; determining whether the measured amount of time it takes the client device to perform the task is consistent with the asserted type of the client device, the determining comprising; comparing the measured amount of time for the client device to perform the task to a range of expected performance times for devices of the asserted type; granting the client device access to a resource in response to determining that the client device is of the asserted type; and denying the client device access to the resource in response to determining that the client device is not of the asserted type. - View Dependent Claims (19, 20)
-
Specification