AUTHENTICATION OF CLIENT DEVICES USING MODIFIED IMAGES
First Claim
Patent Images
1. A computer program for detection of phishing attacks, the computer program comprising a set of instructions operable to:
- obtain, from the user system, a first message comprising a request for a login page and first user information associated with the user system;
modify, based on the first user information, a first image to obtain a second image;
provide, to the user system in response to the first message, a second message comprising the login page and the second image;
obtain, from the user system, a third message comprising authentication credentials, second user information, and a third image, wherein the third image is a version of the second image as rendered by the user system; and
authenticate the user system based on the second user information and third user information embedded in the third image.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for detecting phishing attacks and identifying attackers are described. In embodiments, a server system may modify a template image based on user information and provide the modified image to a user system with a login page. The server system may obtain authentication credentials with an image rendered by the user system. The server system may authenticate the user system based on the authentication credentials and information included in the rendered image. Other embodiments may be described and/or claimed.
-
Citations
20 Claims
-
1. A computer program for detection of phishing attacks, the computer program comprising a set of instructions operable to:
-
obtain, from the user system, a first message comprising a request for a login page and first user information associated with the user system; modify, based on the first user information, a first image to obtain a second image; provide, to the user system in response to the first message, a second message comprising the login page and the second image; obtain, from the user system, a third message comprising authentication credentials, second user information, and a third image, wherein the third image is a version of the second image as rendered by the user system; and authenticate the user system based on the second user information and third user information embedded in the third image. - View Dependent Claims (2, 3, 4, 6, 7, 8, 9, 10, 11)
-
-
12. A computer program to authenticate a user system, the computer program comprising a set of instructions operable to:
-
provide, to a server system, a first message to request a login page, wherein the first message comprises user information associated with the user system; obtain, from the server system in response to the request message, a second message comprising the login page with a user-specific image, wherein the user-specific image is a version of a template image that is modified based on the user information, and wherein the user-specific image has a color scheme that is different and imperceptible than a color scheme of the template image; render, in an application container implemented by the user system, the login page and the user-specific image; and provide, to the server system via an interface of the login page, a third message comprising authentication credentials and a rendered image, wherein the rendered image is a version of the user-specific image as rendered in the application container. - View Dependent Claims (13, 14, 15)
-
-
16. A server system comprising:
a communications system to; obtain, from a user system, a first message to request a login page with first user information, send, to the user system in response to the request, a second message including the login page and a user-specific image, wherein the user-specific image is a modified version of a template image based on the first user information, and obtain, from the user system, a third message including authentication credentials, a rendered image, and second user information, wherein rendered image is a version of the user-specific image as rendered by the user system; and
a processor system to;generate the user-specific image by modification of the template image to include the first user information, wherein the user-specific image has a color scheme that is different and imperceptible than a color scheme of the template image, extract second user information from the third message, and extract third user information from the rendered image, and authenticate the user system based on the authentication credentials and the second and third user information.
-
17. The server system of claim 17, wherein to modify the template image, the processor system is to:
-
determine a user information number based on a numeric representation of the first user information; encrypt the user information number; and
one or both of;perform a stenographic procedure on the template image to hide the encrypted user information number in a set of pixels of the template image;
orencode the template image with the encrypted user information number during a compression operation of the template image. - View Dependent Claims (18, 19, 20)
-
Specification