Detection of automated requests using session identifiers
US10931686B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Feb 1, 2018 |
| Grant date | Feb 23, 2021 |
| Priority date | — |
| Expiry date | Oct 14, 2038 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L67/146
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A method to facilitate detection of automated attacks on a web service is disclosed. Some embodiments of the method can include binding a session identifier to a user session with the web service. The method can further include receiving a plurality of web requests during the user session that include the session identifier. The plurality of web requests can then be processed with a set of automation detection heuristics to identify session attributes associated with the session identifier during the user session. The method can further include detecting that the session identifier is associated with an automated attack when at least one of the session attributes associated with the session identifier exceeds a threshold amount.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.