Patent · US Active

Methods for detecting and mitigating brute force credential stuffing attacks and devices thereof

US10931691B1 · kind B1 · utility

6Cited by

20References

20Claims

0Family size

Assignee

F5 Networks, Inc. · US

Inventors

Michael Kapelevich · Raanana, IL
Tomer Zait · Seattle, US
Maxim Zavodchik · Seattle, US
Ron Talmor · Sunnyvale, US

Key dates

Filing date	Sep 28, 2018
Grant date	Feb 23, 2021
Priority date	—
Expiry date	Jan 10, 2039

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/083
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Methods, non-transitory computer readable media, network traffic management apparatuses, and network traffic management systems that obtain a dictionary comprising a plurality of credentials and populate a probabilistic data structure based on the dictionary. A login request is received from a client and one or more credentials are extracted from the received login request. A determination of when the probabilistic data structure indicates that the extracted credentials are included in the dictionary is made. A mitigation action is initiated with respect to the client, when the determination indicates that the probabilistic data structure indicates that the extracted credentials are included in the dictionary. This technology more efficiently and effectively detects and mitigates brute force credential stuffing attacks advantageously using a reduced amount of resources.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.