Systems and methods to detect and prevent bots from random access by randomized HTTP URLs in real time in distributed systems
US11956219B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Jun 24, 2021 |
| Grant date | Apr 9, 2024 |
| Priority date | — |
| Expiry date | Sep 4, 2041 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L67/14
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Described embodiments provide systems and methods for preventing unauthorized access of information from a resource. A device intermediary between a client and a server in a session can receive a first request from the client that includes a first uniform resource locator (URL) of the server. The device may receive a response from the server that includes a second URL. The device may update the response by including a client identifier for the session in a set-cookie field, obfuscating the second URL into a string, and replacing the second URL in the response with the string. The device may receive a second request that includes a candidate client identifier, and a third URL. The device may determine whether the second request is valid, by at least one of: matching the candidate client identifier with the client identifier, and determining whether the second URL is recoverable using the third URL.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.