首页>
外国专利>
System and method for protecting online resources against guided username guessing attacks
System and method for protecting online resources against guided username guessing attacks
展开▼
机译:保护在线资源的系统和方法,反对导游用户名猜测攻击
展开▼
页面导航
摘要
著录项
相似文献
摘要
The system receives a stream of authentication events, which are associated with authentication events. Next, the system attempts to detect a formation of authentication events, wherein a formation comprises a time window of authentication events that satisfy a formation criterion, which is based on one or more of: a username for the authentication attempt, an Internet Protocol (IP) address from which the authentication attempt originated, and a resource identifier for a computing resource that the authentication attempt was directed to. If a formation is detected, the system determines a number of valid usernames in the formation. If the number of valid usernames is one or less, the system computes a username similarity score for authentication events in the formation, which is a function of a string distance between usernames in the formation. If the username similarity score exceeds a threshold value, the system reports a potential username guessing attack.
展开▼