Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and device for preventing library-hit attacks

A technology with one purpose and the same purpose, applied in electrical components, transmission systems, etc., can solve problems such as misjudgment and missed judgment, and achieve the effect of improving accuracy and avoiding misjudgment.

Inactive Publication Date: 2017-04-26
HANGZHOU DPTECH TECH
View PDF5 Cites 21 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In view of this, the present application provides a method and device for protecting against credential stuffing attacks, which are used to solve the problem that related technologies may cause misjudgments when a large number of users log in concurrently in a NAT environment when protecting against credential stuffing attacks. The use of cryptographic databases for credential library attacks may cause missed judgments

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for preventing library-hit attacks
  • Method and device for preventing library-hit attacks
  • Method and device for preventing library-hit attacks

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0048] In order to enable those skilled in the art to better understand the technical solutions in the embodiments of the present invention, and to make the above-mentioned purposes, features and advantages of the embodiments of the present invention more obvious and understandable, the following describes the existing technical solutions and the present invention in conjunction with the accompanying drawings. The technical solutions in the embodiments of the invention are described in further detail.

[0049] At present, many Internet sites use a registration mechanism to manage users, and the registration mechanism is also conducive to the communication between users. When a user registers a personal account on multiple websites, for the convenience of memory, only a few sets of user accounts and passwords are often set up to be used on multiple websites. If the user account and password are leaked, the attacker may collect the leaked user account and password, generate a co...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The application provides a method and a device for preventing library-hit attacks. The method comprises the following steps: counting a number of login times and a login success rate of a same source IP address aiming at a to-be-protected target IP in a default cycle by a server; judging whether the number of login times is greater than a preset login threshold value or not; judging whether the login success rate is smaller than a preset success rate threshold value or not; and when the number of login times is greater than the preset login threshold value and the login success rate is smaller than the preset success rate threshold value, determining that the source IP address has library-heat attack behaviors, and performing protection treatment according to protection actions specified in a preset protection rule. Because the login success rate is introduced into the application to serve as a basis for judgment, and a protection rule is set for a same source IP, the problems of wrong judgment probably caused by concurrent login of a large number of users in a NAT environment in a related technology, and missed judgment probably caused by the library-hit attacks carried out by adopting a password library for a single user are solved.

Description

technical field [0001] The present application relates to the field of network security, in particular to a method and device for protecting against credential stuffing attacks. Background technique [0002] There are currently a large number of Internet sites that require user registration to use. The website adopts the registration mechanism to facilitate the management of users, and is also conducive to the communication between users. In practical applications, when a user registers a personal account on multiple websites, in order to facilitate memory, only a small number of user account numbers and passwords may be set for use on multiple websites. In this case, if user information (including user account number and password) is leaked, the attacker may collect the leaked user account number and password, generate a corresponding dictionary table, and try to log in to the target website in batches to obtain the login information of the target website. User account an...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/1416H04L61/2521H04L61/2571H04L63/1425H04L63/1441
Inventor 吴庆
Owner HANGZHOU DPTECH TECH
Features
  • Generate Ideas
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com