A credential stuffing attack monitoring method, device, system and computer storage medium

A business system and behavior technology, applied in the Internet field, can solve the problems of low ability to identify credential stuffing attacks, increase the difficulty of normal user login, and affect normal business development, so as to reduce the impact and improve the ability to identify.

Active Publication Date: 2022-05-13
CHINA MOBILE COMM GRP CO LTD
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the above-mentioned means of preventing credential stuffing attacks will increase the difficulty of login for normal users and affect the development of normal business, or the ability to identify credential stuffing attacks is not high

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A credential stuffing attack monitoring method, device, system and computer storage medium
  • A credential stuffing attack monitoring method, device, system and computer storage medium
  • A credential stuffing attack monitoring method, device, system and computer storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0107] The technical solutions of the present invention will be further described in detail below in conjunction with the drawings and specific embodiments of the description. Unless otherwise defined, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the technical field of the invention. The terms used herein in the description of the present invention are for the purpose of describing specific embodiments only, and are not intended to limit the present invention. As used herein, the term "and / or" includes any and all combinations of one or more of the associated listed items.

[0108]Credential stuffing attack is a way to obtain a series of user account information that can be logged in by collecting user names and login password information leaked from A business and generating corresponding dictionary tables, and trying to log in to B business and other businesses in batches. When hackers attack, they o...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the present invention discloses a credential stuffing attack monitoring method, including: obtaining the login information of the user's login behavior; calculating a credible stuffing attack risk value corresponding to at least one user behavior factor according to the login information of the user's login behavior; The credential stuffing attack risk value corresponding to the at least one user behavior factor determines the credential stuffing attack risk value of the user's current login behavior; according to the credential stuffing attack risk value of the user's current login behavior, locates the user The credential stuffing attack risk type of the current login behavior. The embodiment of the invention also discloses a credential stuffing attack monitoring device, system and computer storage medium.

Description

technical field [0001] The invention relates to the field of the Internet, in particular to a credential stuffing attack monitoring method, device, system and computer storage medium. Background technique [0002] As the Internet gradually penetrates into all aspects of social life, people's work and life are increasingly inseparable from the Internet. At the same time, high-frequency credential stuffing attacks, slow credential stuffing attacks and other credential stuffing attack methods put user data at risk of leakage. Faced with this situation, many Internet platforms have correspondingly increased the means of anti-crash storage attacks. For example, add graphic verification codes, SMS verification codes and other login verification methods in the user login link, add credential stuffing attack analysis equipment at the network layer, analyze based on user abnormal login behavior, and activate the set protection strategy when a credible stuffing attack is found. Cred...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40
CPCH04L63/1416H04L63/1425H04L63/0876H04L63/102
Inventor 张滨袁捷邱勤刘洪刚周建宁
Owner CHINA MOBILE COMM GRP CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products