METHOD FOR PREDICTING THE IDENTITY OF A USER ASSOCIATED TO AN ANONYMOUS BROWSING SESSION ON AN ONLINE SERVICE

METHOD FOR PREDICTING THE IDENTITY OF A USER ASSOCIATED TO AN ANONYMOUS BROWSING SESSION ON AN ONLINE SERVICE

The present description relates to a method of monitoring and protecting access to an online service from account take over, comprising the steps of: providing a traffic inspector (1) in signal communication with at least one client device (2) for internet browsing and with a web server (4) having a...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: PARRINELLO, Emanuele, PASTORE, Nicolò, GIANGREGORIO, Carmine
Format: Patent
Sprache:eng ; fre ; ger
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The present description relates to a method of monitoring and protecting access to an online service from account take over, comprising the steps of: providing a traffic inspector (1) in signal communication with at least one client device (2) for internet browsing and with a web server (4) having an online service residing therein; providing a traffic analyzer (5) in signal communication with the traffic inspector (1); identifying each browsing session of the client device (2) on the online service; analyzing the traffic exchanged between the client device (2) and the web server (4) to extract and identify at least one username when a user performs authentication to the online service; collecting first characteristic data concerning unique and/or non-unique technical parameters and associating them with a respective identified username; storing the first characteristic data associated with each identified username in a database (6); identifying each anonymous browsing session of the client device (2) on the online service; collecting second characteristic data concerning unique and/or non-unique technical parameters and associating them with the anonymous browsing session; comparing, by means of a user prediction algorithm (7) the first characteristic data concerning each identified username with the second characteristic data concerning the anonymous session to associate an identified username with the anonymous browsing session in case of similarity or substantial coincidence between the first characteristic data and the second characteristic data so compared; analyzing, by means of a detection algorithm (8) each anonymous browsing session associated with one or more identified usernames to enter each username associated with the anonymous browsing session in which a situation involving a risk of credential theft has been detected in a watch list; monitoring the browsing sessions at risk associated with each username in the watch list when its respective user further performs authentication to the online service.