公开(公告)号：US20210160277A1

公开(公告)日：2021-05-27

申请号：US16696588

申请日：2019-11-26

Applicant: SAP SE

Inventor： Cedric Hebert ,  Andrea Palmieri ,  Merve Sahin ,  Anderson Santana de Oliveira

IPC: H04L29/06

Abstract: Systems, methods, and computer media for securing software applications are provided herein. The multi-factor fingerprints allow attackers to be distinguished from authorized users and allow different types of attacks to be distinguished. The multi-factor fingerprint can include, for example, a session identifier component, a software information component, and a hardware information component. The different components can be separately compared to components of stored fingerprints to determine whether an application session request is malicious, and if so, what type of attack, such as session cookie theft or a spoofing attack, is occurring.

公开(公告)号：US11539742B2

公开(公告)日：2022-12-27

申请号：US16696588

申请日：2019-11-26

Applicant: SAP SE

Inventor： Cedric Hebert ,  Andrea Palmieri ,  Merve Sahin ,  Anderson Santana de Oliveira

IPC: H04L29/06 ,  H04L9/40

Abstract: Systems, methods, and computer media for securing software applications are provided herein. The multi-factor fingerprints allow attackers to be distinguished from authorized users and allow different types of attacks to be distinguished. The multi-factor fingerprint can include, for example, a session identifier component, a software information component, and a hardware information component. The different components can be separately compared to components of stored fingerprints to determine whether an application session request is malicious, and if so, what type of attack, such as session cookie theft or a spoofing attack, is occurring.