公开(公告)号：US20140259145A1

公开(公告)日：2014-09-11

申请号：US13955428

申请日：2013-07-31

Applicant: Barracuda Networks, Inc.

Inventor： Neeraj Khandelwal ,  Chandra Sekar Inguva Venkata ,  Anirudha Kamatgi ,  Chandradip Bhattacharya

IPC: H04L29/06

CPC classification number: H04L63/1458 ,  G06F21/31 ,  G06F2221/2133 ,  H04L63/0227

Abstract: An apparatus discerns clients by the requests made to a web application server through a web application firewall, which injects client side code into the responses with a randomized challenge that needs a unique answer to be returned in the cookie. The client side code generates cookies, which identify a browser to the web application server, or the web application firewall in subsequent requests if made by a normally configured browser and a fail threshold is checked for subsequent requests originating from such a browser. Each browser is thus fingerprinted and if the expected answer failures exceed a threshold, the client is marked as suspicious and a subsequent Turing test is enforced to these suspicious clients, failing which, a subsequent defined action is taken.

Abstract translation: 一种设备通过Web应用程序防火墙向Web应用程序服务器发出的请求来识别客户端，Web应用程序防火墙将客户端代码注入到需要在cookie中返回的唯一答案的随机挑战中。 如果通过正常配置的浏览器进行的客户端代码生成Cookie，以识别Web应用程序服务器的浏览器或后续请求中的Web应用程序防火墙，并检查从这样的浏览器发出的后续请求的失败阈值。 因此，每个浏览器都是指纹的，如果预期的答案失败超过阈值，则客户端被标记为可疑，并且对这些可疑客户端执行后续的图灵测试，否则，将采取后续定义的动作。