Signal distribution score for bot detection
US-10826920-B1 · Nov 3, 2020 · US
Content delivery network (CDN)-based bot detection service with stop and reset protocols
US11848960B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11848960-B2 |
| Application number | US-202217667023-A |
| Country | US |
| Kind code | B2 |
| Filing date | Feb 8, 2022 |
| Priority date | Feb 13, 2018 |
| Publication date | Dec 19, 2023 |
| Grant date | Dec 19, 2023 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A server interacts with a bot detection service to provide bot detection as a requesting client interacts with the server. In an asynchronous mode, the server injects into a page a data collection script configured to record interactions at the requesting client, to collect sensor data about the interactions, and to send the collected sensor data to the server. After the client receives the page, the sensor data is collected and forwarded to the server through a series of posts. The server forwards the posts to the detection service. During this data collection, the server also may receive a request from the client for a protected endpoint. When this occurs, and in a synchronous mode, the server issues a query to the detection service to obtain a threat score based in part on the collected sensor data that has been received and forwarded by the server. Based on the threat score returned, the server then determines whether the request for the endpoint should be forwarded onward for handling.
First claim
Opening claim text (preview).
What is claimed is as follows: 1. A method of bot detection in association with an overlay network having a server, comprising: at a bot detection service: receiving sensor data from the server continuously in a series of posts, the sensor data having been generated at a requesting client as a result of the server having provided the requesting client a page including a reference to a protected endpoint, the page having a reference to a data collection script, the script having been configured to record one or more interactions at the requesting client, to collect the sensor data about the interactions, and to send the sensor data back to the server; providing the server a first indication that the bot detection service has received sufficient data to make a determination that the requesting client is not a bot and that the requesting client should be notified to cease providing one or more additional posts of collected sensor data; thereafter, receiving a query from the server to obtain a threat score associated with the requesting client, the query having been generated by the server upon intercepting a request for the protected endpoint; and providing the server a second indication that the requesting client is to be instructed by the server to resume collection and forwarding of the collected sensor data. 2. The method as described in claim 1 wherein the bot detection service receives the collected sensor data via one or more JSON-formatted POST requests. 3. The method as described in claim 2 wherein a particular JSON-formatted POST request is associated with a behavioral action occurring locally at the requesting client. 4. The method as described in claim 1 wherein the bot detection service receives the collected sensor data via an Application Programming Interface (API). 5. The method as described in claim 1 wherein the page is associated with an overlay network customer workflow that involves collection of sensitive data. 6. The method as described in claim 5 wherein the customer workflow is one of: a checkout, a search and a login. 7. The method as described in claim 1 wherein the first indication is provided while the requesting client continues to interact with the page. 8. An apparatus configured as a bot detection service associated with an overlay network, the overlay network having a server, comprising: a hardware processor; and computer memory holding computer program instructions executed by the hardware processor to perform bot detection, the computer program instruction comprising program code configured to: receive sensor data from the server continuously in a series of posts, the sensor data having been generated at a requesting client as a result of the server having provided the requesting client a page including a reference to a protected endpoint, the page having a reference to a data collection script, the script having been configured to record one or more interactions at the requesting client, to collect the sensor data about the interactions, and to send the sensor data back to the server; provide the server a first indication that the bot detection service has received sufficient data to make a determination that the requesting client is not a bot and that the requesting client should be notified to cease providing one or more additional posts of collected sensor data; thereafter, receive a query from the server to obtain a threat score associated with the requesting client, the query having been generated by the server upon intercepting a request for the protected endpoint; and provide the server a second indication that the requesting client is to be instructed by the server to resume collection and forwarding of the collected sensor data. 9. The apparatus as described in claim 8 wherein the bot detection service receives the collected sensor data via one or more JSON-formatted POST requests. 10. The apparatus as described in claim 9 wherein a particular JSON-formatted POST request is associated with a behavioral action occurring locally at the requesting client. 11. The apparatus as described in claim 8 wherein the bot detection service receives the collected sensor data via an Application Programming Interface (API). 12. The apparatus as described in claim 8 wherein the page is associated with an overlay network customer workflow that involves collection of sensitive data. 13. The apparatus as described in claim 12 wherein the customer workflow is one of: a checkout, a search and a login. 14. The apparatus as described in claim 8 wherein the first indication is provided while the requesting client continues to interact with the page.
Assignees
Inventors
Classifications
- H04L63/1466Primary
Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks · CPC title
Event detection, e.g. attack signature detection · CPC title
Traffic logging, e.g. anomaly detection · CPC title
Detection or countermeasures against botnets · CPC title
by monitoring network traffic (monitoring network traffic per se H04L43/00) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11848960B2 cover?
- A server interacts with a bot detection service to provide bot detection as a requesting client interacts with the server. In an asynchronous mode, the server injects into a page a data collection script configured to record interactions at the requesting client, to collect sensor data about the interactions, and to send the collected sensor data to the server. After the client receives the pag…
- Who is the assignee on this patent?
- Akamai Tech Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/1466. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Dec 19 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).