Patents by Inventor David Senecal
David Senecal has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240056479Abstract: This disclosure describes a technique to fingerprint TLS connection information to facilitate bot detection. The notion is referred to herein as “TLS fingerprinting.” Preferably, TLS fingerprinting herein comprises combining different parameters from the initial “Hello” packet send by the client. In one embodiment, the different parameters from the Hello packet that are to create the fingerprint (the “TLS signature”) are: record layer version, client version, ordered TLS extensions, ordered cipher list, ordered elliptic curve list, and ordered signature algorithms list. Preferably, the edge server persists the TLS signature for the duration of a session.Type: ApplicationFiled: October 24, 2023Publication date: February 15, 2024Applicant: Akamai Technologies, Inc.Inventors: David Senecal, Andrew Kahn, Ory Segal, Elad Shuster, Duc Nguyen
-
Publication number: 20240039912Abstract: A method of authenticating a user device in providing access to a computer resource, the method includes: extracting a plurality of device fingerprint records from an access log, each of the device fingerprint records associated with an unauthorized access of a computer resource; from each of the plurality of device fingerprint records, extracting a digital signature, each of the digital signatures comprising a plurality of session characteristics; determining, by a processing device from the digital signatures, a root signature pattern, the root signature pattern comprising a combination of values of one or more of the plurality of session characteristics; and identify a subsequent access request for the computer resource as an unauthorized access based on a comparison of a device fingerprint associated with the subsequent access request and the root signature pattern.Type: ApplicationFiled: July 7, 2023Publication date: February 1, 2024Inventors: David Senecal, Luke Stork
-
Patent number: 11848960Abstract: A server interacts with a bot detection service to provide bot detection as a requesting client interacts with the server. In an asynchronous mode, the server injects into a page a data collection script configured to record interactions at the requesting client, to collect sensor data about the interactions, and to send the collected sensor data to the server. After the client receives the page, the sensor data is collected and forwarded to the server through a series of posts. The server forwards the posts to the detection service. During this data collection, the server also may receive a request from the client for a protected endpoint. When this occurs, and in a synchronous mode, the server issues a query to the detection service to obtain a threat score based in part on the collected sensor data that has been received and forwarded by the server. Based on the threat score returned, the server then determines whether the request for the endpoint should be forwarded onward for handling.Type: GrantFiled: February 8, 2022Date of Patent: December 19, 2023Assignee: Akamai Technologies, Inc.Inventors: David Senecal, Prajakta Bhurke, Tu Vuong
-
Patent number: 11818149Abstract: A server interacts with a bot detection service to provide bot detection as a requesting client interacts with the server. In an asynchronous mode, the server injects into a page a data collection script configured to record interactions at the requesting client, to collect sensor data about the interactions, and to send the collected sensor data to the server. After the client receives the page, the sensor data is collected and forwarded to the server through a series of posts. The server forwards the posts to the detection service. During this data collection, the server also may receive a request from the client for a protected endpoint. When this occurs, and in a synchronous mode, the server issues a query to the detection service to obtain a threat score based in part on the collected sensor data that has been received and forwarded by the server. Based on the threat score returned, the server then determines whether the request for the endpoint should be forwarded onward for handling.Type: GrantFiled: June 28, 2022Date of Patent: November 14, 2023Assignee: Akamai Technologies, Inc.Inventors: David Senecal, Prajakta Bhurke, Tu Vuong
-
Patent number: 11799908Abstract: A method of bot detection in a computer network leverages a machine learning system. The machine learning system receives a fingerprint derived at a server, the server having extracted a set of transport layer security parameters received from a client and processed the set parameters into the fingerprint. Based at least in part on the fingerprint, the learning system determines whether the client is likely to be a bot as opposed to a human user. The system generates and returns to the server as score having a first value when the fingerprint is determined to be associated with a good client, and having a second value when the fingerprint is determined to be associated with a bot. Based on the score received from the machine learning system, the server takes a configured action with respect to the client.Type: GrantFiled: November 23, 2021Date of Patent: October 24, 2023Assignee: Akamai Technologies, Inc.Inventors: David Senecal, Andrew Kahn, Ory Segal, Elad Shuster, Duc Nguyen
-
Patent number: 11539697Abstract: A method of determining whether to provide user access to a computer resource may comprise receiving a request for the computer resource from a user device; obtaining, from the user device, an encrypted persistent cookie responsive to determining that the encrypted persistent cookie is present on the user device, wherein the encrypted persistent cookie comprises a fingerprint signature field comprising a previous device fingerprint encoded into the fingerprint signature field as part of a previous session; obtaining, from the user device, an obtained device fingerprint of the user device; comparing the obtained device fingerprint with the previous device fingerprint of the fingerprint signature field to derive a fingerprint variance representing a difference between the obtained device fingerprint and the previous device fingerprint of the fingerprint signature field; and processing the request for the computer resource based on the fingerprint variance.Type: GrantFiled: February 18, 2022Date of Patent: December 27, 2022Assignee: ARKOSE LABS HOLDINGS, INC.Inventor: David Senecal
-
Publication number: 20220329610Abstract: A server interacts with a bot detection service to provide bot detection as a requesting client interacts with the server. In an asynchronous mode, the server injects into a page a data collection script configured to record interactions at the requesting client, to collect sensor data about the interactions, and to send the collected sensor data to the server. After the client receives the page, the sensor data is collected and forwarded to the server through a series of posts. The server forwards the posts to the detection service. During this data collection, the server also may receive a request from the client for a protected endpoint. When this occurs, and in a synchronous mode, the server issues a query to the detection service to obtain a threat score based in part on the collected sensor data that has been received and forwarded by the server. Based on the threat score returned, the server then determines whether the request for the endpoint should be forwarded onward for handling.Type: ApplicationFiled: June 28, 2022Publication date: October 13, 2022Applicant: Akamai Technologies, Inc.Inventors: David Senecal, Prajakta Bhurke, Tu Vuong
-
Publication number: 20220329622Abstract: A server interacts with a bot detection service to provide bot detection as a requesting client interacts with the server. In an asynchronous mode, the server injects into a page a data collection script configured to record interactions at the requesting client, to collect sensor data about the interactions, and to send the collected sensor data to the server. After the client receives the page, the sensor data is collected and forwarded to the server through a series of posts. The server forwards the posts to the detection service. During this data collection, the server also may receive a request from the client for a protected endpoint. When this occurs, and in a synchronous mode, the server issues a query to the detection service to obtain a threat score based in part on the collected sensor data that has been received and forwarded by the server. Based on the threat score returned, the server then determines whether the request for the endpoint should be forwarded onward for handling.Type: ApplicationFiled: June 20, 2022Publication date: October 13, 2022Applicant: Akamai Technologies, Inc.Inventors: David Senecal, Prajakta Bhurke
-
Patent number: 11374945Abstract: A server interacts with a bot detection service to provide bot detection as a requesting client interacts with the server. In an asynchronous mode, the server injects into a page a data collection script configured to record interactions at the requesting client, to collect sensor data about the interactions, and to send the collected sensor data to the server. After the client receives the page, the sensor data is collected and forwarded to the server through a series of posts. The server forwards the posts to the detection service. During this data collection, the server also may receive a request from the client for a protected endpoint. When this occurs, and in a synchronous mode, the server issues a query to the detection service to obtain a threat score based in part on the collected sensor data that has been received and forwarded by the server. Based on the threat score returned, the server then determines whether the request for the endpoint should be forwarded onward for handling.Type: GrantFiled: February 12, 2019Date of Patent: June 28, 2022Assignee: Akamai Technologies, Inc.Inventors: David Senecal, Prajakta Bhurke, Tu Vuong
-
Patent number: 11368483Abstract: A server interacts with a bot detection service to provide bot detection as a requesting client interacts with the server. In an asynchronous mode, the server injects into a page a data collection script configured to record interactions at the requesting client, to collect sensor data about the interactions, and to send the collected sensor data to the server. After the client receives the page, the sensor data is collected and forwarded to the server through a series of posts. The server forwards the posts to the detection service. During this data collection, the server also may receive a request from the client for a protected endpoint. When this occurs, and in a synchronous mode, the server issues a query to the detection service to obtain a threat score based in part on the collected sensor data that has been received and forwarded by the server. Based on the threat score returned, the server then determines whether the request for the endpoint should be forwarded onward for handling.Type: GrantFiled: February 12, 2019Date of Patent: June 21, 2022Assignee: Akamai Technologies, Inc.Inventors: David Senecal, Prajakta Bhurke
-
Publication number: 20220166791Abstract: A server interacts with a bot detection service to provide bot detection as a requesting client interacts with the server. In an asynchronous mode, the server injects into a page a data collection script configured to record interactions at the requesting client, to collect sensor data about the interactions, and to send the collected sensor data to the server. After the client receives the page, the sensor data is collected and forwarded to the server through a series of posts. The server forwards the posts to the detection service. During this data collection, the server also may receive a request from the client for a protected endpoint. When this occurs, and in a synchronous mode, the server issues a query to the detection service to obtain a threat score based in part on the collected sensor data that has been received and forwarded by the server. Based on the threat score returned, the server then determines whether the request for the endpoint should be forwarded onward for handling.Type: ApplicationFiled: February 8, 2022Publication date: May 26, 2022Applicant: Akamai Technologies, Inc.Inventors: David Senecal, Prajakta Bhurke, Tu Vuong
-
Publication number: 20220086186Abstract: A method of bot detection in a computer network leverages a machine learning system. The machine learning system receives a fingerprint derived at a server, the server having extracted a set of transport layer security parameters received from a client and processed the set parameters into the fingerprint. Based at least in part on the fingerprint, the learning system determines whether the client is likely to be a bot as opposed to a human user. The system generates and returns to the server as score having a first value when the fingerprint is determined to be associated with a good client, and having a second value when the fingerprint is determined to be associated with a bot. Based on the score received from the machine learning system, the server takes a configured action with respect to the client.Type: ApplicationFiled: November 23, 2021Publication date: March 17, 2022Applicant: Akamai Technologies, Inc.Inventors: David Senecal, Andrew Kahn, Ory Segal, Elad Shuster, Duc Nguyen
-
Patent number: 11245722Abstract: A server interacts with a bot detection service to provide bot detection as a requesting client interacts with the server. In an asynchronous mode, the server injects into a page a data collection script configured to record interactions at the requesting client, to collect sensor data about the interactions, and to send the collected sensor data to the server. After the client receives the page, the sensor data is collected and forwarded to the server through a series of posts. The server forwards the posts to the detection service. During this data collection, the server also may receive a request from the client for a protected endpoint. When this occurs, and in a synchronous mode, the server issues a query to the detection service to obtain a threat score based in part on the collected sensor data that has been received and forwarded by the server. Based on the threat score returned, the server then determines whether the request for the endpoint should be forwarded onward for handling.Type: GrantFiled: February 12, 2019Date of Patent: February 8, 2022Assignee: Akamai Technologies, Inc.Inventors: David Senecal, Prajakta Bhurke, Tu Vuong
-
Patent number: 11184390Abstract: This disclosure describes a technique to fingerprint TLS connection information to facilitate bot detection. The notion is referred to herein as “TLS fingerprinting.” Preferably, TLS fingerprinting herein comprises combining different parameters from the initial “Hello” packet send by the client. In one embodiment, the different parameters from the Hello packet that are to create the fingerprint (the “TLS signature”) are: record layer version, client version, ordered TLS extensions, ordered cipher list, ordered elliptic curve list, and ordered signature algorithms list. Preferably, the edge server persists the TLS signature for the duration of a session.Type: GrantFiled: May 8, 2018Date of Patent: November 23, 2021Assignee: Akamai Technologies, Inc.Inventors: David Senecal, Andrew Kahn, Ory Segal, Elad Shuster, Duc Nguyen
-
Publication number: 20190190950Abstract: This disclosure describes a technique to fingerprint TLS connection information to facilitate bot detection. The notion is referred to herein as “TLS fingerprinting.” Preferably, TLS fingerprinting herein comprises combining different parameters from the initial “Hello” packet send by the client. In one embodiment, the different parameters from the Hello packet that are to create the fingerprint (the “TLS signature”) are: record layer version, client version, ordered TLS extensions, ordered cipher list, ordered elliptic curve list, and ordered signature algorithms list. Preferably, the edge server persists the TLS signature for the duration of a session.Type: ApplicationFiled: May 8, 2018Publication date: June 20, 2019Applicant: Akamai Technologies, Inc.Inventors: David Senecal, Andrew Kahn, Ory Segal, Elad Shuster, Duc Nguyen