Abstract: A method of performing operations by a processor of a computer terminal, includes determining an operation system (OS) speed scaling gain used by the OS to transform mouse movement data, which is received from a mouse device via a device interface circuit, into mouse speed data that controls positioning of a mouse pointer relative to pixel locations on a display device. A computer terminal identifier is generated based on the OS speed scaling gain. A computer identification message containing the computer terminal identifier is communicated through a network interface circuit. Related computer terminals and computer authentication nodes are disclosed.

Abstract: Identifying a communication source includes receiving a message from a client computer requesting access to a computer-based resource; and receiving, a network signature from the client computer, wherein the network-related signature comprises a value representing how many routing devices are on a network path between the client computer and a predetermined computer. Also included is determining whether the vector of values matches a vector of stored values, each stored value potentially corresponding to a respective one of the values in the vector of values; and limiting access to the computer-based resource based at least in part on the vector of values not matching the vector of stored values.

Abstract: A method of performing operations by a processor of a computer terminal, includes determining an operation system (OS) speed scaling gain used by the OS to transform mouse movement data, which is received from a mouse device via a device interface circuit, into mouse speed data that controls positioning of a mouse pointer relative to pixel locations on a display device. A computer terminal identifier is generated based on the OS speed scaling gain. A computer identification message containing the computer terminal identifier is communicated through a network interface circuit. Related computer terminals and computer authentication nodes are disclosed.

Abstract: A method of performing operations by a processor of a computer terminal, includes determining an operation system (OS) speed scaling gain used by the OS to transform mouse movement data, which is received from a mouse device via a device interface circuit, into mouse speed data that controls positioning of a mouse pointer relative to pixel locations on a display device. A computer terminal identifier is generated based on the OS speed scaling gain. A computer identification message containing the computer terminal identifier is communicated through a network interface circuit. Related computer terminals and computer authentication nodes are disclosed.

Abstract: A historical repository of UE identifiers associated with sets of prior mean values and prior standard deviation values, is maintained. A browser request message is received from a web browser on a suspect UE and requests access to an electronic resource. An identification challenge message is sent toward the web browser and contains a hash script configured to be processed by the web browser to hash a challenge data set and to report a measurement of elapsed hashing time. A device identification report is received from the web browser and contains a terminal signature tuple of a reported UE identifier and the elapsed hashing time. A posterior probability value indicating a likelihood that the suspect UE corresponds to a genuine UE identified by the reported UE identifier, is generated. Whether the suspect UE is permitted to access the electronic resource is controlled based on the posterior probability value.

Abstract: Identifying a communication source includes receiving a message from a client computer requesting access to a computer-based resource; and receiving, a network signature from the client computer, wherein the network signature comprises a vector of values, each value representing a transit time between adjacent routing devices on a network path between the client computer and a predetermined computer. Also include is determining whether the vector of values matches a vector of stored values, each stored value potentially corresponding to a respective one of the values in the vector of values; and limiting access to the computer-based resource based at least in part on the vector of values not matching the vector of stored values.

Abstract: Identifying a communication source includes receiving a message from a client computer requesting access to a computer-based resource; and receiving, a network signature from the client computer, wherein the network-related signature comprises a value representing how many routing devices are on a network path between the client computer and a predetermined computer. Also included is determining whether the vector of values matches a vector of stored values, each stored value potentially corresponding to a respective one of the values in the vector of values; and limiting access to the computer-based resource based at least in part on the vector of values not matching the vector of stored values.

Abstract: A historical repository of device identifiers associated with sets of prior mean values and prior standard deviation values, is maintained. A device identification message is received from a suspect computer device and contains a device identifier and a measured device signature value. A mean value and a standard deviation value are determined based thereon, and used to update the prior mean value and the prior standard deviation value in one of the sets in the historical repository having an association to the device identifier. A prior frequency value is determined. A posterior probability value, indicating likelihood that the suspect computer device corresponds to a genuine computer device identified by the device identifier, is generated based on the mean value, the standard deviation value, and the prior frequency value. Whether the suspect computer device is permitted to access an electronic resource is controlled based on the posterior probability value.

Abstract: A method by a content server includes maintaining a historical repository of terminal signature tuples received from computer terminals. Each of the terminal signature tuples contains a terminal identifier for a computer terminal and a terminal signature characterizing a measured operation by the computer terminal. An access request message is received from a source computer terminal and contains a terminal signature tuple. The terminal signature tuple in the access request message contains a terminal identifier for the source computer terminal and a terminal signature characterizing a measured operation by the source computer terminal. A posterior probability value is generated based on processing a combination of the terminal signature tuple contained in the access request message and the terminal signature tuples contained in the historical repository. The content server controls access for the access request message to a resource controlled by the content server based on the posterior probability value.

Abstract: A processor is coupled to a hierarchical memory structure which includes a plurality of levels of cache memories that hierarchically cache data that is read by the processor from a main memory. The processor is integrated within a computer terminal. The processor performs operations that include generating a hierarchical cache latency signature vector by repeating for each of a plurality of buffer sizes, the following: 1) allocating in the main memory a buffer having the buffer size; 2) measuring elapsed time for the processor to read data from buffer addresses that include upper and lower boundaries of the buffer; and 3) storing the elapsed time and the buffer size as an associated set in the hierarchical cache latency signature vector. The operations further include communicating through a network interface circuit a computer identification message containing computer terminal identification information generated based on the hierarchical cache latency signature vector.

Abstract: A processor is coupled to a hierarchical memory structure which includes a plurality of levels of cache memories that hierarchically cache data that is read by the processor from a main memory. The processor is integrated within a computer terminal. The processor performs operations that include generating a hierarchical cache latency signature vector by repeating for each of a plurality of buffer sizes, the following: 1) allocating in the main memory a buffer having the buffer size; 2) measuring elapsed time for the processor to read data from buffer addresses that include upper and lower, boundaries of the buffer; and 3) storing the elapsed time and the buffer size as an associated set in the hierarchical cache latency signature vector. The operations further include communicating through a network interface circuit a computer identification message containing computer terminal identification information generated based on the hierarchical cache latency signature vector.

Abstract: A historical repository of UE identifiers associated with sets of prior mean values and prior standard deviation values, is maintained. A browser request message is received from a web browser on a suspect UE and requests access to an electronic resource. An identification challenge message is sent toward the web browser and contains a hash script configured to be processed by the web browser to hash a challenge data set and to report a measurement of elapsed hashing time. A device identification report is received from the web browser and contains a terminal signature tuple of a reported UE identifier and the elapsed hashing time. A posterior probability value indicating a likelihood that the suspect UE corresponds to a genuine UE identified by the reported UE identifier, is generated. Whether the suspect UE is permitted to access the electronic resource is controlled based on the posterior probability value.

Abstract: A historical repository of device identifiers associated with sets of prior mean values and prior standard deviation values, is maintained. A device identification message is received from a suspect computer device and contains a device identifier and a measured device signature value. A mean value and a standard deviation value are determined based thereon, and used to update the prior mean value and the prior standard deviation value in one of the sets in the historical repository having an association to the device identifier. A prior frequency value is determined. A posterior probability value, indicating likelihood that the suspect computer device corresponds to a genuine computer device identified by the device identifier, is generated based on the mean value, the standard deviation value, and the prior frequency value. Whether the suspect computer device is permitted to access an electronic resource is controlled based on the posterior probability value.

Abstract: A method by a content server includes maintaining a historical repository of terminal signature tuples received from computer terminals. Each of the terminal signature tuples contains a terminal identifier for a computer terminal and a terminal signature characterizing a measured operation by the computer terminal. An access request message is received from a source computer terminal and contains a terminal signature tuple. The terminal signature tuple in the access request message contains a terminal identifier for the source computer terminal and a terminal signature characterizing a measured operation by the source computer terminal. A posterior probability value is generated based on processing a combination of the terminal signature tuple contained in the access request message and the terminal signature tuples contained in the historical repository. The content server controls access for the access request message to a resource controlled by the content server based on the posterior probability value.

Abstract: A method of performing operations by a processor of a computer terminal, includes determining an operation system (OS) speed scaling gain used by the OS to transform mouse movement data, which is received from a mouse device via a device interface circuit, into mouse speed data that controls positioning of a mouse pointer relative to pixel locations on a display device. A computer terminal identifier is generated based on the OS speed scaling gain. A computer identification message containing the computer terminal identifier is communicated through a network interface circuit. Related computer terminals and computer authentication nodes are disclosed.

Abstract: A processor is coupled to a hierarchical memory structure which includes a plurality of levels of cache memories that hierarchically cache data that is read by the processor from a main memory. The processor is integrated within a computer terminal. The processor performs operations that include generating a hierarchical cache latency signature vector by repeating for each of a plurality of buffer sizes, the following: 1) allocating in the main memory a buffer having the buffer size; 2) measuring elapsed time for the processor to read data from buffer addresses that include upper and lower, boundaries of the buffer; and 3) storing the elapsed time and the buffer size as an associated set in the hierarchical cache latency signature vector. The operations further include communicating through a network interface circuit a computer identification message containing computer terminal identification information generated based on the hierarchical cache latency signature vector.