Bot detection in an edge network using Transport Layer Security (TLS) fingerprint

This disclosure describes a technique to fingerprint TLS connection information to facilitate bot detection. The notion is referred to herein as "TLS fingerprinting." Preferably, TLS fingerprinting herein comprises combining different parameters from the initial "Hello" packet se...

Full description

Saved in:
Bibliographic Details
Main Authors Senecal, David, Shuster, Elad, Segal, Ory, Nguyen, Duc, Kahn, Andrew
Format Patent
LanguageEnglish
Published 15.02.2024
Subjects
CALCULATING
COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online AccessGet full text

Cover

More Information
Summary:This disclosure describes a technique to fingerprint TLS connection information to facilitate bot detection. The notion is referred to herein as "TLS fingerprinting." Preferably, TLS fingerprinting herein comprises combining different parameters from the initial "Hello" packet send by the client. In one embodiment, the different parameters from the Hello packet that are to create the fingerprint (the "TLS signature") are: record layer version, client version, ordered TLS extensions, ordered cipher list, ordered elliptic curve list, and ordered signature algorithms list. Preferably, the edge server persists the TLS signature for the duration of a session.
Bibliography:Application Number: US202318383351