Invention Grant
- Patent Title: Protect applications from session stealing/hijacking attacks by tracking and blocking anomalies in end point characteristics throughout a user session
-
Application No.: US14286610Application Date: 2014-05-23
-
Publication No.: US10412050B2Publication Date: 2019-09-10
- Inventor: Anoop Reddy , Rama Rao Katta , Bhanu Prakash Valluri , Craig Anderson , Ratnesh Singh Thakur
- Applicant: Citrix Systems, Inc.
- Applicant Address: US FL Fort Lauderdale
- Assignee: CITRIX SYSTEMS, INC.
- Current Assignee: CITRIX SYSTEMS, INC.
- Current Assignee Address: US FL Fort Lauderdale
- Agency: Foley & Lardner LLP
- Agent Christopher J. McKenna
- Main IPC: H04L29/06
- IPC: H04L29/06 ; H04L29/08
Abstract:
Systems and methods for protection against session stealing is described. In embodiments of the present solution, a device intermediary to the client and the server may identify first properties of the client and associate the first properties with the session key. When the device receives subsequent request comprising the session key, the device matches the associated first properties with second properties of the second device that is sending the subsequent request. If there is a match, the subsequent request transmitted to the server. Otherwise, the subsequent request is rejected.
Public/Granted literature
Information query
