| CPC G06F 21/316 (2013.01) [G06F 21/6218 (2013.01)] | 17 Claims |
|
1. A system for identifying and preventing password spraying using hash signature segmentation and behavior clustering analysis, the system comprising:
a memory device with computer-readable program code stored thereon;
at least one processing device operatively coupled to the at least one memory device and at least one communication device, wherein executing the computer-readable code is configured to cause the at least one processing device to:
receive a plurality of access attempts and an associated plurality of hash values;
determine a failure request load based on the plurality of access attempts;
determine whether the failure request load meets a failure threshold,
wherein, in an instance where the failure request load meets the failure threshold, separating the plurality of access attempts associated with the failure request load into a plurality of hash clusters, each hash cluster of the plurality of hash clusters being based on a shared hash value of the plurality of access attempts;
generate a behavior cluster for each hash cluster based on shared behavior data of the plurality of access attempts;
determine, based on the behavior cluster for each hash cluster, a likelihood of misappropriation for each access attempt of the plurality of access attempts;
receive future access attempt data associated with a future access attempt, the future access attempt data comprising future behavior data and a future hash value; and
determine a behavior similarity score based on a comparison of the future behavior data,
wherein, in an instance where the behavior similarity score meets a behavior similarity threshold, access is automatically denied to an account associated with the access attempt, or
wherein, in an instance where the behavior similarity score fails to meet the behavior similarity threshold, store the future access attempt as a non-misappropriation.
|