US 12,155,679 B2
Session based anomaly dectection
Avinash Kolluru, Bangalore (IN); Inon Shkedy, Fort Myers, FL (US); Ravindra Guntur, Hyderabad (IN); and Shubham Jindal, Neemrana (IN)
Assigned to Traceable Inc., San Francisco, CA (US)
Filed by Traceable Inc., San Francisco, CA (US)
Filed on Jan. 3, 2022, as Appl. No. 17/567,785.
Prior Publication US 2023/0224314 A1, Jul. 13, 2023
Int. Cl. H04L 9/40 (2022.01)
CPC H04L 63/1425 (2013.01) [H04L 63/102 (2013.01); H04L 63/1416 (2013.01); H04L 63/1433 (2013.01); H04L 63/20 (2013.01)] 18 Claims
OG exemplary drawing
 
1. A method for performing session-based anomaly detection, comprising:
intercepting Application Program Interface (API) traffic between a client and a server, the API traffic associated with multiple user sessions;
identifying a first user session identifier associated with one of the multiple user sessions, the first user session associated with a subset of the intercepted API traffic;
detecting correlations between a subset of the API traffic associated with the first user session, wherein the correlation includes a request that includes an input derived from an output included in a previous response during the session;
storing correlation data based on the detected correlations;
comparing the correlation data to subsequently intercepted API traffic associated with a second user session; and
determining whether the intercepted API traffic includes an anomaly based on the comparison with the correlation data.