[WEB SECURITY] Fraud detection system
websec10 at sic-sec.org
Mon Jun 18 19:06:47 EDT 2012
Am 18.06.2012 21:52, schrieb Paul Johnston:
> Some commercial risk engines can harvest additional variables at the
> application layer. A common one is machine fingerprinting, so if the
> transaction comes from a machine the user hasn't used before, that
> increases the risk score. I think some use behavioral analysis - such as
> page sequences, time spent on page, etc. Vendors tend to be secretive
> about these things as the rules are easily defeated if the fraudsters
> know what they are.
> On 16/06/2012 19:55, Lebeau Frederic wrote:
>> I'm wondering if there are some stuffs to do at application level to
>> increvable efficuency of fraud detection system?
Some WAFs have such detections, it's often called "scoring".
The actions to be done when a score limit is reach can be just
blocking the request or even blocking based on IP, some can
send messages to network firewalls to do more blocking, etc. etc.
More information about the websecurity