F5, Inc.
Methods for detecting and mitigating brute force credential stuffing attacks and devices thereof

Abstract:

Methods, non-transitory computer readable media, network traffic management apparatuses, and network traffic management systems that obtain a dictionary comprising a plurality of credentials and populate a probabilistic data structure based on the dictionary. A login request is received from a client and one or more credentials are extracted from the received login request. A determination of when the probabilistic data structure indicates that the extracted credentials are included in the dictionary is made. A mitigation action is initiated with respect to the client, when the determination indicates that the probabilistic data structure indicates that the extracted credentials are included in the dictionary. This technology more efficiently and effectively detects and mitigates brute force credential stuffing attacks advantageously using a reduced amount of resources.