Morgan Tocker (![[info]](http://l-stat.livejournal.com/img/userinfo.gif){kind=small} mtocker) wrote,@ 2007-12-28 01:42:00 |
|
| Entry tags: | mysql, php |
There's nothing like a machine doing the work for you.
So I was reading Nate's PHP tip, and it got me thinking; he's basically describing bayesian session validity checks - what an awesome idea![1]. Here are my list of possible 'items' to form the test:
- Login IP address
- Login location (gathered courtesy of GeoIP)
- Operating System
- Web Browser
- Time of Day
- Origin of requests (both HTTP_REFERER and REQUEST_URI)
- "I only login from work" (time of day is always 9-5, location is always the same)
Each bit of information becomes more relevant the more frequently it occurs exclusively (or exclusively as part of a set). The only catch is that I would also need to identify the patterns that form sets:
- "At work I use Windows+IE at home I use Mac+Safari"
If I can identify the sets, then it might become frighteningly accurate. I can then classify a login attempt into one of three classes; Spam, Unsure and Not Spam. For the not spam, if it's an open session it can continue unhindered. If I am unsure, I may ask them to log in again (which is only a minor inconvenience). If it's spam, I want them to re authenticate and solve a CAPTCHA test. I want phishing to become more expensive.
[1] Although I know Google is already doing this with my Gmail.
