/// <returns></returns>
/// <summary>
/// Add a LoginAttempt, along the way determining whether that loginAttempt should be allowed
/// (the user authenticated) or denied.
/// </summary>
/// <param name="loginAttempt">The login loginAttempt record to be stored.</param>
/// <param name="passwordProvidedByClient">The plaintext password provided by the client.</param>
/// <param name="phase1HashOfProvidedPassword">If the caller has already computed the phase 1 (expensive) hash of the submitted password,
/// it can supply it via this optional parameter to avoid incurring the cost of having incurring the expense of this calculationg a second time.</param>
/// <param name="timeout"></param>
/// <param name="cancellationToken">To allow this async method to be cancelled.</param>
/// <returns>If the password is correct and the IP not blocked, returns AuthenticationOutcome.CredentialsValid.
/// Otherwise, it returns a different AuthenticationOutcome.
/// The client should not be made aware of any information beyond whether the login was allowed or not.</returns>
public async Task <LoginAttempt> DetermineLoginAttemptOutcomeAsync(
LoginAttempt loginAttempt,
string passwordProvidedByClient,
byte[] phase1HashOfProvidedPassword = null,
TimeSpan?timeout = null,
CancellationToken cancellationToken = default(CancellationToken))
{
//
// In parallel, fetch information we'll need to determine the outcome
//
// Get information about the client's IP
Task <IpHistory> ipHistoryGetTask = _ipHistoryCache.GetAsync(loginAttempt.AddressOfClientInitiatingRequest,
cancellationToken);
// Get information about the account the client is trying to login to
//IStableStoreContext<string, UserAccount> userAccountContext = _userAccountContextFactory.Get();
IRepository <string, TUserAccount> userAccountRepository = _userAccountRepositoryFactory.Create();
Task <TUserAccount> userAccountRequestTask = userAccountRepository.LoadAsync(loginAttempt.UsernameOrAccountId, cancellationToken);
// Get a binomial ladder to estimate if the password is common
Task <int> passwordsHeightOnBinomialLadderTask =
_binomialLadderFilter.GetHeightAsync(passwordProvidedByClient, cancellationToken: cancellationToken);
//
// Start processing information as it comes in
//
// Preform an analysis of the IPs past beavhior to determine if the IP has been performing so many failed guesses
// that we disallow logins even if it got the right password. We call this even when the submitted password is
// correct lest we create a timing indicator (slower responses for correct passwords) that attackers could use
// to guess passwords even if we'd blocked their IPs.
IpHistory ip = await ipHistoryGetTask;
// We'll need the salt from the account record before we can calculate the expensive hash,
// so await that task first
TUserAccount account = await userAccountRequestTask;
if (account != null)
{
try
{
IUserAccountController <TUserAccount> userAccountController = _userAccountControllerFactory.Create();
//
// This is an login attempt for a valid (existent) account.
//
// Determine whether the client provided a cookie to indicate that it has previously logged
// into this account successfully---a very strong indicator that it is a client used by the
// legitimate user and not an unknown client performing a guessing attack.
loginAttempt.DeviceCookieHadPriorSuccessfulLoginForThisAccount = await
userAccountController.HasClientWithThisHashedCookieSuccessfullyLoggedInBeforeAsync(
account,
loginAttempt.HashOfCookieProvidedByBrowser,
cancellationToken);
// Test to see if the password is correct by calculating the Phase2Hash and comparing it with the Phase2 hash
// in this record. The expensive (phase1) hash which is used to encrypt the EC public key for this account
// (which we use to store the encryptions of incorrect passwords)
if (phase1HashOfProvidedPassword == null)
{
phase1HashOfProvidedPassword =
userAccountController.ComputePhase1Hash(account, passwordProvidedByClient);
}
// Since we can't store the phase1 hash (it can decrypt that EC key) we instead store a simple (SHA256)
// hash of the phase1 hash, which we call the phase 2 hash, and use that to compare the provided password
// with the correct password.
string phase2HashOfProvidedPassword =
userAccountController.ComputePhase2HashFromPhase1Hash(account, phase1HashOfProvidedPassword);
// To determine if the password is correct, compare the phase2 has we just generated (phase2HashOfProvidedPassword)
// with the one generated from the correct password when the user chose their password (account.PasswordHashPhase2).
bool isSubmittedPasswordCorrect = phase2HashOfProvidedPassword == account.PasswordHashPhase2;
// Get the popularity of the password provided by the client among incorrect passwords submitted in the past,
// as we are most concerned about frequently-guessed passwords.
loginAttempt.PasswordsHeightOnBinomialLadder = await passwordsHeightOnBinomialLadderTask;
if (isSubmittedPasswordCorrect)
{
// The password is corerct.
// Determine if any of the outcomes for login attempts from the client IP for this request were the result of typos,
// as this might impact our decision about whether or not to block this client IP in response to its past behaviors.
AdjustBlockingScoreForPastTyposTreatedAsFullFailures(
ip, userAccountController, account, loginAttempt.TimeOfAttemptUtc, passwordProvidedByClient,
phase1HashOfProvidedPassword);
// We'll get the blocking threshold, blocking condition, and block if the condition exceeds the threshold.
double blockingThreshold = _options.BlockThresholdPopularPassword_T_base *
_options.PopularityBasedThresholdMultiplier_T_multiplier(
loginAttempt);
double blockScore = ip.CurrentBlockScore.GetValue(_options.BlockScoreHalfLife,
loginAttempt.TimeOfAttemptUtc);
// If the client provided a cookie proving a past successful login, we'll ignore the block condition
if (loginAttempt.DeviceCookieHadPriorSuccessfulLoginForThisAccount)
{
blockScore *= _options.MultiplierIfClientCookieIndicatesPriorSuccessfulLogin_Kappa;
}
if (blockScore > blockingThreshold)
{
// While this login attempt had valid credentials, the circumstances
// are so suspicious that we should block the login and pretend the
// credentials were invalid
loginAttempt.Outcome = AuthenticationOutcome.CredentialsValidButBlocked;
}
else
{
// This login attempt has valid credentials and no reason to block, so the
// client will be authenticated.
loginAttempt.Outcome = AuthenticationOutcome.CredentialsValid;
userAccountController.RecordHashOfDeviceCookieUsedDuringSuccessfulLoginBackground(
account,
loginAttempt.HashOfCookieProvidedByBrowser);
// Use this login attempt to offset harm caused by prior login failures
if (
ip.CurrentBlockScore.GetValue(_options.AccountCreditLimitHalfLife,
loginAttempt.TimeOfAttemptUtc) > 0)
{
// There is a non-zero blocking score that might be counteracted by a credit
TaskHelper.RunInBackground(Task.Run(async() =>
{
double credit = await userAccountController.TryGetCreditAsync(
account,
_options.RewardForCorrectPasswordPerAccount_Sigma,
loginAttempt.TimeOfAttemptUtc, cancellationToken);
ip.CurrentBlockScore.SubtractInPlace(_options.AccountCreditLimitHalfLife, credit,
loginAttempt.TimeOfAttemptUtc);
}, cancellationToken));
}
}
}
else
{
//
// The password was invalid. Do bookkeeping of information about this failure so that we can
// block the origin IP if it appears to be engaged in guessing and so that we can track
// frequently guessed passwords.
// We'll not only store the (phase 2) hash of the incorrect password, but we'll also store
// the incorrect passwords itself, encrypted with the EcPublicAccountLogKey.
// (The decryption key to get the incorrect password plaintext back is encrypted with the
// correct password, so you can't get to the plaintext of the incorrect password if you
// don't already know the correct password.)
loginAttempt.Phase2HashOfIncorrectPassword = phase2HashOfProvidedPassword;
if (account.GetType().Name == "SimulatedUserAccount")
{
loginAttempt.EncryptedIncorrectPassword.Ciphertext = passwordProvidedByClient;
}
else
{
loginAttempt.EncryptedIncorrectPassword.Write(passwordProvidedByClient,
account.EcPublicAccountLogKey);
}
// Next, if it's possible to declare more about this outcome than simply that the
// user provided the incorrect password, let's do so.
// Since users who are unsure of their passwords may enter the same username/password twice, but attackers
// don't learn anything from doing so, we'll want to account for these repeats differently (and penalize them less).
// We actually have two data structures for catching this: A large sketch of clientsIpHistory/account/password triples and a
// tiny LRU cache of recent failed passwords for this account. We'll check both.
if (await userAccountController.AddIncorrectPhaseTwoHashAsync(account, phase2HashOfProvidedPassword, cancellationToken: cancellationToken))
{
// The same incorrect password was recently used for this account, indicate this so that we
// do not penalize the IP further (as attackers don't gain anything from guessing the wrong password again).
loginAttempt.Outcome = AuthenticationOutcome.CredentialsInvalidRepeatedIncorrectPassword;
}
else
{
// This is the first time we've (at least recently) seen this incorrect password attempted for the account,
loginAttempt.Outcome = AuthenticationOutcome.CredentialsInvalidIncorrectPassword;
// Penalize the IP for the invalid password
double invalidPasswordPenalty = _options.PenaltyForInvalidPassword_Beta *
_options.PopularityBasedPenaltyMultiplier_phi(
loginAttempt);
ip.CurrentBlockScore.AddInPlace(_options.AccountCreditLimitHalfLife,
invalidPasswordPenalty,
loginAttempt.TimeOfAttemptUtc);
// Record the penalty so that it can be reduced if this incorrect password is later discovered to be a typo.
ip.RecentPotentialTypos.Add(new LoginAttemptSummaryForTypoAnalysis()
{
EncryptedIncorrectPassword = loginAttempt.EncryptedIncorrectPassword,
Penalty = new DecayingDouble(invalidPasswordPenalty, loginAttempt.TimeOfAttemptUtc),
UsernameOrAccountId = loginAttempt.UsernameOrAccountId
});
}
}
}
finally
{
// Save changes to the user account record in the background (so that we don't hold up returning the result)
TaskHelper.RunInBackground(userAccountRepository.SaveChangesAsync(cancellationToken));
}
}
else
{
// account == null
// This is an login attempt for an INvalid (NONexistent) account.
//
if (phase1HashOfProvidedPassword == null)
{
phase1HashOfProvidedPassword =
ExpensiveHashFunctionFactory.Get(_options.DefaultExpensiveHashingFunction)(
passwordProvidedByClient,
ManagedSHA256.Hash(Encoding.UTF8.GetBytes(loginAttempt.UsernameOrAccountId)),
_options.ExpensiveHashingFunctionIterations);
}
// Get the popularity of the password provided by the client among incorrect passwords submitted in the past,
// as we are most concerned about frequently-guessed passwords.
loginAttempt.PasswordsHeightOnBinomialLadder = await passwordsHeightOnBinomialLadderTask;
// This appears to be an loginAttempt to login to a non-existent account, and so all we need to do is
// mark it as such. However, since it's possible that users will forget their account names and
// repeatedly loginAttempt to login to a nonexistent account, we'll want to track whether we've seen
// this account/password double before and note in the outcome if it's a repeat so that.
// the IP need not be penalized for issuign a query that isn't getting it any information it
// didn't already have.
if (_recentIncorrectPasswords.AddMember(Convert.ToBase64String(phase1HashOfProvidedPassword)))
{
// Don't penalize the incorrect <invalid account/password> pair if we've seen the same
// pair recently
loginAttempt.Outcome = AuthenticationOutcome.CredentialsInvalidRepeatedNoSuchAccount;
}
else
{
// Penalize the IP for a login attempt with an invalid account
loginAttempt.Outcome = AuthenticationOutcome.CredentialsInvalidNoSuchAccount;
double invalidAccontPenalty = _options.PenaltyForInvalidAccount_Alpha *
_options.PopularityBasedPenaltyMultiplier_phi(loginAttempt);
ip.CurrentBlockScore.AddInPlace(_options.BlockScoreHalfLife, invalidAccontPenalty,
loginAttempt.TimeOfAttemptUtc);
}
}
if (loginAttempt.Outcome == AuthenticationOutcome.CredentialsInvalidNoSuchAccount ||
loginAttempt.Outcome == AuthenticationOutcome.CredentialsInvalidIncorrectPassword)
{
// Record the invalid password into the binomial ladder sketch that tracks freqeunt-incorrect passwords
// Since we don't need to know the result, we'll run it in the background (so that we don't hold up returning the result)
TaskHelper.RunInBackground(_binomialLadderFilter.StepAsync(passwordProvidedByClient, cancellationToken: cancellationToken));
}
return(loginAttempt);
}
public async Task <LoginAttempt> DetermineLoginAttemptOutcomeAsync(
LoginAttempt loginAttempt,
string passwordProvidedByClient,
byte[] phase1HashOfProvidedPassword = null,
TimeSpan?timeout = null,
CancellationToken cancellationToken = default(CancellationToken))
{
Task <IpHistory> ipHistoryGetTask = _ipHistoryCache.GetAsync(loginAttempt.AddressOfClientInitiatingRequest,
cancellationToken);
IRepository <string, TUserAccount> userAccountRepository = _userAccountRepositoryFactory.Create();
Task <TUserAccount> userAccountRequestTask = userAccountRepository.LoadAsync(loginAttempt.UsernameOrAccountId, cancellationToken);
Task <int> passwordsHeightOnBinomialLadderTask =
_binomialLadderFilter.GetHeightAsync(passwordProvidedByClient, cancellationToken: cancellationToken);
IpHistory ip = await ipHistoryGetTask;
TUserAccount account = await userAccountRequestTask;
if (account != null)
{
try
{
IUserAccountController <TUserAccount> userAccountController = _userAccountControllerFactory.Create();
loginAttempt.DeviceCookieHadPriorSuccessfulLoginForThisAccount = await
userAccountController.HasClientWithThisHashedCookieSuccessfullyLoggedInBeforeAsync(
account,
loginAttempt.HashOfCookieProvidedByBrowser,
cancellationToken);
if (phase1HashOfProvidedPassword == null)
{
phase1HashOfProvidedPassword =
userAccountController.ComputePhase1Hash(account, passwordProvidedByClient);
}
string phase2HashOfProvidedPassword =
userAccountController.ComputePhase2HashFromPhase1Hash(account, phase1HashOfProvidedPassword);
bool isSubmittedPasswordCorrect = phase2HashOfProvidedPassword == account.PasswordHashPhase2;
loginAttempt.PasswordsHeightOnBinomialLadder = await passwordsHeightOnBinomialLadderTask;
if (isSubmittedPasswordCorrect)
{
AdjustBlockingScoreForPastTyposTreatedAsFullFailures(
ip, userAccountController, account, loginAttempt.TimeOfAttemptUtc, passwordProvidedByClient,
phase1HashOfProvidedPassword);
double blockingThreshold = _options.BlockThresholdPopularPassword_T_base *
_options.PopularityBasedThresholdMultiplier_T_multiplier(
loginAttempt);
double blockScore = ip.CurrentBlockScore.GetValue(_options.BlockScoreHalfLife,
loginAttempt.TimeOfAttemptUtc);
if (loginAttempt.DeviceCookieHadPriorSuccessfulLoginForThisAccount)
{
blockScore *= _options.MultiplierIfClientCookieIndicatesPriorSuccessfulLogin_Kappa;
}
if (blockScore > blockingThreshold)
{
loginAttempt.Outcome = AuthenticationOutcome.CredentialsValidButBlocked;
}
else
{
loginAttempt.Outcome = AuthenticationOutcome.CredentialsValid;
userAccountController.RecordHashOfDeviceCookieUsedDuringSuccessfulLoginBackground(
account,
loginAttempt.HashOfCookieProvidedByBrowser);
if (
ip.CurrentBlockScore.GetValue(_options.AccountCreditLimitHalfLife,
loginAttempt.TimeOfAttemptUtc) > 0)
{
TaskHelper.RunInBackground(Task.Run(async() =>
{
double credit = await userAccountController.TryGetCreditAsync(
account,
_options.RewardForCorrectPasswordPerAccount_Sigma,
loginAttempt.TimeOfAttemptUtc, cancellationToken);
ip.CurrentBlockScore.SubtractInPlace(_options.AccountCreditLimitHalfLife, credit,
loginAttempt.TimeOfAttemptUtc);
}, cancellationToken));
}
}
}
else
{
loginAttempt.Phase2HashOfIncorrectPassword = phase2HashOfProvidedPassword;
if (account.GetType().Name == "SimulatedUserAccount")
{
loginAttempt.EncryptedIncorrectPassword.Ciphertext = passwordProvidedByClient;
}
else
{
loginAttempt.EncryptedIncorrectPassword.Write(passwordProvidedByClient,
account.EcPublicAccountLogKey);
}
if (await userAccountController.AddIncorrectPhaseTwoHashAsync(account, phase2HashOfProvidedPassword, cancellationToken: cancellationToken))
{
loginAttempt.Outcome = AuthenticationOutcome.CredentialsInvalidRepeatedIncorrectPassword;
}
else
{
loginAttempt.Outcome = AuthenticationOutcome.CredentialsInvalidIncorrectPassword;
double invalidPasswordPenalty = _options.PenaltyForInvalidPassword_Beta *
_options.PopularityBasedPenaltyMultiplier_phi(
loginAttempt);
ip.CurrentBlockScore.AddInPlace(_options.AccountCreditLimitHalfLife,
invalidPasswordPenalty,
loginAttempt.TimeOfAttemptUtc);
ip.RecentPotentialTypos.Add(new LoginAttemptSummaryForTypoAnalysis()
{
EncryptedIncorrectPassword = loginAttempt.EncryptedIncorrectPassword,
Penalty = new DecayingDouble(invalidPasswordPenalty, loginAttempt.TimeOfAttemptUtc),
UsernameOrAccountId = loginAttempt.UsernameOrAccountId
});
}
}
}
finally
{
TaskHelper.RunInBackground(userAccountRepository.SaveChangesAsync(cancellationToken));
}
}
else
{
if (phase1HashOfProvidedPassword == null)
{
phase1HashOfProvidedPassword =
ExpensiveHashFunctionFactory.Get(_options.DefaultExpensiveHashingFunction)(
passwordProvidedByClient,
ManagedSHA256.Hash(Encoding.UTF8.GetBytes(loginAttempt.UsernameOrAccountId)),
_options.ExpensiveHashingFunctionIterations);
}
loginAttempt.PasswordsHeightOnBinomialLadder = await passwordsHeightOnBinomialLadderTask;
if (_recentIncorrectPasswords.AddMember(Convert.ToBase64String(phase1HashOfProvidedPassword)))
{
loginAttempt.Outcome = AuthenticationOutcome.CredentialsInvalidRepeatedNoSuchAccount;
}
else
{
loginAttempt.Outcome = AuthenticationOutcome.CredentialsInvalidNoSuchAccount;
double invalidAccontPenalty = _options.PenaltyForInvalidAccount_Alpha *
_options.PopularityBasedPenaltyMultiplier_phi(loginAttempt);
ip.CurrentBlockScore.AddInPlace(_options.BlockScoreHalfLife, invalidAccontPenalty,
loginAttempt.TimeOfAttemptUtc);
}
}
if (loginAttempt.Outcome == AuthenticationOutcome.CredentialsInvalidNoSuchAccount ||
loginAttempt.Outcome == AuthenticationOutcome.CredentialsInvalidIncorrectPassword)
{
TaskHelper.RunInBackground(_binomialLadderFilter.StepAsync(passwordProvidedByClient, cancellationToken: cancellationToken));
}
return(loginAttempt);
}
/// <summary>
/// Evaluate the accuracy of our stopguessing service by sending user logins and malicious traffic
/// </summary>
/// <returns></returns>
public async Task Run(CancellationToken cancellationToken = default(CancellationToken))
{
_logger.WriteStatus("In RunInBackground");
_logger.WriteStatus("Priming password-tracking with known common passwords");
_simPasswords.PrimeWithKnownPasswordsAsync(_binomialLadderFilter, 40);
_logger.WriteStatus("Finished priming password-tracking with known common passwords");
_logger.WriteStatus("Creating IP Pool");
_ipPool = new IpPool(_experimentalConfiguration);
_logger.WriteStatus("Generating simualted account records");
_simAccounts = new SimulatedAccounts(_ipPool, _simPasswords, _logger);
await _simAccounts.GenerateAsync(_experimentalConfiguration, cancellationToken);
_logger.WriteStatus("Creating login-attempt generator");
_attemptGenerator = new SimulatedLoginAttemptGenerator(_experimentalConfiguration, _simAccounts, _ipPool, _simPasswords);
_logger.WriteStatus("Finiished creating login-attempt generator");
foreach (TextWriter writer in new TextWriter[] { _AttackAttemptsWithValidPasswords, _LegitiamteAttemptsWithValidPasswords, _OtherAttempts })
{
writer.WriteLine("{0},{1},{2},{3},{4},{5},{6},{7},{8},{9}", //,{9}
"Password",
"UserID",
"IP",
"IsFrequentlyGuessedPw",
"IsPasswordCorrect",
"IsFromAttackAttacker",
"IsAGuess",
"IPInOposingPool",
"IsClientAProxyIP",
"TypeOfMistake"
//string.Join(",")
);
}
TimeSpan testTimeSpan = _experimentalConfiguration.TestTimeSpan;
double ticksBetweenLogins = ((double)testTimeSpan.Ticks) / (double)_experimentalConfiguration.TotalLoginAttemptsToIssue;
await TaskParalllel.RepeatWithWorkers(_experimentalConfiguration.TotalLoginAttemptsToIssue, async (count, cancelToken) =>
{
if (count % 10000 == 0)
{
_logger.WriteStatus("Login Attempt {0:N0}", count);
}
DateTime eventTimeUtc = StartTimeUtc.AddTicks((long)(ticksBetweenLogins *count));
SimulatedLoginAttempt simAttempt;
if (StrongRandomNumberGenerator.GetFraction() <
_experimentalConfiguration.FractionOfLoginAttemptsFromAttacker)
{
switch (_experimentalConfiguration.AttackersStrategy)
{
case ExperimentalConfiguration.AttackStrategy.UseUntilLikelyPopular:
simAttempt = _attemptGenerator.MaliciousLoginAttemptBreadthFirstAvoidMakingPopular(eventTimeUtc);
break;
case ExperimentalConfiguration.AttackStrategy.Weighted:
simAttempt = _attemptGenerator.MaliciousLoginAttemptWeighted(eventTimeUtc);
break;
case ExperimentalConfiguration.AttackStrategy.BreadthFirst:
default:
simAttempt = _attemptGenerator.MaliciousLoginAttemptBreadthFirst(eventTimeUtc);
break;
}
}
else
{
simAttempt = _attemptGenerator.BenignLoginAttempt(eventTimeUtc);
}
// Get information about the client's IP
SimIpHistory ipHistory = await _ipHistoryCache.GetAsync(simAttempt.AddressOfClientInitiatingRequest, cancelToken);
double[] scores = ipHistory.GetAllScores(_experimentalConfiguration.BlockingOptions.BlockScoreHalfLife,
simAttempt.TimeOfAttemptUtc);
simAttempt.UpdateSimulatorState(this, ipHistory);
var ipInfo = _ipPool.GetIpAddressDebugInfo(simAttempt.AddressOfClientInitiatingRequest);
string outputString = string.Format("{0},{1},{2},{3},{4},{5},{6},{7},{8},{9},{10}",
simAttempt.Password,
simAttempt.SimAccount?.UsernameOrAccountId ?? "<null>",
simAttempt.AddressOfClientInitiatingRequest,
simAttempt.IsFrequentlyGuessedPassword ? "Frequent" : "Infrequent",
simAttempt.IsPasswordValid ? "Correct" : "Incorrect",
simAttempt.IsFromAttacker ? "FromAttacker" : "FromUser",
simAttempt.IsGuess ? "IsGuess" : "NotGuess",
simAttempt.IsFromAttacker ? (ipInfo.UsedByBenignUsers ? "IsInBenignPool" : "NotUsedByBenign") :
(ipInfo.UsedByAttackers ? "IsInAttackersIpPool" : "NotUsedByAttacker"),
ipInfo.IsPartOfProxy ? "ProxyIP" : "NotAProxy",
string.IsNullOrEmpty(simAttempt.MistakeType) ? "-" : simAttempt.MistakeType,
string.Join(",", scores.Select(s => s.ToString(CultureInfo.InvariantCulture)).ToArray())
);
if (simAttempt.IsFromAttacker && simAttempt.IsPasswordValid)
{
await _AttackAttemptsWithValidPasswords.WriteLineAsync(outputString);
await _AttackAttemptsWithValidPasswords.FlushAsync();
}
else if (!simAttempt.IsFromAttacker && simAttempt.IsPasswordValid)
{
await _LegitiamteAttemptsWithValidPasswords.WriteLineAsync(outputString);
await _LegitiamteAttemptsWithValidPasswords.FlushAsync();
}
else
{
await _OtherAttempts.WriteLineAsync(outputString);
await _OtherAttempts.FlushAsync();
}
},
//(e) => {
//},
cancellationToken : cancellationToken);
_memoryUsageLimiter.Dispose();
}