Network security is increasingly important as more sensitive data is exchanged online. While nefarious activity can be identified based on an Internet Protocol (IP) address associated with a client device from which the activity originated, IP addresses do not provide sufficient granularity for effective network security management. More specifically, bad actors can use a variety of techniques that render IP address filtering ineffective, including frequent changing of IP addresses, IP address spoofing, and operating behind hidden proxies, for example. Accordingly, current methods for identifying bad actors originating nefarious network activity are not robust and are insufficient to protect server devices and associated web applications and other resources.