Replay attacks are attacks from a malicious party who has stolen credentials from one website, and attempts to re-use those credentials on another website, figuring some of the people will use the same credentials from one website to the next.
Replay attacks are particularly difficult to identify because they can be distributed to come from a large number of otherwise legitimate computer systems that have been conscripted, part time, for the attacker's nefarious purposes, and because, in some cases, the credentials used in the attack are valid credentials for the web site under attack.
Current approaches to detect replay attacks are insufficient. What is needed is a better system and method for detecting and handling replay attacks.