Dynamically adaptive policy management for securing mobile financial transactions
First Claim
Patent Images
1. A method comprising:
- storing, in a database, a plurality of patterns and a plurality of numerical probabilities that a user is either a cooperative user or a noncooperative user, the plurality of patterns corresponding to the plurality of numerical probabilities, respectively;
presenting, via an external terminal, an input request associated with a vertex of a security policy;
receiving, via the external terminal, user input in response to the input request;
predicting whether the user of the external terminal is the cooperative user or the noncooperative user by;
matching the user input to one of the plurality of patterns;
identifying one of the plurality of numerical probabilities that corresponds to the one of the plurality of patterns obtained by the matching;
comparing the one of the plurality of numerical probabilities obtained by the identifying to a predetermined threshold; and
designating the user as either the cooperative user or the noncooperative user based on a result of the comparing;
retrieving, from the database, a rule associated with the vertex;
selecting an edge from a plurality of edges associated with the vertex based on the retrieved rule and a result of the predicting;
routing a communication session of the external terminal to a subsequent vertex via the selected edge;
generating, by a pseudorandom number generator, a pseudorandom number for each available edge of the subsequent vertex;
selecting, based on the pseudorandom number, a first edge of the subsequent vertex;
transmitting, by a security services module and in response to the selecting the first edge, false data to the external terminal;
receiving, by the security services module and from the external terminal, a user response to the false data including a confirmation of the false data;
compiling, by the security services module, the user response to the false data;
gathering, by the security services module, information on a current hacking technique being utilized from the external terminal;
recording, by the security services module, an IP address of the external terminal;
transmitting, by the security services module, the IP address of the external terminal to a third party;
computing, by the security services module, a probable payoff amount comprising an estimated payoff amount that the external terminal will obtain using the current hacking technique;
computing, by the security services module, a decoy payoff amount by multiplying the probable payoff amount by a predetermined factor;
routing, by the security services module, the communication session to a decoy payoff vertex; and
transferring, by the security services module, the decoy payoff amount to the user.
1 Assignment
0 Petitions
Accused Products
Abstract
A system for securing a mobile financial transaction using an adaptive security policy is provided by presenting, via an external terminal, an input request associated with a vertex of the security policy. User input is received via the external terminal in response to the input request. A rule associated with the vertex is retrieved from a database. An edge is selected from a plurality of edges associated with the vertex according to the retrieved rule. A communication session of the external terminal is routed to a subsequent vertex via the selected edge.
-
Citations
18 Claims
-
1. A method comprising:
-
storing, in a database, a plurality of patterns and a plurality of numerical probabilities that a user is either a cooperative user or a noncooperative user, the plurality of patterns corresponding to the plurality of numerical probabilities, respectively; presenting, via an external terminal, an input request associated with a vertex of a security policy; receiving, via the external terminal, user input in response to the input request; predicting whether the user of the external terminal is the cooperative user or the noncooperative user by; matching the user input to one of the plurality of patterns; identifying one of the plurality of numerical probabilities that corresponds to the one of the plurality of patterns obtained by the matching; comparing the one of the plurality of numerical probabilities obtained by the identifying to a predetermined threshold; and designating the user as either the cooperative user or the noncooperative user based on a result of the comparing; retrieving, from the database, a rule associated with the vertex; selecting an edge from a plurality of edges associated with the vertex based on the retrieved rule and a result of the predicting; routing a communication session of the external terminal to a subsequent vertex via the selected edge; generating, by a pseudorandom number generator, a pseudorandom number for each available edge of the subsequent vertex; selecting, based on the pseudorandom number, a first edge of the subsequent vertex; transmitting, by a security services module and in response to the selecting the first edge, false data to the external terminal; receiving, by the security services module and from the external terminal, a user response to the false data including a confirmation of the false data; compiling, by the security services module, the user response to the false data; gathering, by the security services module, information on a current hacking technique being utilized from the external terminal; recording, by the security services module, an IP address of the external terminal; transmitting, by the security services module, the IP address of the external terminal to a third party; computing, by the security services module, a probable payoff amount comprising an estimated payoff amount that the external terminal will obtain using the current hacking technique; computing, by the security services module, a decoy payoff amount by multiplying the probable payoff amount by a predetermined factor; routing, by the security services module, the communication session to a decoy payoff vertex; and transferring, by the security services module, the decoy payoff amount to the user. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system comprising:
a security services module, including a processor coupled to a memory, operable to; store, in a database, a plurality of patterns and a plurality of numerical probabilities that a user is either a cooperative user or a noncooperative user, the plurality of patterns corresponding to the plurality of numerical probabilities, respectively; present, via an external terminal, an input request associated with a vertex of a security policy; receive, via the external terminal, user input in response to the input request; predict whether the user of the external terminal is the cooperative user or the noncooperative user by; matching the user input to one of the plurality of patterns; identifying one of the plurality of numerical probabilities that corresponds to the one of the plurality of patterns obtained by the matching; comparing the one of the plurality of numerical probabilities obtained by the identifying to a predetermined threshold; and designating the user as either the cooperative user or the noncooperative user based on a result of the comparing; retrieve, from the database, a rule associated with the vertex; select an edge from a plurality of edges associated with the vertex based on the retrieved rule and a result of the predicting; route a communication session of the external terminal to a subsequent vertex via the selected edge; generate, by a pseudorandom number generator, a pseudorandom number for each available edge of the subsequent vertex; select, based on the pseudorandom number, a first edge of the subsequent vertex; transmit, by the security services module and in response to the selecting the first edge, false data to the external terminal; receive, by the security services module and from the external terminal, a user response to the false data including a confirmation of the false data; compile, by the security services module, the user response to the false data; gather, by the security services module, information on a current hacking technique being utilized from the external terminal; record, by the security services module, an IP address of the external terminal; transmit, by the security services module, the IP address of the external terminal to a third party; compute, by the security services module, a probable payoff amount comprising an estimated payoff amount that the external terminal will obtain using the current hacking technique; compute, by the security services module, a decoy payoff amount by multiplying the probable payoff amount by a predetermined factor; route, by the security services module, the communication session to a decoy payoff vertex; and transfer, by the security services module, the decoy payoff amount to the user. - View Dependent Claims (8, 9, 10, 11, 12)
-
13. A non-transitory computer-readable medium having stored thereon sequences of instructions, the sequences of instructions including instructions, which, when executed by a computer system, cause the computer system to perform:
-
storing, in a database, a plurality of patterns and a plurality of numerical probabilities that a user is either a cooperative user or a noncooperative user, the plurality of patterns corresponding to the plurality of numerical probabilities, respectively; presenting, via an external terminal, an input request associated with a vertex of a security policy; receiving, via the external terminal, user input in response to the input request; predicting whether the user of the external terminal is the cooperative user or the noncooperative user by; matching the user input to one of the plurality of patterns; identifying one of the plurality of numerical probabilities that corresponds to the one of the plurality of patterns obtained by the matching; comparing the one of the plurality of numerical probabilities obtained by the identifying to a predetermined threshold; and designating the user as either the cooperative user or the noncooperative user based on a result of the comparing; retrieving, from the database, a rule associated with the vertex; selecting an edge from a plurality of edges associated with the vertex based on the retrieved rule and a result of the predicting; routing a communication session of the external terminal to a subsequent vertex via the selected edge; generating, by a pseudorandom number generator, a pseudorandom number for each available edge of the subsequent vertex; selecting, based on the pseudorandom number, a first edge of the subsequent vertex; transmitting, by a security services module and in response to the selecting the first edge, false data to the external terminal; receiving, by the security services module and from the external terminal, a user response to the false data including a confirmation of the false data; compiling, by the security services module, the user response to the false data; gathering, by the security services module, information on a current hacking technique being utilized from the external terminal; recording, by the security services module, an IP address of the external terminal; transmitting, by the security services module, the IP address of the external terminal to a third party; computing, by the security services module, a probable payoff amount comprising an estimated payoff amount that the external terminal will obtain using the current hacking technique; computing, by the security services module, a decoy payoff amount by multiplying the probable payoff amount by a predetermined factor; routing, by the security services module, the communication session to a decoy payoff vertex; and transferring, by the security services module, the decoy payoff amount to the user. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification