Systems, methods, and computer-readable media for data security
First Claim
1. A method performed at a data security computing system that includes one or more processor devices, one or more communication devices, and one or more memories, the method comprising:
- monitoring, by the data security computing system, one or more requests or activities of a computing device;
comparing, by the data security computing system, the monitored one or more requests or activities with a database of predetermined characteristics to determine whether the monitored one or more requests or activities indicates that the computing device (i) accessed or attempted to access sequentially more than a number of data files or objects in less than a predetermined period of time, and (ii) downloaded more than X data files or objects;
determining, by the data security computing system, that the monitored one or more requests or activities is suspicious when the comparing determines that the monitored one or more requests or activities indicate that the computing device (i) accessed or attempted to access sequentially more than the number of data files or objects in less than a predetermined period of time, and (ii) downloaded more than X data files or objects; and
initiating, by the data security computing system, a response to hinder the monitored one or more requests or activities when the monitored one or more requests or activities is determined to be suspicious.
5 Assignments
0 Petitions
Accused Products
Abstract
In a server system providing data security, a processor monitors requests or activities of a computing device and compares the monitored requests or activities with a database of predetermined characteristics to determine whether the monitored requests or activities indicates that the computing device (i) accessed or attempted to access sequentially more than a predetermined number of data files or objects in less than a predetermined period of time, and (ii) downloaded a predetermined number of data files or objects. The monitored requests or activities is determined suspicious when the comparing determines that (i) and (ii) are true, which causes a response to hinder the monitored requests or activities.
38 Citations
21 Claims
-
1. A method performed at a data security computing system that includes one or more processor devices, one or more communication devices, and one or more memories, the method comprising:
-
monitoring, by the data security computing system, one or more requests or activities of a computing device; comparing, by the data security computing system, the monitored one or more requests or activities with a database of predetermined characteristics to determine whether the monitored one or more requests or activities indicates that the computing device (i) accessed or attempted to access sequentially more than a number of data files or objects in less than a predetermined period of time, and (ii) downloaded more than X data files or objects; determining, by the data security computing system, that the monitored one or more requests or activities is suspicious when the comparing determines that the monitored one or more requests or activities indicate that the computing device (i) accessed or attempted to access sequentially more than the number of data files or objects in less than a predetermined period of time, and (ii) downloaded more than X data files or objects; and initiating, by the data security computing system, a response to hinder the monitored one or more requests or activities when the monitored one or more requests or activities is determined to be suspicious. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A server system configured to provide data security, comprising:
-
one or more processor devices, one or more communication interfaces; one or more memory devices including computer-executable instructions, which when executed by the one or more processor devices, cause the one or more processor devices to; monitor one or more requests or activities of a computing device; compare the monitored one or more requests or activities with a database of predetermined characteristics to determine whether the monitored one or more requests or activities indicates that the computing device (i) accessed or attempted to access sequentially more than a number of data files or objects in less than a predetermined period of time, and (ii) downloaded more than X data files or objects; determine that the monitored one or more requests or activities is suspicious when the comparing determines that the monitored one or more requests or activities indicate that the computing device (i) accessed or attempted to access sequentially more than the number of data files or objects in less than a predetermined period of time, and (ii) downloaded more than X data files or objects; and initiate a response to hinder the monitored one or more requests or activities when the monitored one or more requests or activities is determined to be suspicious. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A non-transitory, computer-readable medium having instructions stored thereon which, when executed at a data security computing system that includes one or more processor devices, one or more communication devices, and one or more memories, cause the data security computing system to perform operations that include:
-
receiving, at the data security computing system, a request for data from a computing device; determining, at the data security computing system, characteristics associated with the request for data; determining, at the data security computing system, whether the request for the data is suspicious, wherein the determining whether the request for the data is suspicious includes comparing the determined characteristics with a database of predetermined characteristics to determine whether the determined characteristics indicate that the computing device (i) accessed or attempted to access sequentially more than a number of data files or objects in less than a predetermined period of time, and (ii) downloaded more than X data files or objects; and initiating, at the data security computing system, a response to hinder the request for the data when the request is determined to be suspicious.
-
Specification