Section-based security information
First Claim
Patent Images
1. A computer-implementable method for generating session-based security information, comprising:
- monitoring user behavior between an enactor and an entity;
detecting user behavior data associated with the user behavior;
generating a session using the user behavior data, the session relating to an entity discrete interaction of the enactor;
generating a fingerprint, the fingerprint comprising a collection of information providing a distinctive, characteristic indicator of an identify of the enactor;
generating a session-based fingerprint using the fingerprint, the session-based fingerprint comprising a unique identifier of the enactor associated with the session;
associating the session, the session-based security information and the session-based fingerprint with a user profile;
using the session-based security information to detect anomalous, abnormal, unexpected or malicious behavior; and
,mitigating a risk associated with the anomalous, abnormal, unexpected or malicious behavior, the mitigating being performed via an endpoint agent executing on a hardware processor of an information handling system.
6 Assignments
0 Petitions
Accused Products
Abstract
A method, system and computer-usable medium for generating session-based security information. Generating the session-based security information includes the steps of monitoring user behavior between an enactor and an entity; detecting user behavior data associated with the user behavior; generating a session using the user behavior data, the session relating to an entity discrete interaction of the enactor; and, associating the session and the session-based security information with the user profile.
-
Citations
17 Claims
-
1. A computer-implementable method for generating session-based security information, comprising:
-
monitoring user behavior between an enactor and an entity; detecting user behavior data associated with the user behavior; generating a session using the user behavior data, the session relating to an entity discrete interaction of the enactor; generating a fingerprint, the fingerprint comprising a collection of information providing a distinctive, characteristic indicator of an identify of the enactor; generating a session-based fingerprint using the fingerprint, the session-based fingerprint comprising a unique identifier of the enactor associated with the session; associating the session, the session-based security information and the session-based fingerprint with a user profile; using the session-based security information to detect anomalous, abnormal, unexpected or malicious behavior; and
,mitigating a risk associated with the anomalous, abnormal, unexpected or malicious behavior, the mitigating being performed via an endpoint agent executing on a hardware processor of an information handling system. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A system comprising:
-
a processor; a data bus coupled to the processor; and a non-transitory, computer-readable storage medium embodying computer program code, the non-transitory, computer-readable storage medium being coupled to the data bus, the computer program code interacting with a plurality of computer operations and comprising instructions executable by the processor and configured for; monitoring user behavior between an enactor and an entity; detecting user behavior data associated with the user behavior; generating a session using the user behavior data, the session relating to an entity discrete interaction of the enactor; generating a fingerprint, the fingerprint comprising a collection of information providing a distinctive, characteristic indicator of an identify of the enactor; generating a session-based fingerprint using the fingerprint, the session-based fingerprint comprising a unique identifier of the enactor associated with the session; associating the session, the session-based security information and the session-based fingerprint with a user profile; using the session-based security information to detect anomalous, abnormal, unexpected or malicious behavior; and
,mitigating a risk associated with the anomalous, abnormal, unexpected or malicious behavior, the mitigating being performed via an endpoint agent executing on a hardware processor of an information handling system. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A non-transitory, computer-readable storage medium embodying computer program code, the computer program code comprising computer executable instructions configured for:
-
monitoring user behavior between an enactor and an entity; detecting user behavior data associated with the user behavior; generating a session using the user behavior data, the session relating to an entity discrete interaction of the enactor; generating a fingerprint, the fingerprint comprising a collection of information providing a distinctive, characteristic indicator of an identify of the enactor; generating a session-based fingerprint using the fingerprint, the session-based fingerprint comprising a unique identifier of the enactor associated with the session; associating the session, the session-based security information and the session-based fingerprint with a user profile; using the session-based security information to detect anomalous, abnormal, unexpected or malicious behavior; and
,mitigating a risk associated with the anomalous, abnormal, unexpected or malicious behavior, the mitigating being performed via an endpoint agent executing on a hardware processor of an information handling system. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
Specification