USER ACCOUNT BEHAVIOR TECHNIQUES
First Claim
Patent Images
1. A method implemented by one or more modules at least partially in hardware, the method comprising:
- determining whether interaction with a service provider via a user account deviates from a model, the model based on behavior that was previously observed as corresponding to the user account; and
responsive to the determining that the interaction deviates from the model, flagging the user account as potentially compromised by a malicious party.
2 Assignments
0 Petitions
Accused Products
Abstract
User account behavior techniques are described. In implementations, a determination is made as to whether interaction with a service provider via a user account deviates from a model. The model is based on behavior that was previously observed as corresponding to the user account. Responsive to a determination that the interaction deviates from the model, the user account is flagged as being potentially compromised by a malicious party.
172 Citations
20 Claims
-
1. A method implemented by one or more modules at least partially in hardware, the method comprising:
-
determining whether interaction with a service provider via a user account deviates from a model, the model based on behavior that was previously observed as corresponding to the user account; and responsive to the determining that the interaction deviates from the model, flagging the user account as potentially compromised by a malicious party. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method implemented by one or more modules at least partially in hardware, the method comprising:
-
generating a model that describes behaviors exhibited through interaction via a user account of a service provider, the interaction performed over a network, wherein the behaviors are chosen from a plurality of behaviors that are consistent for the user but are not consistent for other users of the service provider; and responsive to a determination that subsequent interaction performed via the user account deviates from the generated model, flagging the user account as potentially compromised by a malicious party. - View Dependent Claims (16, 17)
-
-
18. A method implemented by one or more modules at least partially in hardware, the method comprising:
-
examining data that describes interaction with a service provider via a user account; detecting two or more distinct behavioral models through the examination that indicate different personalities, respectively, in relation to the interaction with the service provider; and responsive to the detecting, flagging the user account as being potentially compromised by a malicious party. - View Dependent Claims (19, 20)
-
Specification