Systems and Methods for Detecting Fraud Associated with Systems Application Processing

US 20120185936A1
Filed: 01/19/2011
Published: 07/19/2012
Est. Priority Date: 01/19/2011
Status: Abandoned Application

First Claim

Patent Images

1. A method for detecting fraud associated with systems application processing, comprising:

executing a software-based operation causing execution of a plurality of application services, each associated with a respective one of one or more system applications, wherein the execution of the plurality of application services defines an execution path for the software-based operation;

generating an audit log for each of at least a subset of the plurality of application services in association with the execution of the respective application service to at least partially represent the execution path for the software-based operation; and

prior to execution of at least one of the plurality of application services, analyzing each of the audit logs previously generated while executing the software-based operation to determine whether the execution path for the software-based operation satisfies at least one predefined expected execution path.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for detecting fraud associated with systems application processing are provided. An example method may include: for each of at least a subset of multiple application services, receiving an audit log message indicating a respective point in an execution path associated with execution of the application services; and prior to executing an application service endpoint of the application services, analyzing the received audit log messages to determine whether the execution path satisfies at least one predefined expected execution path.

24 Citations

View as Search Results

20 Claims

1. A method for detecting fraud associated with systems application processing, comprising:
- executing a software-based operation causing execution of a plurality of application services, each associated with a respective one of one or more system applications, wherein the execution of the plurality of application services defines an execution path for the software-based operation;
  
  generating an audit log for each of at least a subset of the plurality of application services in association with the execution of the respective application service to at least partially represent the execution path for the software-based operation; and
  
  prior to execution of at least one of the plurality of application services, analyzing each of the audit logs previously generated while executing the software-based operation to determine whether the execution path for the software-based operation satisfies at least one predefined expected execution path.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1, wherein the one or more system applications comprise a plurality of system applications, and wherein at least a first subset of the plurality of application services is associated with a first system application and at least a second subset of the plurality of application services is associated with a second system application.
  - 3. The method of claim 1, wherein an audit log is generated for each of the plurality of application services.
  - 4. The method of claim 1, wherein an audit log is generated for a subset of the plurality of application services.
  - 5. The method of claim 1, further comprising transmitting each audit log over a network to a message assurance server for analyzing.
  - 6. The method of claim 1, wherein analyzing each of the audit logs previously generated is performed prior to execution of an application service endpoint for one of the one or more system applications.
  - 7. The method of claim 6, wherein analyzing each of the audit logs previously generated is additionally performed for at least one additional application service of the plurality of application services.
  - 8. The method of claim 1, wherein, prior to execution of one of the plurality of application services, analyzing each of the audit logs previously generated further comprises determining that the execution path for the software-based operation does not satisfy at least one predefined expected execution path.
  - 9. The method of claim 8, further comprising stopping execution of the one of the plurality of application services in response to determining that the execution path for the software-based operation does not satisfy the at least one predefined expected execution path.
  - 10. The method of claim 8, further comprising generating a potential fraud alert message in response to determining that the execution path for the software-based operation does not satisfy the at least one predefined expected execution path.
  - 11. The method of claim 1, wherein, prior to execution of one of the plurality of application services, analyzing each of the audit logs previously generated further comprises determining that the execution path for the software-based operation satisfies at least one predefined expected execution path, and further comprising executing the one of the plurality of application services.
  - 12. The method of claim 1, wherein analyzing each of the audit logs previously generated comprises comparing at least one time interval defined by an approximate duration between execution of at least two of the plurality of application services to a predetermined time interval threshold.
  - 13. The method of claim 12, wherein comparing the at least one time interval to the predetermined time interval threshold further comprises determining that the predetermined time interval is not satisfied.
  - 14. The method of claim 13, further comprising stopping execution of the at least one of the plurality of application services in response to determining that the predetermined time interval is not satisfied.
  - 15. The method of claim 1, wherein each audit log comprises information associated with at least one of:
    - (a) a system application;
      
      (b) an application service;
      
      (c) a class involved;
      
      (d) a method involved;
      
      (e) a date;
      
      (f) a time;
      
      or (g) a user.

16. A system for detecting fraud associated with systems application processing, comprising:
- a message assurance server comprising at least one processor and in communication over a network with at least one system application comprising a plurality of application services for performing at least one software-based operation, wherein the message assurance server is operable to;
  
  for each of at least a subset of the plurality of application services, receive an audit log message indicating a respective point in an execution path associated with execution of the plurality of application services; and
  
  analyze each of the received audit logs prior to executing at least one of the plurality of application services to determine whether the execution path for the software-based operation satisfies at least one predefined expected execution path.
- View Dependent Claims (17, 18, 19)
- - 17. The system of claim 16, wherein the plurality of application services are associated with a plurality of system applications, and wherein at least a first subset of the plurality of application services is associated with a first system application and at least a second subset of the plurality of application services is associated with a second system application.
  - 18. The system of claim 16, wherein, prior to execution of one of the plurality of application services, when analyzing each of the audit logs previously generated the message assurance server is operable to:
    - determine that the execution path for the software-based operation does not satisfy at least one predefined expected execution path; and
      
      stop execution of the one of the plurality of application services in response to determining that the execution path for the software-based operation does not satisfy the at least one predefined expected execution path.
  - 19. The system of claim 16, wherein, when analyzing each of the audit logs previously generated the message assurance server is operable to:
    - compare at least one time interval defined by an approximate duration between execution of at least two of the plurality of application services to a predetermined time interval threshold.

20. A method for detecting fraud associated with systems application processing, comprising:
- for each of at least a subset of a plurality of application services, receiving an audit log message indicating a respective point in an execution path associated with execution of the plurality of application services; and
  
  prior to executing an application service endpoint of the plurality of application services, analyzing the received audit log messages to determine whether the execution path satisfies at least one predefined expected execution path.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
General Electric Company
Original Assignee
General Electric Company
Inventors
Lakshminarayanan, Sitaraman Suthamali

Application Number

US13/009,656
Publication Number

US 20120185936A1
Time in Patent Office

Days
Field of Search
US Class Current

726/22
CPC Class Codes

G06F 21/52   during program execution, e...

G06F 21/554   involving event detection a...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2151   Time stamp

Systems and Methods for Detecting Fraud Associated with Systems Application Processing

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

24 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and Methods for Detecting Fraud Associated with Systems Application Processing

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

24 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links