METHOD AND SYSTEM FOR AUTOMATIC DETECTION OF EAVESDROPPING OF AN ACCOUNT BASED ON IDENTIFIERS AND CONDITIONS
First Claim
1. A method comprising:
- determining, by a server computer for a client device, a first identifier associated with the client device;
analyzing, by the server computer, an activity log associated with an account of a user to determine if an eavesdropping condition has been met during a given duration, the analysis comprising;
determining that an eavesdropping activity has occurred during the given duration and determining that no normal activity has occurred during the given duration for the first identifier;
determining a second identifier associated with a second device used to access the user account; and
determining that a normal activity associated with the second identifier has occurred during the given duration; and
communicating, by the server computer, a result of the analysis.
9 Assignments
0 Petitions
Accused Products
Abstract
A system and method for detecting whether a user account has been compromised. A server computer determines, for a client device, a first identifier associated with the client device. The server computer analyzes an activity log associated with an account of a user to determine if an eavesdropping condition has been met during a given duration. The analysis includes: 1) determining that an eavesdropping activity has occurred during the given duration and determining that no normal activity has occurred during the given duration for the first identifier; 2) determining a second identifier associated with a second device used to access the user account; and 3) determining that a normal activity associated with the second identifier has occurred during the given duration.
-
Citations
20 Claims
-
1. A method comprising:
-
determining, by a server computer for a client device, a first identifier associated with the client device; analyzing, by the server computer, an activity log associated with an account of a user to determine if an eavesdropping condition has been met during a given duration, the analysis comprising; determining that an eavesdropping activity has occurred during the given duration and determining that no normal activity has occurred during the given duration for the first identifier; determining a second identifier associated with a second device used to access the user account; and determining that a normal activity associated with the second identifier has occurred during the given duration; and communicating, by the server computer, a result of the analysis. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 12, 13, 14, 15)
-
-
11. (canceled)
-
16. A computing device comprising:
-
a microprocessor of the computing device; a storage medium for tangibly storing thereon program logic for execution by the microprocessor, the program logic comprising; determining logic executed by the microprocessor for determining, for a client device, a first identifier associated with the client device; analyzing logic executed by the microprocessor for analyzing an activity log associated with an account of a user to determine if an eavesdropping condition has been met during a given duration, the analysis comprising; determining that an eavesdropping activity has occurred during the given duration and determining that no normal activity has occurred during the given duration for the first identifier; determining a second identifier associated with a second device used to access the user account; and determining that a normal activity associated with the second identifier has occurred during the given duration; and communicating logic executed by the microprocessor for communicating a result of the analysis. - View Dependent Claims (17, 18, 19)
-
-
20. A non-transitory computer readable storage medium tangibly storing computer program instructions capable of being executed by a computer processor, the computer program instructions defining the steps of:
-
determining, by the computer processor for a client device, a first identifier associated with the client device; analyzing, by the computer processor, an activity log associated with an account of a user to determine if an eavesdropping condition has been met during a given duration, the analysis comprising; determining that an eavesdropping activity has occurred during the given duration and determining that no normal activity has occurred during the given duration for the first identifier; determining a second identifier associated with a second device used to access the user account; and determining that a normal activity associated with the second identifier has occurred during the given duration; and communicating, by the computer processor, a result of the analysis.
-
Specification