CONTINUOUS IDENTITY AUTHENTICATION METHOD FOR COMPUTER USERS

US 20150143494A1
Filed: 05/28/2014
Published: 05/21/2015
Est. Priority Date: 10/18/2013
Status: Abandoned Application

First Claim

Patent Images

1. A continuous identity authentication method for computer users, used for verifying the identity of a user of a computer system, comprising the following steps of:

continuously recording the usage behavior of the computer system and generating a user'"'"'s behavioral data with a background program after the user is logged into the computer system;

storing the user'"'"'s behavioral data in a user behavior database;

converting the user'"'"'s behavioral data of a preset learning time into a group of articles with a first conversion program;

creating a user'"'"'s behavioral model from the group of articles with a second conversion program;

comparing the user'"'"'s behavioral data recorded by the background program with the user'"'"'s behavioral model at a preset time interval after the user'"'"'s behavioral model is created;

if the similarity between the user'"'"'s behavioral data and the user'"'"'s behavioral model is below a preset threshold, the situation is determined to be an abnormal event; and

temporarily locking the computer system and executing a revalidation process when an abnormal event occurs.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides a continuous identity authentication method. This method transforms the behavior records of different time intervals of the system user into a text format, and uses a resampling technique to generate a large number of articles of different lengths in order to have behavior records of the system user in different lengths of time, then using a document classification technique to build a matrix. In the end, building behavioral models of different time periods of the system'"'"'s user using Minimum Enclosing Ball technology. The behavioral models can then learn the behavior of the legitimate system user and continuously check whether the system is currently operated by the legitimate system user or not.

Citations

10 Claims

1. A continuous identity authentication method for computer users, used for verifying the identity of a user of a computer system, comprising the following steps of:
- continuously recording the usage behavior of the computer system and generating a user'"'"'s behavioral data with a background program after the user is logged into the computer system;
  
  storing the user'"'"'s behavioral data in a user behavior database;
  
  converting the user'"'"'s behavioral data of a preset learning time into a group of articles with a first conversion program;
  
  creating a user'"'"'s behavioral model from the group of articles with a second conversion program;
  
  comparing the user'"'"'s behavioral data recorded by the background program with the user'"'"'s behavioral model at a preset time interval after the user'"'"'s behavioral model is created;
  
  if the similarity between the user'"'"'s behavioral data and the user'"'"'s behavioral model is below a preset threshold, the situation is determined to be an abnormal event; and
  
  temporarily locking the computer system and executing a revalidation process when an abnormal event occurs.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The continuous identity authentication method for computer users of claim 1, wherein the first conversion program is constantly reading the user'"'"'s behavioral data from the user behavior database at a preset time interval, interpreting each user'"'"'s behavioral data as words for generating a segment of words, then randomly disassembling and repeatedly combining the segment of words so as to form articles with different lengths for further generating the group of articles.
  - 3. The continuous identity authentication method for computer users of claim 1, wherein the second conversion program is constantly converting the group of articles into vectors for generating a first matrix, then reducing the order of the first matrix by a reduce order method for generating a second matrix, finally creating the user'"'"'s behavioral model from the second matrix using a minimum enclosing ball method.
  - 4. The continuous identity authentication method for computer users of claim 1, wherein the user'"'"'s behavioral model is of matrix format, when comparing the user'"'"'s behavioral data with the user'"'"'s behavioral model, the user'"'"'s behavioral data recorded by the background program can also be converted into the matrix format by the first conversion program and the second conversion program, and the converted user'"'"'s behavioral data is then compared with the user'"'"'s behavioral model.
  - 5. The continuous identity authentication method for computer users of claim 1, wherein the user'"'"'s behavioral data comprises hardware resource usage information and software usage behavior information.
  - 6. The continuous identity authentication method for computer users of claim 5, wherein the hardware resource usage information comprises a processor utilization rate, a memory utilization rate, an access volume of the hard disk and an access volume of the network.
  - 7. The continuous identity authentication method for computer users of claim 5, wherein the software usage behavior information comprises a list of used application programs by the user and a system resource usage thereof
  - 8. The continuous identity authentication method for computer users of claim 1, wherein the revalidation process comprises sending an email with an unlock link to a user'"'"'s mailbox for the user to unlock the computer system.
  - 9. The continuous identity authentication method for computer users of claim 1, wherein the revalidation process comprises sending a notification to a user'"'"'s smartphone so that the user can use a mobile unlock application to unlock the computer system.
  - 10. The continuous identity authentication method for computer users of claim 1, wherein if the user uses the revalidation process to unlock the computer system, it means that a misjudgment was generated from the user'"'"'s behavioral model, the background program will then record the misjudgment in the user behavior database so as to update the user'"'"'s behavioral model.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
National Taiwan University of Science and Technology
Original Assignee
National Taiwan University of Science and Technology
Inventors
Lee, Yuh-Jye, Yeh, Chi-Tien, Chiu, Chien-Yi

Application Number

US14/289,343
Publication Number

US 20150143494A1
Time in Patent Office

Days
Field of Search
US Class Current

726/7
CPC Class Codes

G06F 21/316   by observing the pattern of...

G06F 21/45   Structures or tools for the...

H04L 63/08   for authentication of entit...

H04L 63/1425   Traffic logging, e.g. anoma...

CONTINUOUS IDENTITY AUTHENTICATION METHOD FOR COMPUTER USERS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

10 Claims

Specification

Solutions

Use Cases

Quick Links

CONTINUOUS IDENTITY AUTHENTICATION METHOD FOR COMPUTER USERS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

10 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links