METHOD, DEVICE, AND SYSTEM OF DIFFERENTIATING BETWEEN A LEGITIMATE USER AND A CYBER-ATTACKER
First Claim
1. A method comprising:
- determining whether a user, who utilizes a computing device to interact with a computerized service, is (A) an authorized user, or (B) an attacker posing as the authorized user and gaining unauthorized access to the computerized service;
wherein the determining comprises;
tracking user interactions with the computerized service via an input unit of the computing device;
analyzing the user interactions with the computerized service;
based on analysis of the user interactions with the computerized service, deducing at least one of;
(i) changes in data-entry rate of said user, and (ii) level of familiarity of said user with said computerized service;
based on said deducing, determining whether said user is (A) an authorized user, or (B) an attacker posing as the authorized user and gaining unauthorized access to the computerized service.
3 Assignments
0 Petitions
Accused Products
Abstract
Devices, systems, and methods of detecting user identity, differentiating between users of a computerized service, and detecting a cyber-attacker. An end-user device (a desktop computer, a laptop computer, a smartphone, a tablet, or the like) interacts and communicates with a server of a computerized server (a banking website, an electronic commerce website, or the like). The interactions are monitored, tracked and logged. User Interface (UI) interferences are intentionally introduced to the communication session; and the server tracks the response or the reaction of the end-user to such communication interferences. The system determines whether the user is a legitimate human user, or a cyber-attacker posing as the legitimate human user.
-
Citations
24 Claims
-
1. A method comprising:
-
determining whether a user, who utilizes a computing device to interact with a computerized service, is (A) an authorized user, or (B) an attacker posing as the authorized user and gaining unauthorized access to the computerized service; wherein the determining comprises; tracking user interactions with the computerized service via an input unit of the computing device; analyzing the user interactions with the computerized service; based on analysis of the user interactions with the computerized service, deducing at least one of;
(i) changes in data-entry rate of said user, and (ii) level of familiarity of said user with said computerized service;based on said deducing, determining whether said user is (A) an authorized user, or (B) an attacker posing as the authorized user and gaining unauthorized access to the computerized service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
Specification