Identifying Related User Accounts Based on Authentication Data
First Claim
1. A method comprising:
- detecting, by a computing device, a malicious activity associated with a first user account; and
determining, by the computing device, that at least one second user account is related to the first user account based on authentication data associated with the first user account.
3 Assignments
0 Petitions
Accused Products
Abstract
In some embodiments, upon detecting malicious activity associated with a user account, a content management system can identify other user accounts related to the malicious user account. The content management system can identify related user accounts by comparing authentication information collected for the malicious user account with authentication information collected for other user accounts. Authentication information can include IP address information, geographic information, device type, browser type, email addresses, and/or referral information, for example. The content management system can compare the content items associated with the malicious user account to content items associated with other user accounts to determine relatedness or maliciousness. After identifying related malicious user accounts, the content management system can block all related malicious user accounts.
-
Citations
20 Claims
-
1. A method comprising:
-
detecting, by a computing device, a malicious activity associated with a first user account; and determining, by the computing device, that at least one second user account is related to the first user account based on authentication data associated with the first user account. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer readable medium including one or more sequences of instructions which, when executed by one or more processors, cause:
-
collecting a first authentication data associated with a first user account; collecting a second authentication data associated with a second user account; detecting a malicious activity associated with a first user account; comparing the first authentication data to the second authentication data; and determining that the second user account is related to the first user account based on the comparison. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A system comprising:
-
one or more processors; and a computer readable medium including one or more sequences of instructions which, when executed by one or more processors, cause; collecting a first authentication data associated with a first user account and a second authentication data associated with a second user account; detecting a malicious activity associated with a first user account; determining that the second user account is related to the first user account based on the comparison; comparing a first content item of the first user account to a second content item of the second user account; and determining that the second user account is a malicious user account based on the comparison. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification