TECHNIQUES FOR DETECTING UNAUTHORIZED ACCESS TO CLOUD APPLICATIONS BASED ON VELOCITY EVENTS
First Claim
1. A method for detecting unauthorized access to cloud applications based on velocity events, comprising:
- identifying a first access attempt to a cloud application at a first time and from a first location;
identifying a second access attempt to a cloud application at a second time and from a second location;
computing a velocity between the first access attempt and the second access attempt based on the first time, the second time, the first location, and the second location;
checking if the computed velocity is greater than a velocity threshold; and
generating a velocity event when the computed velocity is greater than the velocity threshold, wherein the velocity event indicates that an access attempt is unauthorized.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for detecting unauthorized access to cloud applications based on velocity events are presented. The method includes identifying a first access attempt to a cloud application at a first time and from a first location; identifying a second access attempt to a cloud application at a second time and from a second location; computing a velocity between the first access attempt and the second access attempt based on the first time, the second time, the first location, and the second location; checking if the computed velocity is greater than a velocity threshold; and generating a velocity event when the computed velocity is greater than the velocity threshold, wherein the velocity event indicates that an access attempt is unauthorized.
44 Citations
23 Claims
-
1. A method for detecting unauthorized access to cloud applications based on velocity events, comprising:
-
identifying a first access attempt to a cloud application at a first time and from a first location; identifying a second access attempt to a cloud application at a second time and from a second location; computing a velocity between the first access attempt and the second access attempt based on the first time, the second time, the first location, and the second location; checking if the computed velocity is greater than a velocity threshold; and generating a velocity event when the computed velocity is greater than the velocity threshold, wherein the velocity event indicates that an access attempt is unauthorized. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A system for detecting unauthorized access to cloud applications, comprising:
-
a processing unit; and a memory, the memory containing instructions that, when executed by the processing unit, configure the system to; identify a first access attempt to a cloud application at a first time and from a first location; identify a second access attempt to a cloud application at a second time and from a second location; compute a velocity between the first access attempt and the second access attempt based on the first time, the second time, the first location, and the second location; check if the computed velocity is greater than a velocity threshold; and generate a velocity event when the computed velocity is greater than the velocity threshold, wherein the velocity event indicates that an access attempt is unauthorized. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
Specification