Threat personalization
First Claim
1. A computer-program product comprising a tangible, non-transitory computer readable medium containing computer program code comprising:
- a threat personalization application for creating, on a host computer system of a user, a user'"'"'s security risk profile for a user, wherein said user is a human user of said host computer system;
said user'"'"'s security risk profile is specific to said user; and
said user'"'"'s security risk profile comprises;
building said user'"'"'s security risk profile from a user'"'"'s behavior profile and a user'"'"'s system profile, wherein said user'"'"'s behavior profile is a personalized behavior of said user on said host computer system; and
said user'"'"'s system profile is a profile of a personalized system of said user on said host computer system;
said threat personalization application further for creating a personalized threat profile for a threat with respect to information on said host computer system of a user;
said threat personalization application further for determining whether there is a correlation between said user'"'"'s security risk profile and said personalized threat profile; and
said threat personalization application further for issuing a personalized alert to said user based on an outcome of said determining whether there is correlation,wherein upon said threat being detected, said personalized alert is a personalized reactive alert;
and upon said threat not being detected, said personalized alert is a personalized proactive alert;
wherein said user'"'"'s behavior profile is characterized by at least one attribute selected from the group comprising of;
(1) accounts and memberships of said user;
(2) online activities of said user;
(3) network behavior of said user;
(4) use of external devices by said user; and
(5) update behavior of said user;
wherein said user'"'"'s system profile is characterized by at least one attribute selected from the group comprising of;
1) sensitive applications;
(2) high-risk applications;
(3) valuable data/files; and
(4) system and application modification frequency.
6 Assignments
0 Petitions
Accused Products
Abstract
A determination is made as to whether there is a correlation between a user'"'"'s security risk profile and a personalized threat profile of an actual or spreading threat. If there is a correlation, a personalized reactive alert is issued in the case of an actual threat. The personalized reactive alert informs the user of specific suspected data that may have been compromised by the threat and the specific non-computer related action that the user should take. Further, if there is a correlation, a personalized proactive alert is issued and/or personalized proactive protective action taken in the case of a spreading threat. The personalized proactive alert informs the user of the spreading threat that the user and/or the user'"'"'s host computer system is particularly susceptible to. Further, the personalized proactive protective action taken provides automated risk mitigation.
188 Citations
12 Claims
-
1. A computer-program product comprising a tangible, non-transitory computer readable medium containing computer program code comprising:
-
a threat personalization application for creating, on a host computer system of a user, a user'"'"'s security risk profile for a user, wherein said user is a human user of said host computer system; said user'"'"'s security risk profile is specific to said user; and
said user'"'"'s security risk profile comprises;
building said user'"'"'s security risk profile from a user'"'"'s behavior profile and a user'"'"'s system profile, wherein said user'"'"'s behavior profile is a personalized behavior of said user on said host computer system; and
said user'"'"'s system profile is a profile of a personalized system of said user on said host computer system;
said threat personalization application further for creating a personalized threat profile for a threat with respect to information on said host computer system of a user;
said threat personalization application further for determining whether there is a correlation between said user'"'"'s security risk profile and said personalized threat profile; and
said threat personalization application further for issuing a personalized alert to said user based on an outcome of said determining whether there is correlation,wherein upon said threat being detected, said personalized alert is a personalized reactive alert; and upon said threat not being detected, said personalized alert is a personalized proactive alert; wherein said user'"'"'s behavior profile is characterized by at least one attribute selected from the group comprising of;
(1) accounts and memberships of said user;
(2) online activities of said user;
(3) network behavior of said user;
(4) use of external devices by said user; and
(5) update behavior of said user;
wherein said user'"'"'s system profile is characterized by at least one attribute selected from the group comprising of;
1) sensitive applications;
(2) high-risk applications;
(3) valuable data/files; and
(4) system and application modification frequency. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computer system comprising:
-
a memory having stored therein a threat personalization application; and a processor coupled to said memory, wherein execution of said threat personalization application generates a method comprising; creating, on a host computer system of a user, a user'"'"'s security risk profile for a user, wherein said user is a human user of said host computer system; said user'"'"'s security risk profile is specific to said user; and said user'"'"'s security risk profile comprises; building said user'"'"'s security risk profile from a user'"'"'s behavior profile and a user'"'"'s system profile,
wherein said user'"'"'s behavior profile is a personalized behavior of said user on said host computer system of a user; and
said user'"'"'s system profile is a profile of a personalized system of said user on said host computer system;creating a personalized threat profile for a threat with respect to information on said host computer system of a user; determining whether there is a correlation between said user'"'"'s security risk profile and said personalized threat profile; and issuing a personalized alert to said user based on an outcome of said determining whether there is correlation, wherein upon said threat being detected, said personalized alert is a personalized reactive alert; and upon said threat not being detected, said personalized alert is a personalized proactive alert; wherein said user'"'"'s behavior profile is characterized by at least one attribute selected from the group comprising of;
(1) accounts and memberships of said user;
(2) online activities of said user;
(3) network behavior of said user;
(4) use of external devices by said user; and
(5) update behavior of said user;wherein said user'"'"'s system profile is characterized by at least one attribute selected from the group comprising of;
1) sensitive applications;
(2) high-risk applications;
(3) valuable data/files; and
(4) system and application modification frequency.
-
Specification