System and method for reducing security risk in computer network

US 8,181,253 B1
Filed: 06/30/2011
Issued: 05/15/2012
Est. Priority Date: 04/19/2011
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for reducing security risk in a computer network, the method comprising:

collecting, by a processing device, from a plurality of computers in the network information about computer usage, security incidents, and communications between computer users;

retrieving, for each computer user, a user profile comprising at least a personal and professional information of the user, and a plurality of risk factors associated with the user;

calculating, for each computer user, values for the plurality of risk factors in the user profile based on the computer usage information collected from the computer of each user;

calculating, for each computer user, a user security rating based on the values of one or more risk factors of the plurality of risk factors in the user profile;

adjusting a security rating of at least one computer user based on (i) the personal or professional information of said at least one computer user, and (ii) the security rating of at least one other computer user with whom said at least one computer user communicated;

selecting security settings for the plurality of computers based on the security ratings of the users of said computers; and

applying the selected security setting to the plurality of computers to reduce security risk in the computer network.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed are systems, methods and computer program products for reducing security risk in a computer network. The system includes an administration server that collects system usage, user profile and security incidents information from a plurality of computers in the network. The server determines values of one or more risk factors for each computer using the collected information. The server then calculates security rating of each computer user as a function of the risk factors and adjusts the calculated security rating of a given computer user based on the security ratings of other computer users with whom the given computer users communicates. The server then selects, based on the adjusted security rating, security settings for the computer of the given user in order to reduce user'"'"'s security risk to the computer network and applies the selected security settings to the computer of the given user.

Citations

18 Claims

1. A computer-implemented method for reducing security risk in a computer network, the method comprising:
- collecting, by a processing device, from a plurality of computers in the network information about computer usage, security incidents, and communications between computer users;
  
  retrieving, for each computer user, a user profile comprising at least a personal and professional information of the user, and a plurality of risk factors associated with the user;
  
  calculating, for each computer user, values for the plurality of risk factors in the user profile based on the computer usage information collected from the computer of each user;
  
  calculating, for each computer user, a user security rating based on the values of one or more risk factors of the plurality of risk factors in the user profile;
  
  adjusting a security rating of at least one computer user based on (i) the personal or professional information of said at least one computer user, and (ii) the security rating of at least one other computer user with whom said at least one computer user communicated;
  
  selecting security settings for the plurality of computers based on the security ratings of the users of said computers; and
  
  applying the selected security setting to the plurality of computers to reduce security risk in the computer network.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein calculating a user security rating comprises:
    - applying fuzzy logic rules to the values of one or more risk factors in the user profile.
  - 3. The method of claim 1, wherein adjusting a security rating of at least one computer user based on the personal information of said at least one user comprises:
    - adjusting the security rating of said at least one computer user based on one or more of the age and gender of said at least one computer user.
  - 4. The method of claim 1, wherein adjusting a security rating of at least one computer user based on the professional information of said at least one user comprises:
    - adjusting the security rating of said at least one computer user based on one or more of the job position, work experience, and level of education of said at least one computer user.
  - 5. The method of claim 1 further comprising:
    - adjusting the user security rating of at least one computer user based on information about security incidents on the computer of said at least one computer user.
  - 6. The method of claim 5, wherein the information about security incidents includes:
    - type of incident, source of incident, time of incident, and user activity preceding the incident.

7. A system for reducing security risk in a computer network, comprising:
- a memory being configured to store a plurality of user profiles for a plurality of computer users, each user profile comprising at least a personal and professional information of the computer user, and a plurality of risk factors associated with the computer user;
  
  a processor coupled to the memory, the processor being configured to;
  
  receive from a plurality of computers in the network information about computer usage, security incidents, and communications between computer users;
  
  retrieve from the memory a user profile for each computer user;
  
  calculate, for each computer user, values for the plurality of risk factors in the user profile based on the computer usage information received from the computer of each user;
  
  calculate, for each computer user, a user security rating based on the values of one or more risk factors of the plurality of risk factors in the user profile;
  
  adjust a security rating of at least one computer user based on (i) the personal or professional information of said at least one computer user, and (ii) the security rating of at least one other computer user with whom said at least one computer user communicated;
  
  select security settings for the plurality of computers based on the security ratings of the users of said computers; and
  
  apply the selected security setting to the plurality of computers to reduce security risk in the computer network.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The system of claim 7, wherein to calculate a user security rating, the processor being further configured to apply fuzzy logic rules to the values of one or more risk factors in the user profile.
  - 9. The system of claim 7, wherein to adjust a security rating of at least one computer user based on the personal information of said at least one user, the processor being further configured to adjust the security rating of said at least one computer user based on one or more of the age and gender of said at least one computer user.
  - 10. The system of claim 7, wherein to adjust a security rating of at least one computer user based on the professional information of said at least one user, the processor being further configured to adjust the security rating of said at least one computer user based on one or more of the job position, work experience, and level of education of said at least one computer user.
  - 11. The system of claim 7, wherein the processor being further configured to adjust the user security rating of at least one computer user based on information about security incidents on the computer of said at least one computer user.
  - 12. The system of claim 11, wherein the information about security incidents includes:
    - type of incident, source of incident, time of incident, and user activity preceding the incident.

13. A computer program product embedded in a non-transitory computer-readable storage medium, the computer-readable storage medium comprising computer-executable instructions for reducing security risk in a computer network, the instructions for:
- collecting, by a processing device, from a plurality of computers in the network information about computer usage, security incidents, and communications between computer users;
  
  retrieving, for each computer user, a user profile comprising at least a personal and professional information of the user, and a plurality of risk factors associated with the user;
  
  calculating, for each computer user, values for the plurality of risk factors in the user profile based on the computer usage information collected from the computer of each user;
  
  calculating, for each computer user, a user security rating based on the values of one or more risk factors of the plurality of risk factors in the user profile;
  
  adjusting a security rating of at least one computer user based on (i) the personal or professional information of said at least one computer user, and (ii) the security rating of at least one other computer user with whom said at least one computer user communicated; and
  
  selecting security settings for the plurality of computers based on the security ratings of the users of said computers; and
  
  applying the selected security setting to the plurality of computers to reduce security risk in the computer network.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The computer program product of claim 13, wherein instructions for calculating a user security rating further comprise instructions for applying fuzzy logic rules to the values of one or more risk factors in the user profile.
  - 15. The computer program product of claim 13, wherein instructions for adjusting a security rating of at least one computer user based on the personal information of said at least one user further comprise instructions for adjusting the security rating of said at least one computer user based on one or more of the age and gender of said at least one computer user.
  - 16. The computer program product of claim 13, wherein instructions for adjusting a security rating of at least one computer user based on the professional information of said at least one user further comprise instructions for adjusting the security rating of said at least one computer user based on one or more of the job position, work experience, and level of education of said at least one computer user.
  - 17. The computer program product of claim 13 further comprising instructions for:
    - adjusting the user security rating of at least one computer user based on information about security incidents on the computer of said at least one computer user.
  - 18. The computer program product of claim 17, wherein the information about security incidents includes:
    - type of incident, source of incident, time of incident, and user activity preceding the incident.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Kaspersky Lab ZAO
Original Assignee
Kaspersky Lab ZAO
Inventors
Zaitsev, Oleg V., Boronin, Valery A.
Primary Examiner(s)
Najjar, Saleh
Assistant Examiner(s)
Pan, Joseph

Application Number

US13/173,538
Time in Patent Office

320 Days
Field of Search

726/1, 726/2, 726/14, 726/25, 713/152, 713/164, 713/166
US Class Current

726/25
CPC Class Codes

G06F 21/552   involving long-term monitor...

G06F 21/577   Assessing vulnerabilities a...

H04L 63/1433   Vulnerability analysis

System and method for reducing security risk in computer network

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for reducing security risk in computer network

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links