Using link analysis in adversarial knowledge-based authentication model

US 9,202,173 B1
Filed: 09/27/2012
Issued: 12/01/2015
Est. Priority Date: 09/27/2012
Status: Expired due to Fees

First Claim

Patent Images

1. A method of performing knowledge-based authentication (KBA), the method comprising:

receiving an adversary alert which identifies an adversary having knowledge of certain facts utilized by a KBA system to construct KBA questions;

in response to the adversary alert, altering operation of the KBA system to account for the adversary having knowledge of the certain facts; and

after the operation of the KBA system has been altered to account for the adversary having knowledge of the certain facts, selecting KBA questions from the KBA system to authenticate users, the KBA questions being selected based on adjustments made within the KBA system in response to the adversary alert;

wherein the method further comprises generating a link table that includes a set of entries, each entry of the set of entries including (i) a fact identifier identifying a fact of a set of facts and (ii) a user identifier identifying a user to whom the fact has a reference; and

wherein altering the operation of the KBA system includes;

finding a particular entry of the set of entries of the link table, the particular entry including a user identifier identifying the adversary, andfiltering, from the set of facts, the fact identified by the fact identifier of the particular entry to form a set of secure facts, a secure fact of the set of secure facts being utilized by the KBA system to construct a secure KBA question that the adversary is unlikely to answer correctly.

View all claims

18 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An improved technique involves adjusting the operation of a KBA system based on facts that may contain information known to an adversary. Along these lines, the KBA system may receive an alert concerning an adversary that may know the answers to some of the KBA questions used by the KBA system in authenticating users. In response to alert, the KBA system may alter operations in order to account for the adversary. Subsequently, when a user requests authentication, the KBA system selects KBA questions based on adjustments made to the KBA system in order to avoid presenting the adversary with KBA questions derived from facts (s)he knows.

Citations

16 Claims

1. A method of performing knowledge-based authentication (KBA), the method comprising:
- receiving an adversary alert which identifies an adversary having knowledge of certain facts utilized by a KBA system to construct KBA questions;
  
  in response to the adversary alert, altering operation of the KBA system to account for the adversary having knowledge of the certain facts; and
  
  after the operation of the KBA system has been altered to account for the adversary having knowledge of the certain facts, selecting KBA questions from the KBA system to authenticate users, the KBA questions being selected based on adjustments made within the KBA system in response to the adversary alert;
  
  wherein the method further comprises generating a link table that includes a set of entries, each entry of the set of entries including (i) a fact identifier identifying a fact of a set of facts and (ii) a user identifier identifying a user to whom the fact has a reference; and
  
  wherein altering the operation of the KBA system includes;
  
  finding a particular entry of the set of entries of the link table, the particular entry including a user identifier identifying the adversary, andfiltering, from the set of facts, the fact identified by the fact identifier of the particular entry to form a set of secure facts, a secure fact of the set of secure facts being utilized by the KBA system to construct a secure KBA question that the adversary is unlikely to answer correctly.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. A method as in claim 1,wherein finding the particular entry including the user identifier identifying the adversary includes:
    - for each fact of the facts utilized by the KBA system, producing a link strength that represents the number of users of the group of users in the link table;
      
      identifying the fact as an unsecure fact when the link strength is greater than a threshold link strength; and
      
      identifying the fact as a secure fact when the link strength is less than the threshold link strength.
  - 3. A method as in claim 2,wherein the KBA system includes a questions database in which the KBA questions are stored;
    - wherein the method further comprises;
      
      removing, from the questions database, KBA questions that had been generated from unsecure facts.
  - 4. A method as in claim 3,wherein a minimum number of questions in the questions database is based on the threshold link strength;
    - wherein removing KBA questions from the questions database includes;
      
      stopping removal of questions when the number of questions in the database is less than the minimum number of questions in the questions database.
  - 5. A method as in claim 1,wherein the particular entry including the user identifier identifying the adversary includes:
    - for each fact of the facts utilized by the KBA system, using a force-based algorithm to produce a set of nodes of a graph representing the users of the group of users in the link table; and
      
      identifying the fact as a secure fact when a minimum distance between nodes representing users of the group of users and other nodes is less than an external distance threshold.
  - 6. A method as in claim 1,wherein altering the operation of the KBA system further includes:
    - identifying unsecure KBA questions of the KBA questions from the KBA system;
      
      wherein selecting the KBA questions includes;
      
      providing the KBA questions from the KBA system to a user requesting authentication; and
      
      wherein the method further comprises;
      
      receiving a set of answers, each answer of the set of answers corresponding to a KBA question from the KBA system, andfiltering answers of the set of answers that correspond to the unsecure KBA questions to form a set of secure answers.
  - 7. A method as in claim 6,wherein the method further comprises:
    - generating a risk score from the set of secure answers, the risk score being based on a number of answers of the set of secure answers that are correct, andproviding or denying authentication to the user based on a value of the risk score.
  - 8. A method as in claim 7,wherein generating the risk score includes:
    - increasing the value of the risk score in response to an answer of the set of answers being incorrect, anddecreasing the value of the risk score in response to an answer of the set of answers being correct.
  - 9. A method as in claim 8,wherein providing or denying authentication to the user based on a value of the risk score includes:
    - providing authentication to the user when the value of the risk score is below a risk score threshold value, anddenying authentication to the user when the value of the risk score is above a risk score threshold value.

10. A KBA system constructed and arranged to perform a KBA operation, the KBA system comprising:
- a network interface;
  
  memory; and
  
  a controller including controlling circuitry, the controlling circuitry being constructed and arranged to;
  
  receive an adversary alert which identifies an adversary who (i) is not authorized to access a resource and (ii) has knowledge of certain facts utilized by a KBA system to construct KBA questions;
  
  in response to the adversary alert, perform an adjustment operation on the KBA system to produce an adjustment to the KBA system, the adjustment to the KBA system accounting for the adversary having knowledge of the certain facts; and
  
  after performing the adjustment operation on the KBA system, select KBA questions from the KBA system to authenticate users, the KBA questions being selected based on the adjustment to the KBA system so that the adversary may be prevented from accessing the resource;
  
  wherein the controlling circuitry is further constructed and arranged to generate a link table that includes a set of entries, each entry of the set of entries including (i) a fact identifier identifying a fact of a set of facts and (ii) a user identifier identifying a user to whom the fact has a reference; and
  
  wherein the controlling circuitry constructed and arranged to alter the operation of the KBA system is further constructed and arranged to;
  
  find a particular entry of the set of entries of the link table, the particular entry including a user identifier identifying the adversary, andfilter, from the set of facts, the fact identified by the fact identifier of the particular entry to form a set of secure facts, a secure fact of the set of secure facts being utilized by the KBA system to construct a secure KBA question that the adversary is unlikely to answer correctly.
- View Dependent Claims (11, 12, 13, 14)
- - 11. A KBA system as in claim 10,wherein the controlling circuitry constructed and arranged to perform the adjustment operation on the KBA system is further constructed and arranged to:
    - identify unsecure KBA questions of the KBA questions from the KBA system;
      
      wherein the controlling circuitry constructed and arranged to select the KBA questions is further constructed and arranged to;
      
      provide the KBA questions from the KBA system; and
      
      wherein the controlling circuitry is further constructed and arranged to;
      
      receive a set of answers, each answer of the set of answers corresponding to a KBA question from the KBA system, andfilter answers of the set of answers that correspond to the unsecure KBA questions to form a set of secure answers.
  - 12. A KBA system as in claim 11,wherein the controlling circuitry is further constructed and arranged to:
    - generate a risk score from the set of secure answers, the risk score being based on a number of answers of the set of secure answers that are correct, andprovide or deny authentication to the user based on a value of the risk score.
  - 13. A KBA system as in claim 12,wherein the controlling circuitry constructed and arranged to generate the risk score is further constructed and arranged to:
    - increase the value of the risk score in response to an answer of the set of answers being incorrect, anddecrease the value of the risk score in response to an answer of the set of answers being correct.
  - 14. A KBA system as in claim 13,wherein the controlling circuitry constructed and arranged to provide or deny authentication to the user based on a value of the risk score is further constructed and arranged to:
    - provide authentication to the user when the value of the risk score is below a risk score threshold value, anddeny authentication to the user when the value of the risk score is above a risk score threshold value.

15. A computer program product having a non-transitory,computer-readable storage medium which stores code to perform KBA, the code including instructions to:
- receive an adversary alert which identifies an adversary having knowledge of certain facts utilized by a KBA system to construct KBA questions;
  
  in response to the adversary alert, alter operation of the KBA system to account for the adversary having knowledge of the certain facts; and
  
  after the operation of the KBA system has been altered to account for the adversary having knowledge of the certain facts, select KBA questions from the KBA system to authenticate users, the KBA questions being selected based on adjustments made within the KBA system in response to the adversary alert;
  
  wherein code further includes instructions to generate a link table that includes a set of entries, each entry of the set of entries including (i) a fact identifier identifying a fact of a set of facts and (ii) a user identifier identifying a user to whom the fact has a reference; and
  
  wherein altering the operation of the KBA system includes;
  
  finding a particular entry of the set of entries of the link table, the particular entry including a user identifier identifying the adversary, andfiltering, from the set of facts, the fact identified by the fact identifier of the particular entry to form a set of secure facts, a secure fact of the set of secure facts being utilized by the KBA system to construct a secure KBA question that the adversary is unlikely to answer correctly.

16. A method of performing knowledge-based authentication (KBA), the method comprising:
- receiving an adversary alert which identifies an adversary having knowledge of certain facts utilized by a KBA system to construct KBA questions;
  
  in response to the adversary alert, altering operation of the KBA system to account for the adversary having knowledge of the certain facts; and
  
  after the operation of the KBA system has been altered to account for the adversary having knowledge of the certain facts, selecting KBA questions from the KBA system to authenticate users, the KBA questions being selected based on adjustments made within the KBA system in response to the adversary alert;
  
  wherein the KBA system utilizes a plurality of facts to construct the KBA questions;
  
  wherein altering the operation of the KBA system includes filtering the certain facts from the plurality of facts to form a set of secure facts;
  
  wherein selecting the KBA questions from the KBA system to authenticate the users includes transmitting data representing an unsecure KBA question and a secure KBA question to a user requesting access to a resource, the unsecure KBA question having been constructed by the KBA system utilizing a certain fact, the secure KBA question having been constructed by the KBA system utilizing a secure fact of the set of secure facts; and
  
  wherein the method further comprises;
  
  after data representing an incorrect answer to the unsecure KBA question is received from the user, generating a first risk score; and
  
  after data representing an incorrect answer to the secure KBA question is received from the user, generating a second risk score, the second risk score being greater than the first risk score, the first risk score and the second risk score each indicating a likelihood that the user is not authorized to access the resource, a larger risk score indicating a larger likelihood that the user is not authorized to access the resource.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
RSA Security LLC (Symphony Technology Group LLC)
Original Assignee
EMC Corporation (Dell Technologies Inc.)
Inventors
Dotan, Yedidya, Friedman, Lawrence N., Eliezer, Ayelet
Primary Examiner(s)
Chaki, Kakali
Assistant Examiner(s)
SITIRICHE, LUIS A

Application Number

US13/628,642
Time in Patent Office

1,160 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

G06N 20/00   Machine learning

G06N 5/02   Knowledge representation; S...

G06N 5/04   Inference or reasoning models

Using link analysis in adversarial knowledge-based authentication model

First Claim

18 Assignments

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Using link analysis in adversarial knowledge-based authentication model

First Claim

18 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links