User identification using multifaceted footprints

US 9,251,328 B2
Filed: 07/19/2012
Issued: 02/02/2016
Est. Priority Date: 07/05/2012
Status: Expired due to Fees

First Claim

Patent Images

1. A computer program product for identifying an unknown user, the computer program product comprising:

a non-transitory computer readable storage medium having computer readable program code embodied therewith, the computer readable program code comprising;

computer readable program code configured to provide a plurality of historical network traces of user activity;

computer readable program code configured to extract a footprint for each of a plurality of users from the historical network traces;

computer readable program code configured to aggregate the footprints of the users to determine an ensemble prior;

computer readable program code configured to receive a plurality of network traces relevant to an unknown user in a computer environment;

computer readable program code configured to match the network traces against each of the footprints to determine a plurality of matches;

computer readable program code configured to aggregate the matches using the ensemble prior according to a plurality of contexts and a plurality of facets; and

computer readable program code configured to output a probable user identity for the unknown user.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for identifying an unknown user according to a plurality of facets of user activity in a plurality of contexts includes receiving a plurality of priors for the facets with respect to the contexts, receiving a plurality of footprints of known users, aggregating the footprints of the users to determine an ensemble prior, receiving a plurality of network traces relevant to an unknown user in a computer environment, matching the network traces against each of the footprints to determine a plurality of matches, aggregating the matches using the ensemble prior according to the facets and the contexts, and outputting a probable user identity for the unknown user.

Citations

13 Claims

1. A computer program product for identifying an unknown user, the computer program product comprising:
- a non-transitory computer readable storage medium having computer readable program code embodied therewith, the computer readable program code comprising;
  
  computer readable program code configured to provide a plurality of historical network traces of user activity;
  
  computer readable program code configured to extract a footprint for each of a plurality of users from the historical network traces;
  
  computer readable program code configured to aggregate the footprints of the users to determine an ensemble prior;
  
  computer readable program code configured to receive a plurality of network traces relevant to an unknown user in a computer environment;
  
  computer readable program code configured to match the network traces against each of the footprints to determine a plurality of matches;
  
  computer readable program code configured to aggregate the matches using the ensemble prior according to a plurality of contexts and a plurality of facets; and
  
  computer readable program code configured to output a probable user identity for the unknown user.
- View Dependent Claims (4, 5, 6)
- - 4. The computer program of claim 1, wherein outputting further comprises outputting a sorted list of user identifies according to a probability of being the unknown user.
  - 5. The computer program of claim 1, wherein each context indicated at least one of a time and a location of user activity.
  - 6. The computer program of claim 1, wherein each facet is a measurement dimension of user activity.

2. The computer program product of 1, wherein the network traces are received as an input stream, and the computer readable storage medium further comprising computer readable program code configured to perform the matching on the stream of network traces using an indexing structure.

3. The computer program product of 1, further comprising computer readable program code configured to output a plurality of user identities, ranked by probability.

7. A system for identifying an unknown user according to a plurality of facets of user activity in a plurality of contexts, the system comprising:
- a memory storing a plurality of priors for the facets with respect to the contexts and an ensemble prior based on a plurality of footprints of known users; and
  
  a processor configured to receive a plurality of network traces relevant to an unknown user in a computer environment, match the network traces against each of the footprints to determine a plurality of matches, aggregate the matches using the ensemble prior according to the facets and the contexts, and output a probable user identity for the unknown user.
- View Dependent Claims (8, 9, 10, 11, 12, 13)
- - 8. The system of claim 7, wherein the network traces are received as an input stream, and the method further comprising performing the matching on the stream of network traces using an indexing structure.
  - 9. The system of claim 7, wherein the processor is configured to output a plurality of user identities, ranked by probability.
  - 10. The system of claim 9, wherein outputting further comprises outputting a sorted list of user identifies according to a probability of being the unknown user.
  - 11. The system of claim 9, wherein each context indicated at least one of a time and a location of user activity.
  - 12. The system of claim 9, wherein each facet is a measurement dimension of user activity.
  - 13. The system of claim 9, wherein the memory embodies computer readable program code executed by the processor to identify the unknown user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Christodorescu, Mihai, Sailer, Reiner, Schales, Douglas Lee, Stoecklin, Marc, Wang, Ting
Primary Examiner(s)
Dalencourt, Yves

Application Number

US13/553,415
Publication Number

US 20140012976A1
Time in Patent Office

1,293 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2117   User registration

H04L 41/5058   Service discovery by the se...

H04L 41/5096   wherein the managed service...

H04L 67/306   User profiles

H04L 67/535   Tracking the activity of th...

User identification using multifaceted footprints

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

User identification using multifaceted footprints

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links