Anomalous behavior detection using radio frequency fingerprints and access credentials
First Claim
Patent Images
1. A system, comprising:
- a transceiver;
at least one memory that stores computer-executable instructions; and
at least one processor operationally coupled to the transceiver and the at least one memory, wherein the at least one processor is configured to access the at least one memory and execute the computer-executable instructions to;
receive a radio frequency (RF) fingerprint of an RF signal detected by the transceiver within an area under surveillance (AUS), the RF fingerprint comprising at least one of;
i) a hardware address of an electronic device that emitted the RF signal or ii) a radio type identifier of a radio of the electronic device;
determine a stored persona that includes a stored RF fingerprint that matches the received RF fingerprint;
determine that the electronic device that emitted the RF signal is associated with the stored persona and identify a user associated with the stored persona;
identify, from the stored persona, access credentials of the user, wherein the access credentials provide access to one or more ingress points of the AUS via one or more access control devices;
receive access control information indicating that the access credentials have not been received at any of the one or more access control devices; and
determine that the user is in violation of a security protocol based at least in part on receipt of the RF fingerprint and receipt of the access control information indicating that the access credentials have not been received.
1 Assignment
0 Petitions
Accused Products
Abstract
Electromagnetic (EM)/radio frequency (RF) emissions may be detected and corresponding EM personas may be created. One or more EM personas may be associated with a super persona corresponding to a particular entity. EM personas, super personas, and/or supplemental identifying information can be used to enforce security protocols.
-
Citations
20 Claims
-
1. A system, comprising:
-
a transceiver; at least one memory that stores computer-executable instructions; and at least one processor operationally coupled to the transceiver and the at least one memory, wherein the at least one processor is configured to access the at least one memory and execute the computer-executable instructions to; receive a radio frequency (RF) fingerprint of an RF signal detected by the transceiver within an area under surveillance (AUS), the RF fingerprint comprising at least one of;
i) a hardware address of an electronic device that emitted the RF signal or ii) a radio type identifier of a radio of the electronic device;determine a stored persona that includes a stored RF fingerprint that matches the received RF fingerprint; determine that the electronic device that emitted the RF signal is associated with the stored persona and identify a user associated with the stored persona; identify, from the stored persona, access credentials of the user, wherein the access credentials provide access to one or more ingress points of the AUS via one or more access control devices; receive access control information indicating that the access credentials have not been received at any of the one or more access control devices; and determine that the user is in violation of a security protocol based at least in part on receipt of the RF fingerprint and receipt of the access control information indicating that the access credentials have not been received. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A system, comprising:
-
a transceiver; at least one memory that stores computer-executable instructions; and at least one processor operationally coupled to the transceiver and the at least one memory, wherein the at least one processor is configured to access the at least one memory and execute the computer-executable instructions to; receive a first radio frequency (RF) fingerprint of a first RF signal detected by the transceiver within an area under surveillance (AUS), the first RF fingerprint comprising at least one of;
i) a hardware address of a first electronic device that emitted the first RF signal or ii) a first radio type identifier of a first radio of the first electronic device;determine a first stored persona that includes a first stored RF fingerprint that matches the received first RF fingerprint; determine that the first electronic device that emitted the RF signal is associated with the first stored persona and identify a first user associated with the stored persona; identify, from the first stored persona, first access credentials of the first user, wherein the first access credentials provide access to one or more ingress points of the AUS via one or more access control devices; receive a second RF fingerprint of a second RF signal detected by the transceiver within the AUS, the second RF fingerprint comprising at least one of;
i) a second hardware address of a second electronic device that emitted the second RF signal or ii) a second radio type identifier of a second radio of the second electronic device;receive, from at least one of the one or more access control devices, access control information including second access credentials matching the first access credentials; determine that a first time at which the first RF signal is detected by the transceiver is within a threshold period of time from a second time at which the second RF signal is detected by the transceiver; determine that a first position from which the first RF signal is emitted is within a threshold distance from a second position from which the second RF signal is emitted; determine that a second user of the second electronic device entered the ingress point of the AUS in violation of a security protocol; and generate an alert indicative of the determination that the second user of the second electronic device entered the AUS in violation of the security protocol. - View Dependent Claims (7, 8, 9)
-
-
10. A method, comprising:
-
receiving, by a security system comprising one or more processors, a radio frequency (RF) fingerprint of an RF signal detected by the transceiver within an area under surveillance (AUS), the RF fingerprint comprising at least one of;
i) a hardware address of an electronic device that emitted the RF signal or ii) a radio type identifier of a radio of the electronic device;determining, by the security system, a stored persona that includes a stored RF fingerprint that matches the received RF fingerprint; determining, by the security system, that the electronic device that emitted the RF signal is associated with the stored persona and identify a user associated with the stored persona; identifying, by the security system, from the stored persona, access credentials of the user, wherein the access credentials provide access to one or more ingress points of the AUS via one or more access control devices; receiving, by the security system, access control information indicating that the access credentials have not been received at any of the one or more access control devices; and determining, by the security system, that the user is in violation of a security protocol based at least in part on receiving the RF fingerprint and receiving the access control information indicating that the access credentials have not been received. - View Dependent Claims (11, 12, 13)
-
-
14. A method, comprising:
-
receiving, by a security system comprising one or more processors, a first radio frequency (RF) fingerprint of a first RF signal detected by the transceiver within an area under surveillance (AUS), the first RF fingerprint comprising at least one of;
i) a hardware address of a first electronic device that emitted the first RF signal or ii) a first radio type identifier of a first radio of the first electronic device;determining, by the security system, a first stored persona that includes a first stored RF fingerprint that matches the received first RF fingerprint; determining, by the security system, that the first electronic device that emitted the RF signal is associated with the first stored persona and identify a first user associated with the stored persona; identifying, by the security system, from the first stored persona, access credentials of the first user, wherein the access credentials provide access to one or more ingress points of the AUS via one or more access control devices; receiving, by the security system, a second RF fingerprint of a second RF signal detected by the transceiver within the AUS, the second RF fingerprint comprising at least one of;
i) a second hardware address of a second electronic device that emitted the second RF signal or ii) a second radio type identifier of a second radio of the second electronic device;receiving, by the security system and from at least one of the one or more access control devices, access control information including the access credentials; determining, by the security system, that a first time at which the first RF signal is detected by the transceiver is within a threshold period of time from a second time at which the second RF signal is detected by the transceiver; determining, by the security system, that a first position from which the first RF signal is emitted is within a threshold distance from a second position from which the second RF signal is emitted; determining, by the security system, that a second user of the second electronic device entered the ingress point of the AUS in violation of a security protocol; and generating, by the security system, an alert indicative of the determination that the second user of the second electronic device entered the AUS in violation of the security protocol. - View Dependent Claims (15, 16)
-
-
17. One or more non-transitory computer-readable media storing computer-executable instructions that responsive to execution cause one or more computer processors to perform operations comprising:
-
receiving a radio frequency (RF) fingerprint of an RF signal detected by the transceiver within an area under surveillance (AUS), the RF fingerprint comprising at least one of;
i) a hardware address of an electronic device that emitted the RF signal or ii) a radio type identifier of a radio of the electronic device;determining a stored persona that includes a stored RF fingerprint that matches the received RF fingerprint; determining that the electronic device that emitted the RF signal is associated with the stored persona and identify a user associated with the stored persona; identifying, from the stored persona, access credentials of the user, wherein the access credentials provide to one or more ingress points of the AUS via one or more access control devices; receiving, access control information indicating that the access credentials of the user have not been received at any of the one or more access control devices; and determining that the user is in violation of a security protocol based at least in part on receiving the RF fingerprint and receiving the access control information indicating that the access credentials have not been received. - View Dependent Claims (18, 19, 20)
-
Specification