Systems and methods for assessing security risk
First Claim
1. A system for assessing security risk, the system comprising at least one processor programmed to:
- maintain a plurality of records, wherein;
each record is associated with a respective network address in a plurality of network addresses; and
each record comprises information regarding user behaviors observed from a plurality of previous electronic transactions that have been tagged with the network address associated with the record;
receive log information regarding a present electronic transaction;
use the log information to determine at least one network address from which the present electronic transaction is requested; and
analyze the log information regarding the present electronic transaction in combination with history information associated with the at least one network address, wherein the history information is based on the record associated with the at least one network address and is indicative of at least one user behavior observed from the plurality of previous electronic transactions that have been tagged with the at least one network address; and
while the present electronic transaction is still on-going, provide an updated risk assessment for the at least one network address based on a result of analyzing the log information regarding the present electronic transaction in combination with the history information associated with the at least one network address.
6 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for providing identification tests. In some embodiments, a system and a method are provided for generating and serving to a user an animated challenge graphic comprising a challenge character set whose appearance may change over time. In some embodiments, marketing content may be incorporated into a challenge message for use in an identification test. The marketing content may be accompanied by randomly selected content to increase a level of security of the identification test, hi some embodiments, a challenge message for use in an identification test may be provided based on information regarding a transaction for which the identification test is administered. For example, the transaction information may include a user identifier such as an IP address. In some embodiments, identification test results may be tracked and analyzed to identify a pattern of behavior associated with a user identifier. A score indicative of a level of trustworthiness may be computed for the user identifier.
-
Citations
21 Claims
-
1. A system for assessing security risk, the system comprising at least one processor programmed to:
-
maintain a plurality of records, wherein; each record is associated with a respective network address in a plurality of network addresses; and each record comprises information regarding user behaviors observed from a plurality of previous electronic transactions that have been tagged with the network address associated with the record; receive log information regarding a present electronic transaction; use the log information to determine at least one network address from which the present electronic transaction is requested; and analyze the log information regarding the present electronic transaction in combination with history information associated with the at least one network address, wherein the history information is based on the record associated with the at least one network address and is indicative of at least one user behavior observed from the plurality of previous electronic transactions that have been tagged with the at least one network address; and while the present electronic transaction is still on-going, provide an updated risk assessment for the at least one network address based on a result of analyzing the log information regarding the present electronic transaction in combination with the history information associated with the at least one network address. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for assessing security risk, the method comprising acts of:
-
maintaining a plurality of records, wherein; each record is associated with a respective network address in a plurality of network addresses; and each record comprises information regarding user behaviors observed from a plurality of previous electronic transactions that have been tagged with the network address associated with the record; receiving log information regarding a present electronic transaction; using the log information to determine at least one network address from which the present electronic transaction is requested; and analyzing the log information regarding the present electronic transaction in combination with history information associated with the at least one network address, wherein the history information is based on the record associated with the at least one network address and is indicative of at least one user behavior observed from the plurality of previous electronic transactions that have been tagged with the at least one network address; and while the present electronic transaction is still on-going, providing an updated risk assessment for the at least one network address based on a result of analyzing the log information regarding the present electronic transaction in combination with the history information associated with the at least one network address. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. At least one non-transitory computer-readable medium encoded with a plurality of instructions that, when executed by at least one processor, perform a method for assessing security risk, the method comprising acts of:
-
maintaining a plurality of records, wherein; each record is associated with a respective network address in a plurality of network addresses; and each record comprises information regarding user behaviors observed from a plurality of previous electronic transactions that have been tagged with the network address associated with the record; receiving log information regarding a present electronic transaction; using the log information to determine at least one network address from which the present electronic transaction is requested; and analyzing the log information regarding the present electronic transaction in combination with history information associated with the at least one network address, wherein the history information is based on the record associated with the at least one network address and is indicative of at least one user behavior observed from the plurality of previous electronic transactions that have been tagged with the at least one network address; and while the present electronic transaction is still on-going, providing an updated risk assessment for the at least one network address based on a result of analyzing the log information regarding the present electronic transaction in combination with the history information associated with the at least one network address.
-
Specification