Method of and system for processing an unauthorized user access to a resource
First Claim
1. A method of processing a potentially unauthorized user access request, the method executable on a server, the method comprising:
- receiving a first session identifier associated with a first communication session associated with a user account;
receiving a second session identifier associated with a second communication session associated with the user account, the second communication session being active concurrently with the first communication session;
based on user behaviour within the first communication session, generating a first user behaviour model associated with the first communication session, the first user behaviour model having a first model portion based on at least one device-specific parameter and a second model portion based on at least one user-device interaction parameter, the user-device interaction parameter being indicative of a type of action performed by a first electronic device within the first communication session;
based on user behaviour within the second communication session, generating a second user behaviour model associated with the second communication session the second user behaviour model having a first model portion based on at least one device-specific parameter and a second model portion based on at least one user-device interaction parameter, the user-device interaction parameter being indicative of a type of action performed by a second electronic device within the second communication session;
responsive to one of the first user behaviour model and the second user behaviour model being different from a stored authorized user behaviour model associated with the user account, the stored authorized user behaviour model having a first model portion based on at least one device-specific parameter and a second model portion based on at least one user-device interaction parameter, restricting user activity within the respective one of the first communication session and the second communication session; and
allowing unrestricted user activity within the other one of the first communication session and the second communication session.
3 Assignments
0 Petitions
Accused Products
Abstract
There is provided a method of processing a potentially unauthorized user access request. The method is executable on a server. The method comprises: receiving a first session identifier associated with a first communication session associated with a user account; receiving a second session identifier associated with a second communication session associated with the user account; based on user behavior within the first communication session, generating a first user behavior model associated with the first communication session; based on user behavior within the second communication session, generating a second user behavior model associated with the second communication session; responsive to one of the first user behavior model and the second user behavior model being different from a stored authorized user behavior model associated with the user account, restricting user activity within the respective one of the first communication session and the second communication session.
71 Citations
20 Claims
-
1. A method of processing a potentially unauthorized user access request, the method executable on a server, the method comprising:
-
receiving a first session identifier associated with a first communication session associated with a user account; receiving a second session identifier associated with a second communication session associated with the user account, the second communication session being active concurrently with the first communication session; based on user behaviour within the first communication session, generating a first user behaviour model associated with the first communication session, the first user behaviour model having a first model portion based on at least one device-specific parameter and a second model portion based on at least one user-device interaction parameter, the user-device interaction parameter being indicative of a type of action performed by a first electronic device within the first communication session; based on user behaviour within the second communication session, generating a second user behaviour model associated with the second communication session the second user behaviour model having a first model portion based on at least one device-specific parameter and a second model portion based on at least one user-device interaction parameter, the user-device interaction parameter being indicative of a type of action performed by a second electronic device within the second communication session; responsive to one of the first user behaviour model and the second user behaviour model being different from a stored authorized user behaviour model associated with the user account, the stored authorized user behaviour model having a first model portion based on at least one device-specific parameter and a second model portion based on at least one user-device interaction parameter, restricting user activity within the respective one of the first communication session and the second communication session; and allowing unrestricted user activity within the other one of the first communication session and the second communication session. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A server comprising:
-
a communication interface for communication with a first electronic device and a second electronic device via a communication network, a processor operationally connected with the communication interface, the processor configured to process a potentially unauthorized user access request, the processor being further configured to; receive a first session identifier associated with a first communication session associated with a user account; receive a second session identifier associated with a second communication session associated with the user account, the second communication session being active concurrently with the first communication session; based on user behaviour within the first communication session, generate a first user behaviour model associated with the first communication session, the first user behaviour model having a first model portion based on at least one device-specific parameter and a second model portion based on at least one user-device interaction parameter, the user-device interaction parameter being indicative of a type of action performed by the first electronic device within the first communication session; based on user behaviour within the second communication session, generate a second user behaviour model associated with the second communication session the second user behaviour model having a first model portion based on at least one device-specific parameter and a second model portion based on at least one user-device interaction parameter, the user-device interaction parameter being indicative of a type of action performed by the second electronic device within the second communication session; responsive to one of the first user behaviour model and the second user behaviour model being different from a stored authorized user behaviour model associated with the user account, the stored authorized user behaviour model having a first model portion based on at least one device-specific parameter and a second model portion based on at least one user-device interaction parameter, restrict user activity within the respective one of the first communication session and the second communication session; and allow unrestricted user activity within the other one of the first communication session and the second communication session. - View Dependent Claims (20)
-
Specification