Method of and system for processing an unauthorized user access to a resource
First Claim
1. A method of authenticating a user in a network, the method executed on a server, the method comprising:
- acquiring a non-authorized user-behavior model associated with a non-authorized access to a network resource by an unauthorized entity, the non-authorized user-behavior model having been generated during blocking the non-authorized access to the network resource by the unauthorized entity, the non-authorized user-behavior model having a first model portion based on at least one device-specific parameter and a second model portion based on at least one user-device interaction parameter, the user-device interaction parameter being indicative of a type of action performed by the unauthorized entity with the network resource;
retrieving from a log stored on the network server, an indication of a plurality of users, each respective user of the plurality of users being associated with a respective user-behavior model, the respective user-behavior model having a respective first model portion based on at least one device-specific parameter and a respective second model portion based on at least one user-device interaction parameter, the user-device interaction parameter being indicative of a type of action performed by the respective user with the network resource;
responsive to the first model portion and the second model portion of one of the respective user-behavior model associated with a respective user of the plurality of users matching the first model portion and the second model portion of the non-authorized user-behavior model, associating a user account associated with the respective user associated with the one of the respective user-behavior model with a security-violation parameter;
responsive to the security-violation parameter, restricting user activity within the user account.
4 Assignments
0 Petitions
Accused Products
Abstract
There is provided a method of authenticating a user in a network. The method can be executed on a server. The method comprises: acquiring a non-authorized user-behavior model associated with a non-authorized access to a network resource by an unauthorized entity, the non-authorized user-behavior model having been generated during blocking the non-authorized access to the network resource by the unauthorized entity; retrieving from a log stored on the network server, an indication of a plurality of users, each respective user associated with a respective user-behavior model; responsive to one of the respective user-behavior model matching the non-authorized user-behavior model, associating a user account associated with the respective user associated with the one of the respective user-behavior model with a security-violation parameter; responsive to the security-violation parameter, restricting user activity within the user account.
-
Citations
20 Claims
-
1. A method of authenticating a user in a network, the method executed on a server, the method comprising:
-
acquiring a non-authorized user-behavior model associated with a non-authorized access to a network resource by an unauthorized entity, the non-authorized user-behavior model having been generated during blocking the non-authorized access to the network resource by the unauthorized entity, the non-authorized user-behavior model having a first model portion based on at least one device-specific parameter and a second model portion based on at least one user-device interaction parameter, the user-device interaction parameter being indicative of a type of action performed by the unauthorized entity with the network resource; retrieving from a log stored on the network server, an indication of a plurality of users, each respective user of the plurality of users being associated with a respective user-behavior model, the respective user-behavior model having a respective first model portion based on at least one device-specific parameter and a respective second model portion based on at least one user-device interaction parameter, the user-device interaction parameter being indicative of a type of action performed by the respective user with the network resource; responsive to the first model portion and the second model portion of one of the respective user-behavior model associated with a respective user of the plurality of users matching the first model portion and the second model portion of the non-authorized user-behavior model, associating a user account associated with the respective user associated with the one of the respective user-behavior model with a security-violation parameter; responsive to the security-violation parameter, restricting user activity within the user account. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A server comprising:
-
a communication interface for communication with an electronic device via a communication network, a processor operationally connected with the communication interface, the processor configured to authenticate a user in a network, the processor being further configured to; acquire a non-authorized user-behavior model associated with a non-authorized access to a network resource by an unauthorized entity, the non-authorized user-behavior model having been generated during blocking the non-authorized access to the network resource by the unauthorized entity, the non-authorized user-behavior model having a first model portion based on at least one device-specific parameter and a second model portion based on at least one user-device interaction parameter, the user-device interaction parameter being indicative of a type of action performed by the unauthorized entity with the network resource; retrieve from a log stored on the network server, an indication of a plurality of users, each respective user of the plurality of users being associated with a respective user-behavior model, the respective user-behavior model having a respective first model portion based on at least one device-specific parameter and a respective second model portion based on at least one user-device interaction parameter, the user-device interaction parameter being indicative of a type of action performed by the respective user with the network resource; responsive to the first model portion and the second model portion of one of the respective user-behavior model associated with a respective user of the plurality of users matching the first model portion and the second model portion of the non-authorized user-behavior model, associate a user account associated with the respective user associated with the one of the respective user-behavior model with a security-violation parameter; responsive to the security-violation parameter, restrict user activity within the user account. - View Dependent Claims (18, 19, 20)
-
Specification