METHODS, SYSTEMS, AND MEDIA FOR MEASURING COMPUTER SECURITY

US 20120084866A1
Filed: 06/22/2011
Published: 04/05/2012
Est. Priority Date: 06/12/2007
Status: Abandoned Application

First Claim

Patent Images

1. A method for measuring computer security, comprising:

making at least one of decoys and non-threatening access violations accessible to a first user using a computer programmed to do so;

maintaining statistics on security violations and non-violations of the first user using a computer programmed to do so; and

presenting the statistics on a display.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, systems, and media for measuring computer security are provided. In accordance with some embodiments, methods for measuring computer security are provided, the methods comprising: making at least one of decoys and non-threatening access violations accessible to a first user using a computer programmed to do so; maintaining statistics on security violations and non-violations of the first user using a computer programmed to do so; and presenting the statistics on a display.

423 Citations

21 Claims

1. A method for measuring computer security, comprising:
- making at least one of decoys and non-threatening access violations accessible to a first user using a computer programmed to do so;
  
  maintaining statistics on security violations and non-violations of the first user using a computer programmed to do so; and
  
  presenting the statistics on a display.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising:
    - determining if the security violations exceed a threshold; and
      
      generating an alert if the security violations exceed the threshold.
  - 3. The method of claim 1, wherein a decoy is made accessible to the first user and the decoy is contained in an email.
  - 4. The method of claim 1, wherein a decoy is made accessible to the first user and the decoy is a file presented in a file folder.
  - 5. The method of claim 1, wherein the statistics are maintained as one or more histograms.
  - 6. The method of claim 1, further comprising:
    - making at least one of decoys and non-threatening access violations accessible to a second user using a computer programmed to do so;
      
      maintaining statistics on security violations and non-violations of the second user using a computer programmed to do so; and
      
      presenting the statistics on a display.
  - 7. The method of claim 6, further comprising comparing the statistics of the first user to the statistics of the second user.

8. A system for measuring computer security, comprising:
- a processor that;
  
  makes at least one of decoys and non-threatening access violations accessible to a first user;
  
  maintains statistics on security violations and non-violations of the first user; and
  
  presents the statistics on a display.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8, wherein the processor also:
    - determines if the security violations exceed a threshold; and
      
      generates an alert if the security violations exceed the threshold.
  - 10. The system of claim 8, wherein a decoy is made accessible to the first user and the decoy is contained in an email.
  - 11. The system of claim 8, wherein a decoy is made accessible to the first user and the decoy is a file presented in a file folder.
  - 12. The system of claim 8, wherein the statistics are maintained as one or more histograms.
  - 13. The system of claim 8, wherein the processor also:
    - makes at least one of decoys and non-threatening access violations accessible to a second user;
      
      maintains statistics on security violations and non-violations of the second user; and
      
      presents the statistics on a display.
  - 14. The system of claim 13, wherein the processor also compares the statistics of the first user to the statistics of the second user.

15. A non-transitory computer-readable medium containing computer-executable instructions that, when executed by a processor, cause the processor to perform a method for measuring computer security, the method comprising:
- making at least one of decoys and non-threatening access violations accessible to a first user;
  
  maintaining statistics on security violations and non-violations of the first user; and
  
  presenting the statistics on a display.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The non-transitory computer-readable medium of claim 15, wherein the method further comprises:
    - determining if the security violations exceed a threshold; and
      
      generating an alert if the security violations exceed the threshold.
  - 17. The non-transitory computer-readable medium of claim 15, wherein a decoy is made accessible to the first user and the decoy is contained in an email.
  - 18. The non-transitory computer-readable medium of claim 15, wherein a decoy is made accessible to the first user and the decoy is a file presented in a file folder.
  - 19. The non-transitory computer-readable medium of claim 15, wherein the statistics are maintained as one or more histograms.
  - 20. The non-transitory computer-readable medium of claim 15, wherein the method further comprises:
    - making at least one of decoys and non-threatening access violations accessible to a second user;
      
      maintaining statistics on security violations and non-violations of the second user; and
      
      presenting the statistics on a display.
  - 21. The non-transitory computer-readable medium of claim 20, wherein the method further comprises comparing the statistics of the first user to the statistics of the second user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Trustees Of Columbia University In The City Of New York (Columbia University)
Original Assignee
Trustees Of Columbia University In The City Of New York (Columbia University)
Inventors
Stolfo, Salvatore J.

Application Number

US13/166,723
Publication Number

US 20120084866A1
Time in Patent Office

Days
Field of Search
US Class Current

726/25
CPC Class Codes

G06F 21/554   involving event detection a...

G06F 21/566   Dynamic detection, i.e. det...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1491   using deception as counterm...

METHODS, SYSTEMS, AND MEDIA FOR MEASURING COMPUTER SECURITY

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

423 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

METHODS, SYSTEMS, AND MEDIA FOR MEASURING COMPUTER SECURITY

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

423 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links