Risk assessment for network access control through data analytics

Inactive Publication Date: 2019-04-18
CYBERARK SOFTWARE LTD
View PDF23 Cites 29 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

The invention allows for the automatic building of profiles for entities and the assessment of associated risks, without requiring human intervention. The system uses rules to trigger risk assessments based on the events that have previously occurred with that entity, and these rules are updated based on new events. This makes the system much easier to use than previous methods.

Problems solved by technology

For example, an entity may only be able to read documents but not allowed to edit documents.
However, MFA increases the authentication security at the cost of increased complexity of the network login process for a user.
Adaptive MFA is rule-based, though, which limits its effectiveness because those rules are static.
In addition, adaptive MFA only act on the conditions at the time of a user's login without considering the user's past network access and usage history.
Therefore, adaptive MFA cannot determine if the user's current login activity is normal or abnormal.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Risk assessment for network access control through data analytics
  • Risk assessment for network access control through data analytics
  • Risk assessment for network access control through data analytics

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0014]FIG. 1 shows the components of an embodiment of the invention as they exist in a web portal within a computer network, or other computing environment that requires authentication and authorization to use the environment's resources.

[0015]An event reporting agent 1-2 within the environment detects entity behavior and reports it to an embodiment of the invention as events, each event with a set of attributes and can include:

[0016]Login events, which can include parameters such as the IP address of the device used, the type of device used, physical location, number of login attempts, date and time, and more.

[0017]Application access events, which can specify what application is used, application type, date and time of use, and more.

[0018]Privileged resource events such as launching a Secure Shell (SSH) session or a Remote Desktop Protocol (RDP) session as an administrator.

[0019]Mobile device management events such as enrolling or un-enrolling a mobile device with an identity manag...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

Methods and systems of risk assessment for network access control through data analytics. An embodiment of the invention employs well-known machine-learning clustering methods to learn normal entity behavior by looking for patterns in the events that stream in continuously. In an embodiment of the invention, normal entity behaviors are represented as clusters of event vectors. An embodiment of the invention evaluates the risk level for a new event of an entity by comparing the event with the entity's profile represented as clusters of event vectors. In an embodiment of the invention, the risk level is associated with a confidence level. Confidence level indicates how well the system knows about the entity. Embodiments of the invention do not need human administration in the process of building entity profile and assessing risk level of events associated with an entity.

Description

FIELD OF THE DISCLOSURE[0001]This disclosure relates generally to Internet security and, more particularly, to methods and systems of risk assessment for network access control through data analytics.BACKGROUND[0002]Authentication and authorization are security means to protect a computer network from unauthorized access to its resources such as computer servers, software applications and services, and so on. Authentication verifies the identity of an entity (person, user, process, or device) that wants to access a computer network resources. In the rest of this disclosure, terms of an entity, a person, a process, a user and a device will be used interchangeably. Common ways for authentication are username / password combination, fingerprint readers, retinal scans, etc. On the other hand, authorization determines what privileges that an authenticated entity has during the entity's session from log-on until log-off. The privileges assigned to an entity define the entity's access right ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06G06N99/00
CPCG06N20/00H04L63/1416H04L63/205H04L63/08H04L63/1425H04L63/1433
Inventor WANG, YANLINLI, WEIZHI
Owner CYBERARK SOFTWARE LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap