-
1.发明授权公开(公告)号:US08875267B1
公开(公告)日:2014-10-28
申请号:US13538120
申请日:2012-06-29
申请人: Eyal Kolman , Alon Kaufman , Yael Villa
发明人: Eyal Kolman , Alon Kaufman , Yael Villa
IPC分类号: G06F21/00
摘要: Active learning-based fraud detection techniques are provided in adaptive authentication systems. An authentication request from an authentication requestor is processed by receiving the authentication request from the authentication requester; comparing current data for the user associated with the user identifier with historical data for the user; generating an adaptive authentication result based on the comparison indicating a likelihood current user data is associated with a fraudulent user; and performing one or more additional authentication operations to improve learning if the request satisfies one or more predefined non-risk based criteria. The predefined non-risk based criteria comprises, for example, (i) the request receiving a riskiness score below a threshold based on current data and wherein the request was expected to have a risk score above a threshold, or (ii) the request being in a bucket having a number of tagged events below a threshold.
摘要翻译: 在自适应认证系统中提供了基于学习的主动欺诈检测技术。 来自认证请求者的认证请求通过从认证请求者接收认证请求来处理; 将与用户标识符相关联的用户的当前数据与用户的历史数据进行比较; 基于表示可能性当前用户数据与欺诈用户相关联的比较来生成自适应认证结果; 以及如果所述请求满足一个或多个预定义的基于非风险的准则,则执行一个或多个附加认证操作以改善学习。 预定义的基于非风险的标准包括例如(i)基于当前数据接收风险评分低于阈值的请求,并且其中预期该请求具有高于阈值的风险评分,或者(ii)请求为 在具有低于阈值的多个标记事件的桶中。
-
公开(公告)号:US08856923B1
公开(公告)日:2014-10-07
申请号:US13537958
申请日:2012-06-29
申请人: Eyal Kolman , Alon Kaufman , Yael Villa
发明人: Eyal Kolman , Alon Kaufman , Yael Villa
CPC分类号: G06Q20/4016 , G06F21/554 , G06N7/005
摘要: Similarity-based fraud detection techniques are provided in adaptive authentication systems. A method is provided for determining if an event is fraudulent by obtaining a plurality of tagged events and one or more untagged events, wherein the tagged events indicate a likelihood of whether the corresponding event was fraudulent; constructing a graph, wherein each node in the graph represents an event and has a value representing a likelihood of whether the corresponding event was fraudulent and wherein similar transactions are connected via weighted links; diffusing through weights in the graph to assign values to nodes such that neighbors of nodes having non-zero values receive similar values as the neighbors; and classifying whether at least one of the one or more untagged events is fraudulent based on the assigned values.
摘要翻译: 在自适应认证系统中提供了基于相似性的欺诈检测技术。 提供一种用于通过获得多个标记事件和一个或多个未标记事件来确定事件是否是欺诈的方法,其中标记事件指示相应事件是否是欺诈性的可能性; 构建图形,其中图中的每个节点表示事件,并且具有表示相应事件是否为欺诈的可能性的值,并且其中相似的事务通过加权链接连接; 通过图中的权重扩散以将值分配给节点,使得具有非零值的节点的邻居接收与邻居相似的值; 以及基于所分配的值来分类所述一个或多个未标记事件中的至少一个是否是欺诈性的。
-
公开(公告)号:US08478688B1
公开(公告)日:2013-07-02
申请号:US13329377
申请日:2011-12-19
申请人: Yael Villa , Alon Kaufman , Ayelet Eliezer , Marcelo Blatt , Tomer Meidan
发明人: Yael Villa , Alon Kaufman , Ayelet Eliezer , Marcelo Blatt , Tomer Meidan
IPC分类号: G06Q40/00
CPC分类号: G06Q40/02
摘要: An improved technique identifies risky transactions from a set of transactions and updates risk scores only for those transactions identified as risky. Along these lines, a transaction sorting engine sorts the set of transactions according to risk score. The transaction sorting engine identifies as risky those transactions having risk scores above a specified percentile; for instance, the transactions having risk scores above the 90th percentile would be identified as risky. Some time later, a risk score engine adjusts, based on new historical transaction data, Bayesian weights which it uses to compute risk scores. The transaction sorting engine sends to the risk score engine only those transactions it identified as risky. The risk score engine computes new risk scores for the risky transactions and makes the new risk scores available to the transaction sorting engine so that it can sort all of current transactions (e.g., received within the past week).
摘要翻译: 一种改进的技术可以识别一组交易中的风险交易,并仅对那些被认定为有风险的交易更新风险分数。 按照这些方面,交易排序引擎根据风险分数对交易集进行排序。 交易排序引擎将风险评分高于指定百分位数的交易识别为风险; 例如,具有高于第90百分位数的风险分数的交易将被确定为具有风险。 一段时间后,风险分数引擎根据新的历史交易数据调整贝叶斯权重,用于计算风险分数。 交易排序引擎仅向风险评分引擎发送那些被认定为具有风险的交易。 风险分数引擎计算风险交易的新风险分数,并使新的风险分数可用于交易排序引擎,以便它可以对所有当前交易进行排序(例如,在过去一周内收到)。
-
公开(公告)号:US09460390B1
公开(公告)日:2016-10-04
申请号:US13332889
申请日:2011-12-21
申请人: Derek Lin , Alon Kaufman , Yael Villa
发明人: Derek Lin , Alon Kaufman , Yael Villa
CPC分类号: G06N5/04 , G06F17/30705 , G06N7/005 , G06N99/005 , G06Q10/08 , G06Q30/00
摘要: A method is used in analyzing device similarity. Data describing a device is received and a similarity analysis is applied to the data. Based on the similarity analysis, a measure of similarity between the device and a previously known device is determined.
摘要翻译: 一种方法用于分析设备相似性。 接收到描述设备的数据,并对数据应用相似性分析。 基于相似性分析,确定了装置与先前已知的装置之间的相似度的度量。
-
公开(公告)号:US08880441B1
公开(公告)日:2014-11-04
申请号:US13433633
申请日:2012-03-29
申请人: Jidong Chen , Derek Lin , Alon Kaufman , Yael Villa
发明人: Jidong Chen , Derek Lin , Alon Kaufman , Yael Villa
IPC分类号: G06F15/18
CPC分类号: G06F15/18 , G06F21/316
摘要: An improved technique trains a fraud detection system to use mouse movement data as part of a user profile. Along these lines, a training apparatus receives sets of mouse movement datasets generated by a legitimate user and/or a fraudulent user. The training apparatus assigns each mouse movement dataset to a cluster according to one of several combinations of representations, distance metrics, and cluster metrics. By correlating the clusters with the origins of the mouse movement datasets (legitimate or fraudulent user), the training apparatus constructs a robust framework for detecting fraud at least partially based on mouse movement data.
摘要翻译: 改进的技术训练欺诈检测系统,以使用鼠标移动数据作为用户简档的一部分。 沿着这些线路,训练装置接收由合法用户和/或欺诈用户生成的一组鼠标移动数据集。 训练装置根据表示,距离度量和簇度量的若干组合之一将每个鼠标移动数据集分配给群集。 通过将群集与鼠标移动数据集(合法或欺诈用户)的起源相关联,训练装置至少部分地基于鼠标移动数据构建用于检测欺诈的鲁棒框架。
-
公开(公告)号:US08752144B1
公开(公告)日:2014-06-10
申请号:US13325131
申请日:2011-12-14
申请人: Alon Kaufman , Yael Villa , Yedidya Dotan
发明人: Alon Kaufman , Yael Villa , Yedidya Dotan
CPC分类号: G06F21/32 , H04L63/0861 , H04L2463/082
摘要: An improved technique tailors a biometric challenge activity to a particular user. The particular user submits electronic input from which an authentication system extracts information concerning traits of the particular user; such traits can include keystroke and swiping patterns, handheld device positions, and place of origin. An authentication server maps values of user attributes such as place of origin, age, and UI device to the extracted traits. The authentication server then selects biometric challenges for the particular user based on user attributes having values which deviate most from a mean value of that attribute taken across a population of users. That is, the authentication server bases biometric challenges on the most distinguishing traits of the particular user.
摘要翻译: 改进的技术为特定用户定制生物特征挑战活动。 特定用户提交电子输入,认证系统从该电子输入提取关于特定用户的特征的信息; 这种特征可以包括击键和滑动模式,手持设备位置和原点。 验证服务器将用户属性的值(如原始位置,年龄和UI设备)映射到提取的特征。 然后认证服务器基于具有偏离最终与该用户群体的该属性的平均值偏离的值的用户属性来选择特定用户的生物特征挑战。 也就是说,认证服务器基于特定用户的最显着特征的生物特征挑战。
-
7.发明授权公开(公告)号:US10592978B1
公开(公告)日:2020-03-17
申请号:US13537525
申请日:2012-06-29
申请人: Alex Vaystikh , Alon Kaufman , Yael Villa
发明人: Alex Vaystikh , Alon Kaufman , Yael Villa
IPC分类号: G06Q40/00
摘要: Methods and apparatus are provided for risk-based authentication between two servers on behalf of a user. A method is provided for controlling access by a consumer to a service provider on behalf of a user. An authentication request is issued responsive to an initial access request from the consumer to access the service provider on behalf of the user. An access token is provided to the consumer upon approval from the user to grant access to the consumer. Upon receiving a subsequent access request from the consumer with the access token to access the service provider on behalf of the user; a risk analysis is performed to determine if the subsequent access request should be granted. The risk analysis can determine if the subsequent access complies with one or more rules of the user. The user is optionally prompted to specify whether to allow the subsequent access request and/or future similar transactions.
-
公开(公告)号:US09292793B1
公开(公告)日:2016-03-22
申请号:US13436936
申请日:2012-03-31
申请人: Derek Lin , Yael Villa , Alon Kaufman
发明人: Derek Lin , Yael Villa , Alon Kaufman
CPC分类号: G06N5/04 , G06F21/44 , G06F2221/2129 , G06N7/005 , H04L63/0876 , H04L67/22 , H04L67/303 , H04L67/306
摘要: A method is used in analyzing device similarity. Data describing a device is received and a model is applied to the data. Based on the modeling, a measure of similarity between the device and a previously known device is determined.
摘要翻译: 一种方法用于分析设备相似性。 接收到描述设备的数据,并将模型应用于数据。 基于该建模,确定了设备与先前已知的设备之间的相似性度量。
-
公开(公告)号:US09092782B1
公开(公告)日:2015-07-28
申请号:US13537506
申请日:2012-06-29
申请人: Alex Zaslavsky , Alon Kaufman , Yael Villa , Marcelo Blatt , Alex Vaystikh
发明人: Alex Zaslavsky , Alon Kaufman , Yael Villa , Marcelo Blatt , Alex Vaystikh
CPC分类号: G06F21/577 , G06F21/45 , G06F2221/2131 , G06Q20/4016
摘要: Techniques are provided for evaluating compromised credential information. A method for evaluating compromised credentials comprises the steps of: collecting data regarding previously compromised credentials that were used to commit an unauthorized activity; applying one or more statistical learning methods to the collected data to identify one or more patterns; and evaluating a risk of credentials that have been compromised by one or more attackers using the identified patterns. According to a further aspect of the invention, a risk score is generated for one or more users and devices. The risk scores are optionally ordered based on an order of risk. The data can be collected, for example, from one or more of anti-fraud servers and information sources.
摘要翻译: 提供技术来评估受损的凭证信息。 用于评估受损凭据的方法包括以下步骤:收集关于用于提交未授权活动的先前被破坏的凭证的数据; 将一个或多个统计学习方法应用于所收集的数据以识别一个或多个模式; 并评估已被一个或多个攻击者使用识别的模式损害的凭据风险。 根据本发明的另一方面,为一个或多个用户和设备生成风险评分。 风险分数可根据风险顺序进行排序。 可以例如从一个或多个反欺诈服务器和信息源收集数据。
-
公开(公告)号:US08621586B1
公开(公告)日:2013-12-31
申请号:US13246937
申请日:2011-09-28
申请人: Oded Peer , Yedidya Dotan , Yael Villa , Marcelo Blatt
发明人: Oded Peer , Yedidya Dotan , Yael Villa , Marcelo Blatt
IPC分类号: G06F21/20
CPC分类号: G06F21/316 , G07C9/00166 , H04L63/08 , H04L63/1425
摘要: An improved technique of processing an authentication request from an authentication requestor involves an adaptive authentication device comparing a behavioral history of fact values associated with a user over a current time window with a user's baseline profile that includes a behavioral history of the fact values. The adaptive authentication device accesses such a behavioral history over several previous time windows from a database whose entries include a user identifier, a time interval and user data which represents fact value behavioral history over the time interval. When the device receives an authentication request from an authentication requestor, the adaptive authentication device matches a username of the request with a user identifier of an entry of the database whose time period is the current time period. The adaptive authentication device then updates fact values representing the user's current behavioral history and compares the current behavioral history to the user's baseline profile.
摘要翻译: 一种从认证请求者处理认证请求的改进技术涉及将当前时间窗口中与用户相关联的事实值的行为历史与包括事实值的行为历史的用户基线轮廓相比较的自适应认证装置。 自适应认证设备从数据库访问几个以前时间窗口的行为历史,其数据库的条目包括用户标识符,时间间隔和表示时间间隔内的事实值行为历史的用户数据。 当设备从认证请求者接收到认证请求时,自适应认证设备将请求的用户名与数据库的时间段为当前时间段的条目的用户标识匹配。 然后,自适应认证设备更新表示用户当前行为历史的事实值,并将当前行为历史与用户的基线简档进行比较。
-
-
-
-
-
-
-
-
-
搜索结果
12 条记录 (耗时 0.018 秒)
