公开(公告)号：US20230283628A1

公开(公告)日：2023-09-07

申请号：US18040627

申请日：2021-08-04

Applicant: KOUNT INC.

Inventor： Joshua Michael JOHNSTON

IPC: H04L9/40 ,  H04L41/16

CPC classification number: H04L63/1433 ,  H04L63/1416 ,  H04L41/16

Abstract: An online security analysis system determines a categorical value in an online activity and also determines conversion factors that are associated with the categorical value. Based on the conversion factors, the online security analysis system identifies at least one aggregated value for a numerical feature that is associated with previous online activities for the categorical value. In addition, the online security analysis system generates an embedding vector that describes the aggregated value associated with the categorical value. The embedding vector is provided to an online activity analysis model that is trained to generate prediction data for the online activity, based on the aggregated values associated with the categorical value. The prediction data is transmitted to an online system for use in controlling access of a client device to a function of the online system.

公开(公告)号：US20220377096A1

公开(公告)日：2022-11-24

申请号：US17754854

申请日：2021-07-14

Applicant: KOUNT INC.

Inventor： Joshua Michael JOHNSTON ,  Matthew Lewis JONES ,  Nathan Daniel MONNIG ,  Divyanshu Rohit MURLI

IPC: H04L9/40

Abstract: A method described herein involves various operations directed toward network security. The operations include accessing transaction data describing network traffic associated with a web server during an interval. Based on a count of new transactions involving an online entity during the interval according to the transaction data, a short-term trend is determined for the online entity. The operations further include applying exponential smoothing to a history of transactions of the online entity to compute a long-term trend for the online entity. Based on a comparison between the short-term trend and the long-term trend for the online entity, an anomaly is detected with respect to the online entity in the network traffic associated with the web server. Responsive to detecting the anomaly, an access control is implemented between the online entity and the web server.

公开(公告)号：US20230291756A1

公开(公告)日：2023-09-14

申请号：US18007268

申请日：2021-07-29

Applicant: KOUNT INC.

Inventor： Nathan Daniel MONNIG ,  Joshua Michael JOHNSTON

IPC: H04L9/40

CPC classification number: H04L63/1425 ,  H04L63/102 ,  H04L63/105

Abstract: Certain aspects involve a system, computer-implemented method, and computer-readable medium for identifying attributes associated with a target entity such as a person. A hierarchical characterization system receives an attribute and a request for associated identity data. The system generates an identity graph that includes attribute nodes corresponding to respective attributes and online interaction nodes corresponding to respective online interactions. The system correlates at least a subset of the online interactions and at least a subset of the attributes with a particular entity. The system generates a report indicating an identity of the entity and a behavior of the entity based on the correlated online interactions and the correlated attributes.

公开(公告)号：US20230254333A1

公开(公告)日：2023-08-10

申请号：US18301862

申请日：2023-04-17

Applicant: KOUNT INC.

Inventor： Joshua Michael JOHNSTON ,  Matthew Lewis JONES ,  Nathan Daniel MONNIG ,  Divyanshu Rohit MURLI

IPC: H04L9/40

CPC classification number: H04L63/1425 ,  H04L63/1433 ,  H04L63/1458

Abstract: A method described herein involves various operations directed toward network security. The operations include accessing transaction data describing network traffic associated with a web server during an interval. Based on a count of new transactions involving an online entity during the interval according to the transaction data, a short-term trend is determined for the online entity. The operations further include applying exponential smoothing to a history of transactions of the online entity to compute a long-term trend for the online entity. Based on a comparison between the short-term trend and the long-term trend for the online entity, an anomaly is detected with respect to the online entity in the network traffic associated with the web server. Responsive to detecting the anomaly, an access control is implemented between the online entity and the web server.