公开(公告)号：US20230216866A1

公开(公告)日：2023-07-06

申请号：US17646696

申请日：2021-12-31

Applicant: Kount Inc.

Inventor： Nathan Daniel MONNIG ,  Andrew Nader RAFLA ,  Samuel Ward SCHRADER

IPC: H04L9/40

CPC classification number: H04L63/1416 ,  H04L63/1425 ,  H04L63/1466 ,  H04L63/20

Abstract: In an example of a method described herein, historical events occurring over a network are detected, and at least one of the historical events is associated with an observed value of a categorical variable. A numerical aggregate value representing the observed value is updated by applying an exponential smoothing function to (i) a prior numerical aggregate value representing prior historical events associated with the observed value and (ii) a count of the historical events associated with the observed value. An event occurring over the network is detected and is associated with the observed value. Features are extracted from the event, where the features include an encoded feature based on the numerical aggregate value to represent the observed value. A predictive model is applied to the features to determine a score representing likelihood of an outcome. Based on the score, access to a resource of the network is controlled.

公开(公告)号：US20240015173A1

公开(公告)日：2024-01-11

申请号：US18252364

申请日：2021-11-10

Applicant: Kount Inc.

Inventor： Arthur Jacob PUTNAM ,  Nathan Daniel MONNIG

IPC: H04L9/40 ,  G06F16/957 ,  G06F16/955 ,  G06F16/953

CPC classification number: H04L63/1425 ,  G06F16/957 ,  G06F16/9566 ,  G06F16/953

Abstract: System and methods track events associated with web browser activity along with corresponding browser tab identifiers. A web page is loaded in a browser tab based on a request to a Uniform Resource Locator (URL). A time is identified, and it is determined that a predetermined time interval has elapsed. A storage mechanism is queried to determine whether an event log stored to the storage mechanism contains a stored tab identifier for the browser tab. If the tab identifier is not stored to the event log, then a tab identifier is stored to the event log, mapped to the time and the URL. If the event log contains the stored tab identifier for the tab, then the event log is updated to include the time mapped to the tab identifier. The URL may also be updated if applicable. The event log is transmitted to a server computer for further analysis.

公开(公告)号：US20220377096A1

公开(公告)日：2022-11-24

申请号：US17754854

申请日：2021-07-14

Applicant: KOUNT INC.

Inventor： Joshua Michael JOHNSTON ,  Matthew Lewis JONES ,  Nathan Daniel MONNIG ,  Divyanshu Rohit MURLI

IPC: H04L9/40

Abstract: A method described herein involves various operations directed toward network security. The operations include accessing transaction data describing network traffic associated with a web server during an interval. Based on a count of new transactions involving an online entity during the interval according to the transaction data, a short-term trend is determined for the online entity. The operations further include applying exponential smoothing to a history of transactions of the online entity to compute a long-term trend for the online entity. Based on a comparison between the short-term trend and the long-term trend for the online entity, an anomaly is detected with respect to the online entity in the network traffic associated with the web server. Responsive to detecting the anomaly, an access control is implemented between the online entity and the web server.

公开(公告)号：US20230291756A1

公开(公告)日：2023-09-14

申请号：US18007268

申请日：2021-07-29

Applicant: KOUNT INC.

Inventor： Nathan Daniel MONNIG ,  Joshua Michael JOHNSTON

IPC: H04L9/40

CPC classification number: H04L63/1425 ,  H04L63/102 ,  H04L63/105

Abstract: Certain aspects involve a system, computer-implemented method, and computer-readable medium for identifying attributes associated with a target entity such as a person. A hierarchical characterization system receives an attribute and a request for associated identity data. The system generates an identity graph that includes attribute nodes corresponding to respective attributes and online interaction nodes corresponding to respective online interactions. The system correlates at least a subset of the online interactions and at least a subset of the attributes with a particular entity. The system generates a report indicating an identity of the entity and a behavior of the entity based on the correlated online interactions and the correlated attributes.

公开(公告)号：US20230254333A1

公开(公告)日：2023-08-10

申请号：US18301862

申请日：2023-04-17

Applicant: KOUNT INC.

Inventor： Joshua Michael JOHNSTON ,  Matthew Lewis JONES ,  Nathan Daniel MONNIG ,  Divyanshu Rohit MURLI

IPC: H04L9/40

CPC classification number: H04L63/1425 ,  H04L63/1433 ,  H04L63/1458

Abstract: A method described herein involves various operations directed toward network security. The operations include accessing transaction data describing network traffic associated with a web server during an interval. Based on a count of new transactions involving an online entity during the interval according to the transaction data, a short-term trend is determined for the online entity. The operations further include applying exponential smoothing to a history of transactions of the online entity to compute a long-term trend for the online entity. Based on a comparison between the short-term trend and the long-term trend for the online entity, an anomaly is detected with respect to the online entity in the network traffic associated with the web server. Responsive to detecting the anomaly, an access control is implemented between the online entity and the web server.