Systems and methods for detecting anomalous post-authentication behavior with respect to a user identity

Systems and methods for detecting anomalous post-authentication behavior with respect to a user identity

Methods, systems, apparatuses, and computer-readable storage mediums described herein are configured to detect anomalous post-authentication behavior with respect to a user identity. For example, one or more audit logs that specify a plurality of actions performed with respect to the user identity o...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Cambric, Shinesa Elaine, Calvo, Maria Puertas, Xu, Ye
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Methods, systems, apparatuses, and computer-readable storage mediums described herein are configured to detect anomalous post-authentication behavior with respect to a user identity. For example, one or more audit logs that specify a plurality of actions performed with respect to the user identity of a platform-based identity service, while the user identity is authenticated with the platform-based identity service, are analyzed. The audit log(s) are analyzed via an anomaly prediction model that generates an anomaly score indicating a probability whether a particular sequence of actions of the plurality of actions is indicative of anomalous behavior. A determination is made that an anomalous behavior has occurred based on the anomaly score. In response to determining that anomalous behavior has occurred, a mitigation action may be performed that mitigates the anomalous behavior.