Runtime risk detection based on user, application, and system action sequence correlation
US8782735B1 · kind B1 · utility
Assignee
Inventor
Key dates
| Filing date | Jan 15, 2013 |
| Grant date | Jul 15, 2014 |
| Priority date | — |
| Expiry date | Jan 15, 2033 |
Classification
- Technology area (CPC —)General
Abstract
A method for assessing runtime risk for an application or device includes: storing, in a rules database, a plurality of rules, wherein each rule identifies an action sequence; storing, in a policy database, a plurality of assessment policies, wherein each assessment policy includes at least one rule of the plurality of rules; identifying, using at least one assessment policy, a runtime risk for an application or device, wherein the identified runtime risk identifies and predicts a specific type of threat; and identifying, by a processing device, a behavior score for the application or device based on the identified runtime risk, wherein the action sequence is a sequence of at least two performed actions, and each performed action is at least one of: a user action, an application action, and a system action.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.