Runtime risk detection based on user, application, and system action sequence correlation
US8850517B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Jan 15, 2013 |
| Grant date | Sep 30, 2014 |
| Priority date | — |
| Expiry date | Jan 15, 2033 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/20
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A method for assessing runtime risk for an application or device includes: storing, in a rules database, a plurality of rules, wherein each rule identifies an action sequence; storing, in a policy database, a plurality of assessment policies, wherein each assessment policy includes at least one rule of the plurality of rules; identifying, using at least one assessment policy, a runtime risk for an application or device, wherein the identified runtime risk identifies and predicts a specific type of threat; and identifying, by a processing device, a behavior score for the application or device based on the identified runtime risk, wherein the action sequence is a sequence of at least two performed actions, and each performed action is at least one of: a user action, an application action, and a system action.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.