Systems and methods for calculating threat scores for individuals within an organization or domain are provided. Aspects of the invention relate to computer-implemented methods that form a predictive threat rating for user accounts. In one implementation, a first threat score representing a first ti
Systems and methods for calculating threat scores for individuals within an organization or domain are provided. Aspects of the invention relate to computer-implemented methods that form a predictive threat rating for user accounts. In one implementation, a first threat score representing a first time period may be calculated. The first threat score may be compared with aspects of the same user accounts for a second time period. Weighting schemes may be applied to certain activities, controls, and/or user accounts. Further aspects relate to apparatuses configured to execute methods for ranking individual user accounts. Certain embodiments may not block transmissions that violate predefine rules, however, indications of such improper transmission may be considered when constructing a threat rating. Blocked transmissions enforced upon a user account may also be received. Certain activity, such as accessing the internet, may be monitored for the presence of a security threat and/or an ethics threat.
대표청구항▼
1. A non-transitory computer-readable medium comprising computer-executable instructions that when executed by a processor perform a method comprising: for each of a plurality of users, calculating a baseline activity score, comprising: determining values of controls for electronic transmissions ass
1. A non-transitory computer-readable medium comprising computer-executable instructions that when executed by a processor perform a method comprising: for each of a plurality of users, calculating a baseline activity score, comprising: determining values of controls for electronic transmissions associated with the user over a first time period, wherein the controls comprise: a bandwidth control relating to a quantity of bandwidth associated with the user over a first network during the first time period;a blocked transmission control relating to blocked transmissions associated with the user over the first network during the first time period;a non-blocked transmission control relating to non-blocked transmissions associated with the user over the first network during the first time period that violate at least one predefined criterion; andcalculating the baseline activity score based upon the values of the controls over the first time period;for each of a plurality of users, calculating a second activity score, including: determining values of the controls for electronic transmissions associated with a second time period; andcalculating a second activity score based upon the values of the controls over the second time period; andfor each of a plurality of users, calculating a predictive threat score, including: comparing the baseline activity score with the second activity score,wherein both of the baseline activity score and the second activity score each include sub-scores and the comparing of the baseline activity score with the second activity score includes: comparing a sub-score of the baseline activity score with a sub-score of the second activity score. 2. The computer-readable medium of claim 1, wherein at least one sub-score of each of the baseline activity score and the second activity score is a control sub-score based upon one of the controls. 3. The computer-readable medium of claim 2, wherein there are a plurality of sub-scores and each of the sub-scores are control sub-scores. 4. The computer-readable medium of claim 2, wherein the computer readable medium further comprises instructions that when executed by a processor perform: comparing a control sub-score of the baseline activity score against the same control sub-score of the second activity score to determine if a threshold variance exists; andweighting the sub-score upon determining that the threshold various exists. 5. The computer-readable medium of claim 2, wherein the computer readable medium further comprises instructions that when executed by a processor perform: weighting at least one sub-score of a first user upon determining that the user is in the group consisting of: granted access rights to a specific collection of data, exempt from having at least one software application, the at least one software application is absent; access rights to at least one service that has been deactivated, and combinations thereof. 6. A non-transitory computer-readable medium comprising computer-executable instructions that when executed by a processor perform a method comprising: for each of a plurality of users, calculating a baseline activity score, comprising: determining values of controls for electronic transmissions associated with the user over a first time period, wherein the controls comprise: a bandwidth control relating to a quantity of bandwidth associated with the user over a first network during the first time period;a blocked transmission control relating to blocked transmissions associated with the user over the first network during the first time period;a non-blocked transmission control relating to non-blocked transmissions associated with the user over the first network during the first time period that violate at least one predefined criterion; andcalculating the baseline activity score based upon the values of the controls over the first time period;for each of a plurality of users, calculating a second activity score, including: determining values of the controls for electronic transmissions associated with a second time period; andcalculating a second activity score based upon the values of the controls over the second time period; andfor each of a plurality of users, calculating a predictive threat score, including: comparing the baseline activity score with the second activity score;categorizing at least one transmission associated with a first user into a category of a plurality of categories comprising: a security threat, an ethics threat, and combinations thereof; andweighting transmissions categorized in the security threat category according to a first weight. 7. The computer-readable medium of claim 6, wherein the computer readable medium further comprises instructions that when executed by a processor perform: weighting transmissions categorized in the security threat category according to a second weight. 8. The computer-readable medium of claim 6, wherein each time period consists of a plurality of discrete time frames; and wherein the computer readable medium further comprises instructions that when executed by a processor perform: applying a first activity weight to at least one activity if the at least one activity occurred during a first time frame of the respective time period. 9. The computer-readable medium of claim 8, wherein the computer readable medium further comprises instructions that when executed by a processor perform: applying a second activity weight to at least one activity selected from the group consisting of: a security threat, an ethics threat, blocked communication of a targeted communication application, communication through the targeted communication application meeting the predefined criterion, an access attempt of the centralized store, an attempted illegal storage attempt, and combinations thereof. 10. The computer-readable medium of claim 8, wherein the first time frame comprises a portion of time selected from a predefined quantity of time before the user is scheduled to utilize a network resource, a predefined quantity of time before or after an average time point the user is active on a network and combinations thereof.
Cheng William ; Hwang Kenneth ; Kannan Ravi ; Katchapalayam Babu ; Liu Bing ; Narasimhan Balaji ; Ramanujam Gopal ; Tran Jonathan, Automatic updating of diverse software products on multiple client computer systems by downloading scanning application to client computer and generating software list on client computer.
Nordman,Ian; Alam��ki,Tero; V��nsk��,Marko; Tarkiainen,Mikko; Gyorb��r��,Norbert; Gripenberg,Casper, Method and apparatus for managing and enforcing user privacy.
Beckett, III, William R.; Chawla, Deepak, Methods, devices and computer program products for regulating network activity using a subscriber scoring system.
Thomson, Allan; Coleman, Christopher D., Apparatuses, methods and systems for a cyber threat confidence rating visualization and editing user interface.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.