Protecting method and system for malicious code, and monitor apparatus
US-2017337374-A1 · Nov 23, 2017 · US
Aggregating service data for transmission and risk analysis
US10417426B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10417426-B2 |
| Application number | US-201715691098-A |
| Country | US |
| Kind code | B2 |
| Filing date | Aug 30, 2017 |
| Priority date | Jul 22, 2016 |
| Publication date | Sep 17, 2019 |
| Grant date | Sep 17, 2019 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Methods, systems, and computer-readable storage media for risk identification of service data using operations of determining, by a client-side computing device, a first service data corresponding to a first operation behavior associated with a user input on the client-side computing device, determining, by the client-side computing device, a first variable corresponding to the first service data, the first variable including a first eigenvalue, retrieving, by the client-side computing device, a second eigenvalue corresponding to a second operation behavior that was performed at a second time before the first operation behavior, generating, by the client-side computing device, a decay value by processing the first time and the second time a decay function, generating, by the client-side computing device, an aggregated data by processing the first variable, the second eigenvalue, and the decay value using an aggregation function, and determining, by the one or more processors, a risk associated with the first operation by processing the aggregated data using a risk identification model.
First claim
Opening claim text (preview).
What is claimed is: 1. A computer-implemented method for risk identification of service data, the method being executed by one or more processors and comprising: determining, by a client-side computing device, a first service data corresponding to a first operation behavior associated with a user input on the client-side computing device; determining, by the client-side computing device, a first variable corresponding to the first service data, the first variable comprising a first eigenvalue; retrieving, by the client-side computing device, a second eigenvalue corresponding to a second operation behavior that was performed at a second time before the first operation behavior; generating, by the client-side computing device, a decay value by processing the first time and the second time using a decay function, the decay value being weighted based upon the second time; generating, by the client-side computing device, an aggregated data by processing the first variable, the second eigenvalue, and the decay value using an aggregation function; and determining, by the one or more processors, a risk associated with the first operation by processing the aggregated data using a risk identification model. 2. The method of claim 1 , further comprising, in response to generating the aggregated data, deleting the second eigenvalue. 3. The method of claim 1 , wherein the one or more processors are integrated in a server-side computing device. 4. The method of claim 3 , further comprising transmitting the aggregated data from the client-side computing device to the server-side computing device. 5. The method of claim 4 , wherein the aggregation function comprises a mathematical operation defining at least one of a summing operation, an identification of a maximum value, and an identification of non-repetitive results. 6. The method of claim 1 , wherein the decay function comprises a mathematical operation defining at least one of an exponential function, a logarithmic function, a trigonometric function, a moving window type function, and a polynomial type function. 7. The method of claim 1 , further comprising displaying the risk associated with the first operation to a user of the client-side computing device. 8. A non-transitory, computer-readable medium storing one or more instructions executable by a computer system to perform operations comprising: determining, by a client-side computing device, a first service data corresponding to a first operation behavior associated with a user input on the client-side computing device; determining, by the client-side computing device, a first variable corresponding to the first service data, the first variable comprising a first eigenvalue; retrieving, by the client-side computing device, a second eigenvalue corresponding to a second operation behavior that was performed at a second time before the first operation behavior; generating, by the client-side computing device, a decay value by processing the first time and the second time using a decay function, the decay value being weighted based upon the second time; generating, by the client-side computing device, an aggregated data by processing the first variable, the second eigenvalue, and the decay value using an aggregation function; and determining, by the one or more processors, a risk associated with the first operation by processing the aggregated data using a risk identification model. 9. The non-transitory, computer-readable medium of claim 8 , further comprising, in response to generating the aggregated data, deleting the second eigenvalue. 10. The non-transitory, computer-readable medium of claim 8 , wherein the one or more processors are integrated in a server-side computing device. 11. The method of claim 10 , further comprising transmitting the aggregated data from the client-side computing device to the server-side computing device. 12. The non-transitory, computer-readable medium of claim 11 , wherein the aggregation function comprises a mathematical operation defining at least one of a summing operation, an identification of a maximum value, and an identification of non-repetitive results. 13. The non-transitory, computer-readable medium of claim 8 , wherein the decay function comprises a mathematical operation defining at least one of an exponential function, a logarithmic function, a trigonometric function, a moving window type function, and a polynomial type function. 14. The non-transitory, computer-readable medium of claim 8 , further comprising displaying the risk associated with the first operation to a user of the client-side computing device. 15. A computer-implemented system, comprising: one or more computers; and one or more computer memory devices interoperably coupled with the one or more computers and having tangible, non-transitory, machine-readable media storing instructions that, when executed by the one or more computers, perform operations comprising: determining, by a client-side computing device, a first service data corresponding to a first operation behavior associated with a user input on the client-side computing device; determining, by the client-side computing device, a first variable corresponding to the first service data, the first variable comprising a first eigenvalue; retrieving, by the client-side computing device, a second eigenvalue corresponding to a second operation behavior that was performed at a second time before the first operation behavior; generating, by the client-side computing device, a decay value by processing the first time and the second time using a decay function, the decay value being weighted based upon the second time; generating, by the client-side computing device, an aggregated data by processing the first variable, the second eigenvalue, and the decay value using an aggregation function; and determining, by the one or more processors, a risk associated with the first operation by processing the aggregated data using a risk identification model. 16. The computer-implemented system of claim 15 , further comprising, in response to generating the aggregated data, deleting the second eigenvalue. 17. The computer-implemented system of claim 15 , wherein the one or more processors are integrated in a server-side computing device. 18. The computer-implemented system of claim 17 , further comprising transmitting the aggregated data from the client-side computing device to the server-side computing device. 19. The method of claim 18 , wherein the aggregation function comprises a mathematical operation defining at least one of a summing operation, an identification of a maximum value, and an identification of non-repetitive results. 20. The computer-implemented system of claim 19 , wherein the decay function comprises a mathematical operation defining at least one of an exponential function, a logarithmic function, a trigonometric function, a moving window type function, and a polynomial type function.
Assignees
Inventors
Classifications
Traffic logging, e.g. anomaly detection · CPC title
Test or assess a computer or a system · CPC title
Third party · CPC title
involving event detection and direct action · CPC title
involving long-term monitoring or reporting · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10417426B2 cover?
- Methods, systems, and computer-readable storage media for risk identification of service data using operations of determining, by a client-side computing device, a first service data corresponding to a first operation behavior associated with a user input on the client-side computing device, determining, by the client-side computing device, a first variable corresponding to the first service da…
- Who is the assignee on this patent?
- Alibaba Group Holding Ltd
- What technology area does this patent fall under?
- Primary CPC classification G06F21/57. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Sep 17 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 5 related publications on this page (citations in our corpus or others sharing the same primary CPC).