US 11,899,808 B2
Machine learning for identity access management
Wyatt O'Neill Cobb, Mission Hills, KS (US); and Zachary Lewis Jovic Misic, Overland Park, KS (US)
Assigned to SoftWarfare, LLC, Shawnee, KS (US)
Filed by SoftWarfare, LLC, Shawnee, KS (US)
Filed on Oct. 6, 2022, as Appl. No. 17/961,515.
Application 17/961,515 is a continuation of application No. 16/696,257, filed on Nov. 26, 2019, granted, now 11,494,507.
Prior Publication US 2023/0032660 A1, Feb. 2, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 21/62 (2013.01); G06N 3/084 (2023.01); H04L 9/40 (2022.01); G06N 3/04 (2023.01); G06F 21/55 (2013.01); G06Q 50/26 (2012.01)
CPC G06F 21/6218 (2013.01) [G06F 21/554 (2013.01); G06N 3/04 (2013.01); G06N 3/084 (2013.01); H04L 63/0861 (2013.01); H04L 63/14 (2013.01); G06Q 50/265 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method of updating a mitigation policy of an identity access management system, the method comprising:
receiving transaction data relating to a transaction for an authorized user account;
determining a transaction type of the transaction based on the transaction data;
identifying an abnormality associated with the transaction based on the transaction data using a machine learning model trained with user data;
determining a threat level associated with the transaction based on the transaction data and the transaction type;
responsive to identifying the abnormality, determining a mitigation procedure from the mitigation policy based on the transaction type of the transaction and the threat level associated with the transaction;
applying the mitigation procedure to the transaction based on the transaction type;
storing the transaction data, an indication of the mitigation procedure, and an indication of the threat level associated with the transaction in a transaction data store; and
updating the mitigation policy based on the transaction data and the transaction type of the transaction.