US 12,013,956 B2
Systems and methods for verifying user activity using behavioral models
Alexander Tormasov, Moscow (RU); Noam Herold, Raanana (IL); Yury Averkiev, Singapore (SG); Serguei Beloussov, Costa del Sol (SG); and Stanislav Protasov, Singapore (SG)
Assigned to Acronis International GmbH, Schaffhausen (CH)
Filed by Acronis International GmbH, Schaffhausen (CH)
Filed on Sep. 28, 2021, as Appl. No. 17/487,115.
Application 17/487,115 is a continuation in part of application No. 17/487,054, filed on Sep. 28, 2021.
Application 17/487,054 is a continuation in part of application No. 17/486,069, filed on Sep. 27, 2021.
Prior Publication US 2023/0139161 A1, May 4, 2023
Int. Cl. G06F 21/62 (2013.01); G06F 21/31 (2013.01); G06F 21/55 (2013.01); G06N 20/00 (2019.01)
CPC G06F 21/62 (2013.01) [G06F 21/316 (2013.01); G06F 21/554 (2013.01); G06N 20/00 (2019.01); G06F 2221/032 (2013.01)] 17 Claims
OG exemplary drawing
 
1. A method for verifying user activity based on behavioral models, the method comprising:
receiving sensor data from at least one sensor in an environment;
parsing the sensor data to determine a first identifier of a person that is not authorized to access data via a computing device;
subsequent to determining the first identifier, intercepting a data access request on the computing device, wherein the data access request includes a second identifier of a user that is authorized to access the data via the computing device;
verifying whether the data access request is from the user authorized to access data by:
generating a chain of events for a period of time preceding the data access request, wherein the chain of events includes generated events including identifiers of the person that is not authorized to access the data via the computing device and the user that is authorized;
determining whether the chain of events corresponds to a behavioral model indicative of malicious activity; and
in response to determining that the chain of events do not correspond to the behavioral model, verifying that the data access request is from the user and granting the data access request.