	US 12,015,596 B2
	Risk analysis using port scanning for multi-factor authentication
Jason Crabtree, Vienna, VA (US); and Andrew Sellers, Monument, CO (US)
Assigned to QOMPLX LLC, Reston, VA (US)
Filed by QOMPLX LLC, Reston, VA (US)
Filed on Jan. 3, 2021, as Appl. No. 17/140,092.
Application 17/140,092 is a continuation in part of application No. 16/910,623, filed on Jun. 24, 2020, granted, now 11,595,361.
Application 16/910,623 is a continuation in part of application No. 15/930,063, filed on May 12, 2020, granted, now 11,588,793.
Application 15/930,063 is a continuation of application No. 15/904,006, filed on Feb. 23, 2018, granted, now 10,652,219, issued on May 12, 2020.
Application 15/904,006 is a continuation in part of application No. 15/725,274, filed on Oct. 4, 2017, granted, now 10,609,079, issued on Mar. 31, 2020.
Application 15/725,274 is a continuation in part of application No. 15/655,113, filed on Jul. 20, 2017, granted, now 10,735,456, issued on Aug. 4, 2020.
Application 15/655,113 is a continuation in part of application No. 15/616,427, filed on Jun. 7, 2017, abandoned.
Application 15/616,427 is a continuation in part of application No. 14/925,974, filed on Oct. 28, 2015, abandoned.
Application 15/655,113 is a continuation in part of application No. 15/237,625, filed on Aug. 15, 2016, granted, now 10,248,910, issued on Apr. 2, 2019.
Application 15/237,625 is a continuation in part of application No. 15/206,195, filed on Jul. 8, 2016, abandoned.
Application 15/206,195 is a continuation in part of application No. 15/186,453, filed on Jun. 18, 2016, abandoned.
Application 15/186,453 is a continuation in part of application No. 15/166,158, filed on May 26, 2016, abandoned.
Application 15/166,158 is a continuation in part of application No. 15/141,752, filed on Apr. 28, 2016, granted, now 10,860,962.
Application 15/141,752 is a continuation in part of application No. 15/091,563, filed on Apr. 5, 2016, granted, now 10,204,147, issued on Feb. 12, 2019.
Application 15/141,752 is a continuation in part of application No. 14/986,536, filed on Dec. 13, 2015, granted, now 10,210,255, issued on Feb. 19, 2019.
Application 15/141,752 is a continuation in part of application No. 14/925,974, filed on Oct. 28, 2015, abandoned.
Application 17/140,092 is a continuation in part of application No. 17/138,202, filed on Dec. 30, 2020, granted, now 11,563,741.
Application 17/138,202 is a continuation in part of application No. 16/856,827, filed on Apr. 23, 2020, granted, now 11,218,474.
Application 16/856,827 is a continuation of application No. 15/790,860, filed on Oct. 23, 2017, granted, now 10,742,647, issued on Aug. 11, 2020.
Application 15/790,860 is a continuation in part of application No. 15/616,427, filed on Jun. 7, 2017, abandoned.
Application 15/790,860 is a continuation in part of application No. 15/237,625, filed on Aug. 15, 2016, granted, now 10,248,910, issued on Apr. 2, 2019.
Claims priority of provisional application 62/574,708, filed on Oct. 19, 2017.
Prior Publication US 2021/0226928 A1, Jul. 22, 2021
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); G06F 16/951 (2019.01); G06N 7/01 (2023.01); H04L 9/14 (2006.01); H04L 9/32 (2006.01); G06N 5/01 (2023.01); G06N 5/045 (2023.01); G06N 5/046 (2023.01); G06N 20/00 (2019.01); H04L 9/00 (2022.01)

CPC H04L 63/0428 (2013.01) [G06F 16/951 (2019.01); G06N 7/01 (2023.01); H04L 9/14 (2013.01); H04L 9/3236 (2013.01); H04L 9/3297 (2013.01); H04L 63/061 (2013.01); H04L 63/08 (2013.01); H04L 63/1408 (2013.01); H04L 63/1433 (2013.01); G06N 5/01 (2023.01); G06N 5/045 (2013.01); G06N 5/046 (2013.01); G06N 20/00 (2019.01); H04L 9/50 (2022.05); H04L 63/0442 (2013.01); H04L 63/123 (2013.01); H04L 2463/082 (2013.01)]

14 Claims

1. A system for risk analysis using port scanning for multi-factor authentication, comprising:

a multi-dimensional time series data server comprising a memory, a processor, and a plurality of programming instructions stored in the memory thereof and operable on the processor thereof, wherein the programmable instructions, when operating on the processor, cause the processor to:

monitor and store a network's traffic data; and

serve traffic data to other modules; and

a directed computational graph module comprising a memory, a processor, and a plurality of programming instructions stored in the memory thereof and operable on the processor thereof, wherein the programmable instructions, when operating on the processor, cause the processor to:

receive traffic data from the multi-dimensional time series data server;

identify a connection attempt from a user device to a destination device with unknown risk potential;

scan a plurality of network ports at the destination device;

analyze the scan results to determine at least a plurality of open ports at the destination device and a plurality of closed ports at the destination device; and

determine a required verification score for granting access to a network resource based at least in part on the open and closed ports on the destination device;

wherein a plurality of verification methods is used to build up a user's verification score to the required verification score in order for the user to gain access to the destination device.