US 12,476,968 B2
Risk-based multi-factor authentication
Jason Crabtree, Vienna, VA (US); Andrew Sellers, Monument, CO (US); and Ian MacLeod, Arlington, VA (US)
Assigned to QOMPLX LLC, Reston, VA (US)
Filed by QOMPLX LLC, Reston, VA (US)
Filed on Sep. 11, 2023, as Appl. No. 18/464,623.
Application 18/464,623 is a continuation of application No. 17/539,137, filed on Nov. 30, 2021, granted, now 11,757,872.
Application 17/539,137 is a continuation of application No. 16/856,827, filed on Apr. 23, 2020, granted, now 11,218,474, issued on Jan. 4, 2022.
Application 16/856,827 is a continuation of application No. 15/790,860, filed on Oct. 23, 2017, granted, now 10,742,647, issued on Aug. 11, 2020.
Application 15/790,860 is a continuation in part of application No. 15/616,427, filed on Jun. 7, 2017, abandoned.
Application 15/616,427 is a continuation in part of application No. 14/925,974, filed on Oct. 28, 2015, abandoned.
Application 15/790,860 is a continuation in part of application No. 15/237,625, filed on Aug. 15, 2016, granted, now 10,248,910, issued on Apr. 2, 2019.
Application 15/237,625 is a continuation in part of application No. 15/206,195, filed on Jul. 8, 2016, abandoned.
Application 15/206,195 is a continuation in part of application No. 15/186,453, filed on Jun. 18, 2016, abandoned.
Application 15/186,453 is a continuation in part of application No. 15/166,158, filed on May 26, 2016, abandoned.
Application 15/166,158 is a continuation in part of application No. 15/141,752, filed on Apr. 28, 2016, granted, now 10,860,962, issued on Dec. 8, 2020.
Application 15/141,752 is a continuation in part of application No. 15/091,563, filed on Apr. 5, 2016, granted, now 10,204,147, issued on Feb. 12, 2019.
Application 15/141,752 is a continuation in part of application No. 14/986,536, filed on Dec. 31, 2015, granted, now 10,210,255, issued on Feb. 19, 2019.
Application 15/141,752 is a continuation in part of application No. 14/925,974, filed on Oct. 28, 2015, abandoned.
Claims priority of provisional application 62/574,708, filed on Oct. 19, 2017.
Prior Publication US 2024/0080318 A1, Mar. 7, 2024
Int. Cl. H04L 9/40 (2022.01); H04L 43/04 (2022.01)
CPC H04L 63/0861 (2013.01) [H04L 43/04 (2013.01); H04L 63/083 (2013.01); H04L 63/0876 (2013.01); H04L 63/105 (2013.01); H04L 63/1433 (2013.01); H04L 63/1408 (2013.01); H04L 2463/082 (2013.01)] 16 Claims
OG exemplary drawing
 
1. A system for risk-based multi-factor authentication, comprising:
a computing device comprising a memory and a processor, the computing device being connected to a network; and
a plurality of programming instructions stored in the memory of, and operable on the processor of, the computing device, wherein the plurality of programming instructions, when operating on the processor, causes the computing device to:
establish a baseline network profile associated with a user from time series traffic data for the network;
maintain an evolving network profile associated with the user based on network traffic and activities of the user;
analyze the network traffic using machine learning techniques to identify a cybersecurity threat to the network;
when the user attempts to access a network resource, require a response to a first additional verification at a required verification level from the user, wherein the required verification level is determined, at least in part, on the evolving network profile associated with the user, a type of the network resource, the identified cybersecurity threat, and a location of the attempted access;
determine, based on receipt of the required response to the first additional verification, whether the required response meets the required verification level; and
if the required response meets the required verification level, grant the requested access to the network resource.