Browse Prior Art Database

Method and System for Identifying a Trusted User of a User Account after a Suspected Phishing Attack

IP.com Disclosure Number: IPCOM000200155D
Publication Date: 2010-Oct-01
Document File: 2 page(s) / 17K

Publishing Venue

The IP.com Prior Art Database

Related People

Belle Tseng: INVENTOR [+3]

Abstract

A method and system for identifying a trusted user of a user account after a suspected phishing attack on the user account is disclosed. The method includes building a user belief model based on user's beliefs, preferences and tastes. The user belief model is used to generate questions with answers that are consistent with the user's beliefs and tastes. The generated questions are asked to the users for identifying the true account holder.

This text was extracted from a Microsoft Word document.
This is the abbreviated version, containing approximately 52% of the total text.

Method and System for Identifying a Trusted User of a User Account after a Suspected Phishing Attack

Abstract

A method and system for identifying a trusted user of a user account after a suspected phishing attack on the user account is disclosed.  The method includes building a user belief model based on user's beliefs, preferences and tastes.  The user belief model is used to generate questions with answers that are consistent with the user's beliefs and tastes.  The generated questions are asked to the users for identifying the true account holder.

Description

A large number of user accounts are compromised due to phishing attacks.  Typically, a user is required to create account recovery questions and answers while creating the user account.  The account recovery questions may be asked to the user for validating identity of the user in the case of phishing attacks.

Disclosed is a method and system that does not require the user to create such account-recovery questions and answers.  The method and system identify a trusted user of a user account after a suspected phishing attack on the user account.  In order to identify the trusted user, a user belief model is built on a per-user basis.  The user belief model takes into account various beliefs, preferences and tastes of the user.  Examples of such beliefs, preferences and tastes could correspond to a political ideology of the user, the user's taste in music including favorite genres, artists, and song types, and the user's affinity to particular sports teams, etc.  The beliefs, preferences and tastes are automatically learned by aggregating the user's activities.  Examples of user activities include nature of comments posted by the user, a social circle of the user, a type of abuse reported by the user, etc.

When a phishing attack is determined, a trained user belief model corresponding to the true account holder may be used to generate a set of N challenge questions along with the probable answers for these questions.  The N challenge questions are then used to determine if a user is the true user of the user account.  As the trusted user has consistent beliefs, preferences and tastes, the beliefs, preferences and tastes would get reflected in all actions of the user in the account.  The user belief model will learn these beliefs and tastes.  However, a bot or an attacker will not know the beliefs, preferences and tastes of the true user to successfully spoof the answers.  Any number of question-answer sets can be automatically generated by the trained user model.  For example, the user may be shown a set of “n” pictures of football players and asked to pick all “x” players from “n” pictures (x less than or equal to n) that belong to the user’s favorite football team.  Similarly, “J” samples of music from different genr...