Patent
Layered graphical event mapping
| العنوان: | Layered graphical event mapping |
|---|---|
| Patent Number: | 9,008,617 |
| تاريخ النشر: | April 14, 2015 |
| Appl. No: | 11/617140 |
| Application Filed: | December 28, 2006 |
| مستخلص: | A system, method and computer program product for graphically overlaying multiple types of events in order to facilitate determining one or more courses of action are each disclosed. Events are received from an event detection system or from another source, correlated with an address or location, and representatively mapped on an electronic map configured to be displayed on a display device. Mapped events may include cyber attacks or intrusions, credit card fraud based on the location of use of the credit card, check (and check-card) fraud based on usage location, 911 calls, law enforcement demographic data, and telecommunications based fraud. |
| Inventors: | McConnell, James T. (Keller, TX, US) |
| Assignees: | Verizon Patent and Licensing Inc. (Basking Ridge, NJ, US) |
| Claim: | 1. A processor-implemented method, comprising: receiving fraud information about a plurality of fraud events that were facilitated by a network, the fraud information including, for each of the fraud events, a network address identifying a network point that facilitated the respective fraud event; receiving network intrusion information about a plurality of intrusion events occurring in the network, where each intrusion event comprises an unauthorized attempt to enter or use a system of the network via a network point, and the network intrusion information includes, for each of the plurality of intrusion events, a network address of the network point associated with the respective intrusion event; receiving physical crime information associated with a plurality of physical crimes, wherein the physical crime information includes geographical locations that are associated with the plurality of physical crimes, and a description of each of the plurality of physical crimes; automatically correlating via a processor the network addresses of the network intrusion information and the network addresses of the fraud information with location information for the network points of the network to determine physical locations associated with the plurality of fraud events and physical locations associated with the plurality of intrusion events; generating via the processor a map of subject specific overlays displaying in layers: a fraud events overlay of geographical locations of the physical locations associated with the plurality of fraud events, an intrusion events overlay of geographical locations of the physical locations associated with the plurality of intrusion events, and a physical crime events overlay of geographical locations of the physical crime locations; identifying via the processor geographical pockets of threats derived from the fraud event locations, the intrusion events locations, and the physical crime locations, displayed on the generated multi-overlay map; and prioritizing via the processor threat response resources according to the identified geographical pockets of threats. |
| Claim: | 2. The method of claim 1 , wherein receiving fraud information about a fraud event comprises receiving a description of the fraud event and at least one telephone number. |
| Claim: | 3. The method of claim 2 , wherein correlating the fraud information with location information to determine a plurality of physical locations associated with the events comprises electronically correlating the at least one phone number with at least one of an inventory database and a billing database to determine at least one physical location associated with the fraud event. |
| Claim: | 4. The method of claim 1 , wherein receiving fraud information about a fraud event comprises receiving from a fraud detection system that electronically reviews call detail records a description of the fraud event and at least one telephone number. |
| Claim: | 5. The method of claim 1 , further comprising electronically generating a map with a computing device and mapping software and electronically displaying on a display device computer-generated icons that show the geographical plurality of physical locations associated with the fraud event, the geographical locations of the identified network points and the geographical locations of the physical crime locations. |
| Claim: | 6. A system comprising: a fraud detection system configured to electronically review call detail records and identify suspected fraudulent events that were facilitated by a network, thereby creating fraud information that includes, for each of the fraud events, a network address identifying a network point that facilitated the respective fraud event; an intrusion detection system configured to electronically review network information and identify network intrusion events occurring in the network, where each intrusion event comprises an unauthorized attempt to enter or use a system of the network via a network point, thereby generating network intrusion information that includes, for each of the plurality of network intrusion events, a network address of the network point associated with the respective network intrusion event; a physical crimes database configured to electronically store locations of occurrences of physical crimes; a location/GPS engine configured to automatically correlate said network addresses of fraud information with one or more physical locations according to the call detail records, automatically correlate said network addresses of the network intrusion information with one or more physical locations, and obtain from said physical crimes database the locations of said occurrences of physical crimes; and an electronic mapping system configured to receive fraud-location information indicating physical locations associated with the fraud events from said location/GPS engine, map said fraud-location information according to a fraud events overlay on an electronic multi-overlay map that is displayed on a display device, receive network-intrusion-location information indicating physical locations associated with the network intrusion events from said location/GPS engine, map said network-intrusion-location information on an intrusion events overlay of the electronic multi-overlay map that is displayed on the display device, receive physical-crime-location information indicating the locations of said occurrences of physical crimes from said location/GPS engine, map said physical-crime-location information on a physical crime events overlay of the electronic multi-overlay map that is displayed on the display device, identify geographical pockets of threats derived from the physical location information displayed on the electronic multi-overlay map, and prioritize threat response resources according to the identified geographical pockets of threats. |
| Claim: | 7. The system of claim 6 , wherein said fraud information comprises at least a portion of one or more telephone numbers. |
| Claim: | 8. The system of claim 6 , wherein correlating said fraud information with one or more physical locations comprises using said at least a portion of one or more telephone numbers correlated against a location database to determine said one or more physical locations. |
| Claim: | 9. The system of claim 8 , wherein the location database is comprised of at least one of an inventory database and a billing database. |
| Claim: | 10. The system of claim 6 , wherein said one or more physical locations are provided as one of street addresses, latitude and longitude, horizontal and vertical coordinates, or combinations thereof. |
| Claim: | 11. The method of claim 1 , further comprising: determining via the processor a cumulative risk of the identified geographic pockets of threats, wherein the cumulative risk is determined relative to a predetermined risk threshold. |
| Claim: | 12. The method of claim 5 , further comprising including non-crime data along with the subject specific overlays, the non-crime data including at least one of sales information, census figures, and property values. |
| Claim: | 13. The method of claim 12 , further comprising prioritizing the threat response resources further accounting for the non-crime data. |
| Claim: | 14. The method of claim 5 , further comprising sizing the computer-generated icons on the display device according to a magnitude of a respective activity represented by the respective computer-generated icons. |
| Claim: | 15. The method of claim 14 , wherein the magnitude of the respective activity represents a cumulative crime risk associated with the location of the respective computer-generated icons. |
| Claim: | 16. The method of claim 15 , wherein the cumulative crime risk represents cumulative risk of intrusion, fraud and physical crime associated with the location. |
| Claim: | 17. A system comprising: a fraud database comprised of fraud information associated with a plurality of fraud events that were facilitated by a network, the fraud information including, for each of the fraud events, a network address identifying a network point that facilitated the respective fraud event; an intrusion database comprised of intrusion information about a plurality of intrusion events occurring in the network, where each intrusion event comprises an unauthorized attempt to enter or use a system of the network via a network point, and the network intrusion information includes, for each of the plurality of intrusion events, a network address of the network point associated with the respective intrusion event; a physical crimes database comprised of physical crime information that is associated with at least the locations of the occurrences of a plurality of physical crimes; a location/GPS engine configured to receive said fraud information from said fraud database and said intrusion information from said intrusion database, correlate the network addresses of said fraud information with physical locations thereby obtaining physical locations associated with the fraud events, and correlate the network addresses of said intrusion information with physical locations thereby obtaining physical locations associated with the intrusion events; a mapping database configured to receive at least said physical locations of the fraud events and said physical locations of the intrusion events from said location/GPS engine and said locations of the occurrences of the plurality of physical crimes from the physical crimes database to form mapping information; and an electronic mapping system map that is configured to retrieve said mapping information from said mapping database, display in layers said physical locations of said fraud events in a fraud events overlay, said physical locations of the intrusion events in an intrusion events overlay, and the physical locations of said physical crimes via computer-generated icons in a physical crime events overlay, on an electronic multi-overlay map that is displayed on a display device, size the computer-generated icons on the display device according to a magnitude of a respective activity represented by the respective computer-generated icons, identify geographical pockets of threats derived from the fraud event locations, the identified network point locations, and the physical crime locations, displayed on the multi-overlay map, and prioritize via the processor threat response resources according to the identified geographical pockets of threats. |
| Claim: | 18. The system of claim 17 , wherein said fraud information is comprised of at least a portion of one or more telephone numbers. |
| Claim: | 19. The system of claim 18 , wherein correlating said fraud information with the plurality of physical locations comprises using said at least a portion of one or more telephone numbers correlated against a location database to determine said plurality of physical locations. |
| Claim: | 20. The system of claim 19 , wherein the location database is comprised of at least one of an inventory database and a billing database. |
| Claim: | 21. The system of claim 17 , wherein said intrusion information comprises at least a portion of one or more Internet Protocol (IP) addresses. |
| Claim: | 22. The system of claim 21 , wherein correlating said intrusion information with the plurality of physical locations comprises using said at least a portion of one or more IP addresses correlated against a location database to determine the plurality of physical locations. |
| Claim: | 23. The system of claim 22 , wherein the location database comprises at least an address routing protocol (ARP) database. |
| Claim: | 24. A computer program product, comprising: a non-transitory computer readable medium having computer readable code embodied therein, the computer readable code being configured to, when executed by a processor of a computing device, cause the computing device to perform the method of claim 1 . |
| Claim: | 25. The computer program product of claim 24 , wherein the computer readable code is further configured to, when executed by the processor, cause the computing device to receive a description of each of the plurality of fraud events and at least one telephone number of each of the plurality of fraud events. |
| Claim: | 26. The computer program product of claim 24 , wherein the computer readable code is further configured to, when executed by the processor, cause the computing device to electronically correlate each of the at least one phone numbers with at least one of an inventory database and a billing database to determine each of the plurality of physical locations associated with the fraud events. |
| Claim: | 27. The computer program product of claim 24 , wherein the computer readable code is further configured to, when executed by the processor, cause the computing device to receive from a fraud detection system that electronically reviews call detail records a description of the fraud events and each of the at least one telephone numbers. |
| Claim: | 28. The computer program product of claim 24 , wherein the computer readable code is further configured to, when executed by the processor, cause the computing device to electronically generate a multi-overlay map with a computing device and mapping software and electronically display on a display device computer-generated icons that show the geographical locations of the plurality of physical locations associated with the fraud events, the geographical locations of the identified network points and the geographical locations of the physical crime locations. |
| Current U.S. Class: | 455/410 |
| Patent References Cited: | 4729737 March 1988 Reagan et al. 5515285 May 1996 Garrett et al. 5781704 July 1998 Rossmo 5848373 December 1998 DeLorme et al. 5940598 August 1999 Strauss et al. 6088804 July 2000 Hill et al. 6163604 December 2000 Baulier et al. 6240360 May 2001 Phelan 6377987 April 2002 Kracht 6430274 August 2002 Winstead et al. 6456306 September 2002 Chin et al. 6456852 September 2002 Bar et al. 6633230 October 2003 Grandin et al. 6691161 February 2004 Cook et al. 6691256 February 2004 Cook et al. 6813777 November 2004 Weinberger et al. 6816090 November 2004 Teckchandani et al. 6832247 December 2004 Cochran et al. 6839852 January 2005 Pantuso et al. 6900822 May 2005 Germain et al. 6917288 July 2005 Kimmel et al. 6941359 September 2005 Beaudoin et al. 7031728 April 2006 Beyer 7082535 July 2006 Norman et al. 7096498 August 2006 Judge 7146568 December 2006 Richardson 7227950 June 2007 Faith et al. 7243008 July 2007 Stockdale et al. 7260844 August 2007 Tidwell et al. 7269796 September 2007 Bayes et al. 7272648 September 2007 Kawasaki et al. 7272795 September 2007 Garding et al. 7337222 February 2008 Du et al. 7337408 February 2008 DeLuca et al. 7342581 March 2008 Vinberg 7349982 March 2008 Hannum et al. 7418733 August 2008 Connary et al. 7609156 October 2009 Mullen 8015604 September 2011 Tidwell et al. 8082506 December 2011 McConnell 8091130 January 2012 McConnell 8171555 May 2012 D'Mello et al. 8201257 June 2012 Andres et al. 8352739 January 2013 Park et al. 8359343 January 2013 McConnell 8538676 September 2013 Wuersch et al. 8561175 October 2013 Williams et al. 8571580 October 2013 Altman et al. 8590047 November 2013 Hoyt et al. 8615582 December 2013 Mcclure et al. 8620344 December 2013 Huang et al. 8634860 January 2014 Huang et al. 8655371 February 2014 Huang 8711698 April 2014 Cohen et al. 8719198 May 2014 Zheng et al. 8745090 June 2014 Caduff 2003/0018769 January 2003 Foulger et al. 2003/0115211 June 2003 Chen et al. 2003/0200347 October 2003 Weitzman 2003/0232598 December 2003 Aljadeff et al. 2004/0003285 January 2004 Whelan et al. 2004/0044912 March 2004 Connary et al. 2004/0117624 June 2004 Brandt et al. 2004/0121787 June 2004 Day et al. 2004/0172466 September 2004 Douglas et al. 2004/0233234 November 2004 Chaudhry et al. 2004/0240297 December 2004 Shimooka et al. 2004/0260945 December 2004 Raikar et al. 2005/0075116 April 2005 Laird et al. 2005/0075119 April 2005 Sheha et al. 2005/0206513 September 2005 Fallon 2006/0004497 January 2006 Bull 2006/0041345 February 2006 Metcalf 2006/0200490 September 2006 Abbiss 2007/0008885 January 2007 Bonner 2007/0038568 February 2007 Greene et al. 2007/0079243 April 2007 Leigh et al. 2007/0204033 August 2007 Bookbinder et al. 2009/0138353 May 2009 Mendelson 2009/0157744 June 2009 McConnell 2009/0172773 July 2009 Moore 2009/0249460 October 2009 Fitzgerald et al. 2010/0311386 December 2010 Edge et al. 2011/0016536 January 2011 O'Brien et al. 2011/0099281 April 2011 Bakker et al. 2011/0183644 July 2011 Gupta 2011/0189971 August 2011 Faccin et al. 2011/0195687 August 2011 Das et al. 2012/0252493 October 2012 Siddeley et al. 2005/076135 August 2005 |
| Other References: | Brown et al., “Crime Mapping for Computer Crimes”, Charlottesville, VA, Jun. 9, 2000. cited by applicant Clancy, et al, “Security threats to signal classifiers using self-organizing maps,” Department of Electrical and Computer Engineering University of Maryland, College Park , Proceedings of the 4th International Conference on Crown.com 2009, 6 pages. cited by applicant Fu, et al, “The Digital Marauder's Map: A New Threat to Location Privacy,” IEEE 29th IEEE International Conference on Distributed Computing Systems, 2009 p. 589-596. cited by applicant |
| Assistant Examiner: | Dean, Jr., Joseph |
| Primary Examiner: | Brandt, Christopher M |
| رقم الانضمام: | edspgr.09008617 |
| قاعدة البيانات: | USPTO Patent Grants |
| الوصف غير متاح. |