Method and apparatus for authentication of file read events

摘要

A computerized method and apparatus for distinguishing between false positive read events and true positive events of reading a file, comprising determining an amount of date read from the file, in case the amount of data exceeds a threshold generating a true positive read event, otherwise generating a false positive read event in case a decision condition is met, and an apparatus to carry out the same.

主权项

1. A computerized method for designating readings from a file stored on a storage device as true positive readings and non-true positive readings, comprising:
mapping the file into sections; initializing an array of elements wherein each element correspondingly represents a section of the file; responsive to reading an amount of data from the file, assigning to each element of the array a value that represents if the section corresponding to the element is a read section or an un-read section; determining by a computerized controller linked to and interacting with the storage device a pattern of sections read from the file based on the elements of the array; quantifying the pattern by evaluating a number of elements representing read sections and/or a number of elements representing read sections in a consecutive pattern; and checking if the quantification meets an at least one condition, and responsive to the checking generating an event with a designation of a true positive reading if the quantification meets the at least one condition, otherwise, generating an event with a designation of a non-true positive reading.