Abstract: There is provided a method of authenticating a user in a network. The method can be executed on a server. The method comprises: acquiring a non-authorized user-behavior model associated with a non-authorized access to a network resource by an unauthorized entity, the non-authorized user-behavior model having been generated during blocking the non-authorized access to the network resource by the unauthorized entity; retrieving from a log stored on the network server, an indication of a plurality of users, each respective user associated with a respective user-behavior model; responsive to one of the respective user-behavior model matching the non-authorized user-behavior model, associating a user account associated with the respective user associated with the one of the respective user-behavior model with a security-violation parameter; responsive to the security-violation parameter, restricting user activity within the user account.

Abstract: There is provided a method of processing a potentially unauthorized user access request. The method is executable on a server. The method comprises: receiving a first session identifier associated with a first communication session associated with a user account; receiving a second session identifier associated with a second communication session associated with the user account; based on user behavior within the first communication session, generating a first user behavior model associated with the first communication session; based on user behavior within the second communication session, generating a second user behavior model associated with the second communication session; responsive to one of the first user behavior model and the second user behavior model being different from a stored authorized user behavior model associated with the user account, restricting user activity within the respective one of the first communication session and the second communication session.

Abstract: There is provided a method of processing a potentially unauthorized user access request. The method is executable on a server. The method comprises: receiving a first session identifier associated with a first communication session associated with a user account; receiving a second session identifier associated with a second communication session associated with the user account; based on user behaviour within the first communication session, generating a first user behaviour model associated with the first communication session; based on user behaviour within the second communication session, generating a second user behaviour model associated with the second communication session; responsive to one of the first user behaviour model and the second user behaviour model being different from a stored authorized user behaviour model associated with the user account, restricting user activity within the respective one of the first communication session and the second communication session.

Abstract: There is provided a method of authenticating a user in a network. The method can be executed on a server. The method comprises: acquiring a non-authorized user-behavior model associated with a non-authorized access to a network resource by an unauthorized entity, the non-authorized user-behavior model having been generated during blocking the non-authorized access to the network resource by the unauthorized entity; retrieving from a log stored on the network server, an indication of a plurality of users, each respective user associated with a respective user-behavior model; responsive to one of the respective user-behavior model matching the non-authorized user-behavior model, associating a user account associated with the respective user associated with the one of the respective user-behavior model with a security-violation parameter; responsive to the security-violation parameter, restricting user activity within the user account.