US2020106803A1PendingUtilityA1

Sensor-based wireless network vulnerability detection

56
Assignee: ARMIS SECURITY LTDPriority: Jun 28, 2017Filed: Dec 3, 2019Published: Apr 2, 2020
Est. expiryJun 28, 2037(~11 yrs left)· nominal 20-yr term from priority
H04W 24/08H04L 63/0263G06F 21/577H04L 63/1433H04L 63/1425H04L 63/1408H04L 63/1416G06F 21/554H04W 12/086
56
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

Certain embodiments disclosed herein include a method for detecting potential vulnerabilities in a wireless environment. The method comprises collecting, by a network sensor deployed in the wireless environment, at least wireless traffic data; analyzing the collected wireless traffic data to detect at least activity initiated by a wireless entity in the wireless environment; initiating at least one investigation actions to determine if any identified wireless network is a vulnerable network; determining a risk score based in part on the at least one investigation action; and enforcing a security policy on the identified vulnerable network, wherein the security policy is determined responsive to the risk score and instructions received from a control system.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
         1 . A method for detecting potential vulnerabilities in a wireless environment, comprising:
 collecting, by a network sensor deployed in the wireless environment, at least wireless traffic data;   analyzing the collected wireless traffic data to detect at least activity initiated by a wireless entity in the wireless environment;   initiating at least one investigation action to determine if any identified wireless network is a vulnerable network;   determining a risk score based in part on the at least one investigation action; and   enforcing a security policy on the identified vulnerable network, wherein the security policy is determined responsive to the risk score and instructions received from a control system.   
     
     
         2 . The method of  claim 1 , wherein a vulnerable network is detected when a risk score is over a predefined threshold value. 
     
     
         3 . The method of  claim 1 , further comprising: performing a mitigation action based on the determined risk score. 
     
     
         4 . The method of  claim 1 , wherein a suspicious network is automatically labeled as a vulnerable network. 
     
     
         5 . The method of  claim 1 , further comprising: determining a vulnerable network based on at least one of: a connection type, transmitted data, usage patterns, and a fingerprint of an unknown device 
     
     
         6 . The method of  claim 1 , further comprising: determining whether a wireless network, or any device connected in the wireless network, performs a malicious activity. 
     
     
         7 . The method of  claim 6 , further comprising: determining the wireless network to be vulnerable when the wireless network, or any device connected in the wireless network, performs a malicious activity. 
     
     
         8 . The method of  claim 1 , further comprising: generating a list of wireless entities in a wireless environment. 
     
     
         9 . The method of  claim 8 , further comprising: checking a wireless device to detect at least known or unknown vulnerabilities, where the wireless device is added to the list of wireless entities in the wireless environment. 
     
     
         10 . A non-transitory computer readable medium having stored thereon instructions for causing a processing circuitry to execute the method of  claim 1 . 
     
     
         11 . A system for detecting potential vulnerabilities in a wireless environment, comprising:
 a processing circuitry; and   a memory, the memory containing instructions that, when executed by the processing circuitry, configure the system to:   collect, by a network sensor deployed in the wireless environment, at least wireless traffic data;   analyze the collected wireless traffic data to detect at least activity initiated by a wireless entity in the wireless environment;   initiate at least one investigation actions to determine if any identified wireless network is a vulnerable network;   determine a risk score based in part on the at least one investigation action; and   enforce a security policy on the identified vulnerable network, wherein the security policy is determined responsive to the risk score and instructions received from a control system.   
     
     
         12 . The system of  claim 11 , wherein the system is configured such that a vulnerable network is detected when a risk score is over a predefined threshold value. 
     
     
         13 . The system of  claim 11 , wherein the system is further configured to: perform a mitigation action based on the determined risk score. 
     
     
         14 . The system of  claim 11 , wherein the system is further configured such that a suspicious network is automatically labeled a vulnerable network. 
     
     
         15 . The system of  claim 11 , wherein the system is further configured to: determine a vulnerable network based on at least one of: a connection type, transmitted data, usage patterns, and a fingerprint of an unknown device 
     
     
         16 . The system of  claim 11 , wherein the system is further configured to: determine whether a wireless network, or any device connected in the wireless network, performs a malicious activity. 
     
     
         17 . The system of  claim 16 , wherein the system is further configured to: determine the wireless network to be vulnerable when the wireless network, or any device connected in the wireless network, performs a malicious activity. 
     
     
         18 . The system of  claim 11 , wherein the system is further configured to: generate a list of wireless entities in a wireless environment. 
     
     
         19 . The system of  claim 18 , wherein the system is further configured to: check a wireless device to detect at least known or unknown vulnerabilities, where the wireless device is added to the list of wireless entities in the wireless environment.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.