Sensor-based wireless network vulnerability detection
Abstract
Certain embodiments disclosed herein include a method for detecting potential vulnerabilities in a wireless environment. The method comprises collecting, by a network sensor deployed in the wireless environment, at least wireless traffic data; analyzing the collected wireless traffic data to detect at least activity initiated by a wireless entity in the wireless environment; initiating at least one investigation actions to determine if any identified wireless network is a vulnerable network; determining a risk score based in part on the at least one investigation action; and enforcing a security policy on the identified vulnerable network, wherein the security policy is determined responsive to the risk score and instructions received from a control system.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . A method for detecting potential vulnerabilities in a wireless environment, comprising:
collecting, by a network sensor deployed in the wireless environment, at least wireless traffic data; analyzing the collected wireless traffic data to detect at least activity initiated by a wireless entity in the wireless environment; initiating at least one investigation action to determine if any identified wireless network is a vulnerable network; determining a risk score based in part on the at least one investigation action; and enforcing a security policy on the identified vulnerable network, wherein the security policy is determined responsive to the risk score and instructions received from a control system.
2 . The method of claim 1 , wherein a vulnerable network is detected when a risk score is over a predefined threshold value.
3 . The method of claim 1 , further comprising: performing a mitigation action based on the determined risk score.
4 . The method of claim 1 , wherein a suspicious network is automatically labeled as a vulnerable network.
5 . The method of claim 1 , further comprising: determining a vulnerable network based on at least one of: a connection type, transmitted data, usage patterns, and a fingerprint of an unknown device
6 . The method of claim 1 , further comprising: determining whether a wireless network, or any device connected in the wireless network, performs a malicious activity.
7 . The method of claim 6 , further comprising: determining the wireless network to be vulnerable when the wireless network, or any device connected in the wireless network, performs a malicious activity.
8 . The method of claim 1 , further comprising: generating a list of wireless entities in a wireless environment.
9 . The method of claim 8 , further comprising: checking a wireless device to detect at least known or unknown vulnerabilities, where the wireless device is added to the list of wireless entities in the wireless environment.
10 . A non-transitory computer readable medium having stored thereon instructions for causing a processing circuitry to execute the method of claim 1 .
11 . A system for detecting potential vulnerabilities in a wireless environment, comprising:
a processing circuitry; and a memory, the memory containing instructions that, when executed by the processing circuitry, configure the system to: collect, by a network sensor deployed in the wireless environment, at least wireless traffic data; analyze the collected wireless traffic data to detect at least activity initiated by a wireless entity in the wireless environment; initiate at least one investigation actions to determine if any identified wireless network is a vulnerable network; determine a risk score based in part on the at least one investigation action; and enforce a security policy on the identified vulnerable network, wherein the security policy is determined responsive to the risk score and instructions received from a control system.
12 . The system of claim 11 , wherein the system is configured such that a vulnerable network is detected when a risk score is over a predefined threshold value.
13 . The system of claim 11 , wherein the system is further configured to: perform a mitigation action based on the determined risk score.
14 . The system of claim 11 , wherein the system is further configured such that a suspicious network is automatically labeled a vulnerable network.
15 . The system of claim 11 , wherein the system is further configured to: determine a vulnerable network based on at least one of: a connection type, transmitted data, usage patterns, and a fingerprint of an unknown device
16 . The system of claim 11 , wherein the system is further configured to: determine whether a wireless network, or any device connected in the wireless network, performs a malicious activity.
17 . The system of claim 16 , wherein the system is further configured to: determine the wireless network to be vulnerable when the wireless network, or any device connected in the wireless network, performs a malicious activity.
18 . The system of claim 11 , wherein the system is further configured to: generate a list of wireless entities in a wireless environment.
19 . The system of claim 18 , wherein the system is further configured to: check a wireless device to detect at least known or unknown vulnerabilities, where the wireless device is added to the list of wireless entities in the wireless environment.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.