Anti-takeover systems and methods for network attached peripherals

US 10,348,732 B2
Filed: 03/23/2018
Issued: 07/09/2019
Est. Priority Date: 01/28/2014
Status: Active Grant

First Claim

Patent Images

1. An automated anti-takeover method, comprising:

establishing a data session between a peripheral device and a network;

receiving, at the peripheral device, a hint package and an anti-takeover code derived from a function seeded with a shared secret value, the hint package being received based at least in part on detection of a network inclusion event associated with the peripheral device;

storing, at the peripheral device, the hint package and the anti-takeover code;

determining whether the anti-takeover code matches a previously stored anti-takeover code; and

unhobbling the peripheral device based at least in part on determining whether the anti-takeover code matches the previously stored anti-takeover code.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, systems, and devices are described for the prevention of network peripheral takeover activity. Peripheral devices may implement an anti-takeover mechanism limiting the number of available device command classes when certain handshake and verification requirements are not met. Anti-takeover peripheral devices with protection enabled may be relocated within a controller network, or in certain cases, from one controller network to another controller network when certain conditions are met. That same device may be hobbled when removed from a controller network and may remain hobbled when connected to another network that fails to meet certain conditions. Unprotection and unhobbling of a device may occur through an algorithmic mechanism using values stored on the peripheral device and the controller device for one or more of anti-takeover code generation, anti-takeover code comparison, network identification value comparison, and manufacturer identification value comparison.

26 Citations

20 Claims

1. An automated anti-takeover method, comprising:
- establishing a data session between a peripheral device and a network;
  
  receiving, at the peripheral device, a hint package and an anti-takeover code derived from a function seeded with a shared secret value, the hint package being received based at least in part on detection of a network inclusion event associated with the peripheral device;
  
  storing, at the peripheral device, the hint package and the anti-takeover code;
  
  determining whether the anti-takeover code matches a previously stored anti-takeover code; and
  
  unhobbling the peripheral device based at least in part on determining whether the anti-takeover code matches the previously stored anti-takeover code.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, further comprising:
    - conducting a handshake between the peripheral device and the network before establishing the data session, wherein establishing the data session between the peripheral device and the network is based at least in part on conducting the handshake.
  - 3. The method of claim 1, wherein the shared secret value comprises an undiscoverable value shared by a plurality of controller devices on one or more related networks.
  - 4. The method of claim 1, further comprising:
    - retrieving the stored hint package; and
      
      transmitting the hint package to a controller node during the unhobbling.
  - 5. The method of claim 1, further comprising:
    - detecting, by the peripheral device, a network exclusion event, wherein the network exclusion event comprises an absence of communication between the peripheral device and the network; and
      
      hobbling the peripheral device based at least in part on detecting the network exclusion event.
  - 6. The method of claim 1, further comprising:
    - establishing a second data session between the peripheral device and a second network;
      
      receiving, at the peripheral device, a second hint package and a second anti-takeover code different than the hint package and the anti-takeover code;
      
      storing, at the peripheral device, the second hint package and the second anti-takeover code;
      
      determining whether the second anti-takeover code matches the anti-takeover code; and
      
      unhobbling the peripheral device based at least in part on determining whether the second anti-takeover code matches the anti-takeover code.
  - 7. The method of claim 1, wherein unhobbling the peripheral device comprises:
    - transmitting the hint package to a node associated with the network, the hint package comprising a network identification value, a shared secret version value, and a random value such as a series of randomly generated bytes.
  - 8. The method of claim 1, wherein the peripheral device comprises a sensor, a feature controller, a router, or a meter.
  - 9. The method of claim 1, wherein the data session is established via a wireless connection.

10. An apparatus for security and/or automation systems, comprising:
- a processor;
  
  memory in electronic communication with the processor; and
  
  instructions stored in the memory, the instructions being executable by the processor to;
  
  establish a data session between a peripheral device and a network;
  
  receive, at the peripheral device, a hint package and an anti-takeover code derived from a function seeded with a shared secret value, the hint package being received based at least in part on detection of a network inclusion event associated with the peripheral device;
  
  store, at the peripheral device, the hint package and the anti-takeover code;
  
  determine whether the anti-takeover code matches a previously stored anti-takeover code; and
  
  unhobble the peripheral device based at least in part on determining whether the anti-takeover code matches the previously stored anti-takeover code.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The apparatus of claim 10, wherein the processor is further configured to:
    - conduct a handshake between the peripheral device and the network before establishing the data session, wherein establishing the data session between the peripheral device and the network is based at least in part on conducting the handshake.
  - 12. The apparatus of claim 10, wherein the shared secret value comprises an undiscoverable value shared by a plurality of controller devices on one or more related networks.
  - 13. The apparatus of claim 10, wherein the processor is further configured to:
    - retrieve the stored hint package; and
      
      transmit the hint package to a controller node during the unhobbling.
  - 14. The apparatus of claim 10, wherein the processor is further configured to:
    - detect, by the peripheral device, a network exclusion event, wherein the network exclusion event comprises an absence of communication between the peripheral device and the network; and
      
      hobble the peripheral device based at least in part on detecting the network exclusion event.
  - 15. The apparatus of claim 10, wherein the processor is further configured to:
    - establish a second data session between the peripheral device and a second network;
      
      receive, at the peripheral device, a second hint package and a second anti-takeover code different than the hint package and the anti-takeover code;
      
      store, at the peripheral device, the second hint package and the second anti-takeover code;
      
      determine whether the second anti-takeover code matches the anti-takeover code; and
      
      unhobble the peripheral device based at least in part on determining whether the second anti-takeover code matches the anti-takeover code.
  - 16. The apparatus of claim 10, wherein the processor is further configured to:
    - transmit the hint package to a node associated with the network, the hint package comprising a network identification value, a shared secret version value, and a random value such as a series of randomly generated bytes.
  - 17. The apparatus of claim 10, wherein the peripheral device comprises a sensor, a feature controller, a router, or a meter.

18. A non-transitory computer-readable medium storing computer-executable code, the code executable by a processor to:
- establish a data session between a peripheral device and a network;
  
  receive, at the peripheral device, a hint package and an anti-takeover code derived from a function seeded with a shared secret value, the hint package being received based at least in part on detection of a network inclusion event associated with the peripheral device;
  
  store, at the peripheral device, the hint package and the anti-takeover code;
  
  determine whether the anti-takeover code matches a previously stored anti-takeover code; and
  
  unhobble the peripheral device based at least in part on determining whether the anti-takeover code matches the previously stored anti-takeover code.
- View Dependent Claims (19, 20)
- - 19. The non-transitory computer-readable medium storing computer-executable code of claim 18, wherein the code is executable by the processor to:
    - conduct a handshake between the peripheral device and the network before establishing the data session, wherein establishing the data session between the peripheral device and the network is based at least in part on conducting the handshake.
  - 20. The non-transitory computer-readable medium storing computer-executable code of claim 18, wherein the code is executable by the processor to:
    - retrieve the stored hint package; and
      
      transmit the hint package to a controller node during the unhobbling.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Vivint Incorporated (NRG Energy, Inc.)
Original Assignee
Vivint Incorporated (NRG Energy, Inc.)
Inventors
Warren, Jeremy B.
Primary Examiner(s)
Chang, Kenneth W

Application Number

US15/933,887
Publication Number

US 20180288054A1
Time in Patent Office

473 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/60   Protecting data

H04L 2209/80   Wireless network architectu...

H04L 63/0428   wherein the data content is...

H04L 63/08   for authentication of entit...

H04L 63/10   for controlling access to d...

H04L 63/123   received data contents, e.g...

H04L 63/14   for detecting or protecting...

H04L 63/20   for managing network securi...

H04L 9/0643   Hash functions, e.g. MD5, S...

H04L 9/0866   involving user or device id...

H04L 9/0869   involving random numbers or...

H04L 9/0891   Revocation or update of sec...

H04L 9/3226   using a predetermined code,...

H04L 9/3236   using cryptographic hash fu...

H04W 12/37   Managing security policies ...

Anti-takeover systems and methods for network attached peripherals

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

26 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Anti-takeover systems and methods for network attached peripherals

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

26 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links