System and method for security and quality assessment of wireless access points

US 10,542,029 B2
Filed: 05/16/2017
Issued: 01/21/2020
Est. Priority Date: 12/30/2013
Status: Active Grant

First Claim

Patent Images

1. A method for security risk assessment of wireless access point devices, the method comprising performing, by a computer system:

receiving, from one or more first devices, one or more reports of accesses to a first access point having a unique identifier, the one or more reports including, for each session of one or more access sessions by the one or more first devices, a count of reconnects during the each session;

determining, using the one or more reports, a security level of the first access point, the security level of the access point being determined according to a function that decreases with increasing counts of reconnects for the one or more access sessions; and

transmitting, to one or more second devices, a message indicating the security level of the first access point.

View all claims

13 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer-implemented method for security risk assessment of wireless access point devices, the computer-implemented method comprising: receiving signals from one or more wireless access points by two or more mobile wireless devices visiting said access points, obtaining Basic Service Set Identifiers (BSSID) of visited access points and reporting values derived from BSSID and from an identifier of corresponding mobile device to a first database, receiving a request for a security risk assessment of evaluated wireless access point, said request containing value derived from BSSID of the evaluated access point, searching the first database for one or more entries corresponding to the evaluated access point, and processing search results to assess security risk of the evaluated access point, said processing comprises computing a component of said risk dependent on the count of unique identifiers of mobile devices reported for the evaluated access point.

Citations

20 Claims

1. A method for security risk assessment of wireless access point devices, the method comprising performing, by a computer system:
- receiving, from one or more first devices, one or more reports of accesses to a first access point having a unique identifier, the one or more reports including, for each session of one or more access sessions by the one or more first devices, a count of reconnects during the each session;
  
  determining, using the one or more reports, a security level of the first access point, the security level of the access point being determined according to a function that decreases with increasing counts of reconnects for the one or more access sessions; and
  
  transmitting, to one or more second devices, a message indicating the security level of the first access point.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, wherein transmitting the message to the one or more second devices comprises transmitting an instruction to the one or more devices to not use the access point.
  - 3. The method of claim 1, wherein transmitting the message to the one or more second devices comprises transmitting an instruction to the one or more devices to perform data access using the first access point using a virtual private network (VPN).
  - 4. The method of claim 1, wherein transmitting the message to the one or more second devices comprises transmitting an interface to the one or more second devices, the interface indicating that the first access point is not secure and providing an interface element configured to invoke performing of data access using the first access point by means of a virtual private network (VPN).

5. A method for security risk assessment of wireless access point devices, the method comprising performing, by a computer system:
- receiving, from one or more first devices, one or more reports of accesses to a first access point having a unique identifier, the one or more reports including, for each session of one or more access sessions a count of local internet protocol (IP) addresses used during each session;
  
  determining, using the one or more reports, a security level of the first access point, the security level of the access point being determined according to a function that decreases with increase in the counts of the local IP addresses during the one or more sessions; and
  
  transmitting, to one or more second devices, a message indicating the security level of the first access point.
- View Dependent Claims (6, 7, 8)
- - 6. The method of claim 5, wherein transmitting the message to the one or more second devices comprises transmitting an instruction to the one or more devices to not use the access point.
  - 7. The method of claim 5, wherein transmitting the message to the one or more second devices comprises transmitting an instruction to the one or more devices to perform data access using the first access point using a virtual private network (VPN).
  - 8. The method of claim 5, wherein transmitting the message to the one or more second devices comprises transmitting an interface to the one or more second devices, the interface indicating that the first access point is not secure and providing an interface element configured to invoke performing of data access using the first access point by means of a virtual private network (VPN).

9. A method for security risk assessment of wireless access point devices, the method comprising performing, by a computer system:
- receiving, from one or more first devices, two or more reports of accesses to a first access point having a unique identifier, the two or more reports each corresponding to an access session of two or more access sessions, each report including a time of access for the access session to which the each report corresponds;
  
  determining, using the one or more reports, a security level of the first access point, the security level of the access point being determined according to a function that increases with increase in one or more time differences between the times of access of the first access point included in the two or more reports; and
  
  transmitting, to one or more second devices, a message indicating the security level of the first access point.
- View Dependent Claims (10, 11, 12)
- - 10. The method of claim 9, wherein transmitting the message to the one or more second devices comprises transmitting an instruction to the one or more devices to not use the access point.
  - 11. The method of claim 9, wherein transmitting the message to the one or more second devices comprises transmitting an instruction to the one or more devices to perform data access using the first access point using a virtual private network (VPN).
  - 12. The method of claim 9, wherein transmitting the message to the one or more second devices comprises transmitting an interface to the one or more second devices, the interface indicating that the first access point is not secure and providing an interface element configured to invoke performing of data access using the first access point by means of a virtual private network (VPN).

13. A method for security risk assessment of wireless access point devices, the method comprising performing, by a computer system:
- receiving, from one or more devices, two or more reports of accesses to a first access point having a unique identifier, each report of the two or more reports including at least one of a device identifier and a user identifier,determining, using the one or more reports, a security level of the first access point, the security of the access point being determined according to a function that increases with increase in a number of the at least one of the unique device identifiers and the unique user identifiers included in the two or more reports; and
  
  transmitting, to one or more second devices, a message indicating the security level of the first access point.
- View Dependent Claims (14, 15, 16)
- - 14. The method of claim 13, wherein transmitting the message to the one or more second devices comprises transmitting an instruction to the one or more devices to not use the access point.
  - 15. The method of claim 13, wherein transmitting the message to the one or more second devices comprises transmitting an instruction to the one or more devices to perform data access using the first access point using a virtual private network (VPN).
  - 16. The method of claim 13, wherein transmitting the message to the one or more second devices comprises transmitting an interface to the one or more second devices, the interface indicating that the first access point is not secure and providing an interface element configured to invoke performing of data access using the first access point by means of a virtual private network (VPN).

17. A system for security risk assessment of wireless access point devices, the system comprising one or more processing devices and one or more memory devices operably coupled to the one or more processing devices, the one or more memory devices storing executable code effective to cause the one or more processing devices to:
- receive, from two or more first devices, two or more reports of accesses to a first access point having a unique identifier, the two or more reports including, for each session of two or more access sessions by the two or more first devices, at least one of (a) a count of reconnects during the each session, (b) a count of local internet protocol (IP) addresses used during the each session, (c) a time of access of the first access point during the each session, and (d) at least one of a device identifier and a user identifier;
  
  determine, using the two or more reports a security level of the first access point according to a function that at least one of (e) decreases with increase in the counts of reconnects during the two or more access sessions, (f) decreases with increase in the counts of local IP addresses used during the two or more access sessions, (g) increases with increase in one or more time differences between the times of access of the first access point during the two or more sessions, and (h) increases with increase in a number of the at least one of the unique device identifiers and the unique user identifiers included in the two or more reports;
  
  transmitting, to one or more second devices, a message indicating the security level of the first access point.
- View Dependent Claims (18, 19, 20)
- - 18. The system of claim 17, wherein the executable code is further effective to cause the one or more processing devices to transmit the message to the one or more second devices by transmitting an instruction to the one or more devices to not use the access point.
  - 19. The system of claim 17, wherein the executable code is further effective to cause the one or more processing devices to transmit the message to the one or more second devices by transmitting an instruction to the one or more devices to perform data access using the first access point using a virtual private network (VPN).
  - 20. The system of claim 17, wherein the executable code is further effective to cause the one or more processing devices to transmit the message to the one or more second devices by transmitting an interface to the one or more second devices, the interface indicating that the first access point is not secure and providing an interface element configured to invoke performing of data access using the first access point by means of a virtual private network (VPN).

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Aura Sub, LLC
Original Assignee
Pango Inc. (Aura Sub, LLC)
Inventors
Lapidous, Eugene
Primary Examiner(s)
Siddiqi, Mohammad A

Application Number

US15/597,036
Publication Number

US 20170251011A1
Time in Patent Office

980 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/0272   Virtual private networks

H04L 63/1433   Vulnerability analysis

H04W 12/12   Detection or prevention of ...

H04W 12/67   Risk-dependent, e.g. select...

H04W 48/20   Selecting an access point

System and method for security and quality assessment of wireless access points

First Claim

13 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for security and quality assessment of wireless access points

First Claim

13 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links