Protecting network devices from suspicious communications
First Claim
Patent Images
1. An apparatus comprising:
- one or more processors; and
memory storing computer executable instructions that, when executed by the one or more processors, cause the apparatus to;
determine, based on monitored communication between a first device and a second device via a network, information associated with expected communication behavior for the first device;
determine, based on the expected communication behavior and based on monitored subsequent communication associated with the first device, a degree of communication deviation;
compare the degree of communication deviation with a first deviation range of a plurality of different deviation ranges, wherein each of the deviation ranges is associated with one or more corresponding communication parameters;
cause, based on the comparing, application of one or more communication parameters to communication of the first device; and
control, based on the application, network access associated with the first device.
0 Assignments
0 Petitions
Accused Products
Abstract
According to some aspects, disclosed methods and systems may comprise generating a profile that is based on monitoring a communication pattern associated with a device. Subsequent communications associated with the device may be monitored. Based on the profile and the subsequent communication, a security status may be associated with the device.
12 Citations
20 Claims
-
1. An apparatus comprising:
-
one or more processors; and memory storing computer executable instructions that, when executed by the one or more processors, cause the apparatus to; determine, based on monitored communication between a first device and a second device via a network, information associated with expected communication behavior for the first device; determine, based on the expected communication behavior and based on monitored subsequent communication associated with the first device, a degree of communication deviation; compare the degree of communication deviation with a first deviation range of a plurality of different deviation ranges, wherein each of the deviation ranges is associated with one or more corresponding communication parameters; cause, based on the comparing, application of one or more communication parameters to communication of the first device; and control, based on the application, network access associated with the first device. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. An apparatus comprising:
-
one or more processors; and memory storing computer executable instructions that, when executed by the one or more processors, cause the apparatus to; generate, based on detected communication associated with a first device, a historical communication pattern for the first device, wherein the first device is associated with a first network; determine, based on detected communication associated with the first device, a current communication pattern associated with the first device; and cause, based on whether the current communication pattern differs from the historical communication pattern by a threshold level, application of one or more communication parameters to communication of the first device. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. An apparatus comprising:
-
one or more processors; and memory storing computer executable instructions that, when executed by the one or more processors, cause the apparatus to; determine, based on monitored communication of a first device and monitored communication of a second device, expected communication behavior of the first device and expected communication behavior of the second device; determine, based on the expected communication behavior of the first device and expected communication behavior of the second device, a first degree of communication deviation for the first device and a second degree of communication deviation for the second device; compare the first degree of communication deviation with a first deviation range of a plurality of different deviation ranges and compare the second degree of communication deviation with a second deviation range of the plurality of different deviation ranges, wherein each of the deviation ranges is associated with one or more corresponding communication parameters; and cause, based on the comparing, application of one or more communication parameters to communication of the first device and application of one or more communication parameters to communication of the second device. - View Dependent Claims (17, 18, 19, 20)
-
Specification