Platform for analyzing the security of communication protocols and channels

US 20070174917A1
Filed: 02/10/2006
Published: 07/26/2007
Est. Priority Date: 03/15/2005
Status: Active Grant

First Claim

Patent Images

1. A method for analyzing a security of a device under analysis (DUA), comprising:

attacking the DUA;

observing a response of the DUA to the attack; and

determining whether the DUA includes a security vulnerability.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A security analyzer tests the security of a device by attacking the device and observing the device'"'"'s response. Attacking the device includes sending one or more messages to the device. A message can be generated by the security analyzer or generated independently of the security analyzer. The security analyzer uses various methods to identify a particular attack that causes a device to fail or otherwise alter its behavior. Monitoring includes analyzing data (other than messages) output from the device in response to an attack. Packet processing analysis includes analyzing one or more messages generated by the device in response to an attack. Instrumentation includes establishing a baseline snapshot of the device'"'"'s state when it is operating normally and then attacking the device in multiple ways while obtaining snapshots periodically during the attacks.

106 Citations

View as Search Results

20 Claims

1. A method for analyzing a security of a device under analysis (DUA), comprising:
- attacking the DUA;
  
  observing a response of the DUA to the attack; and
  
  determining whether the DUA includes a security vulnerability.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The method of claim 1, wherein attacking the DUA comprises sending a test message to the DUA.
  - 3. The method of claim 2, further comprising receiving the test message.
  - 4. The method of claim 2, further comprising generating the test message.
  - 5. The method of claim 4, wherein generating the test message comprises generating the test message based on a self-describing message format.
  - 6. The method of claim 1, further comprising determining a probability that the attack caused a fault.
  - 7. The method of claim 1, wherein attacking the DUA comprises sending, substantially simultaneously, a plurality of test messages to the DUA.
  - 8. The method of claim 1, wherein the response of the DUA to the attack comprises the DUA generating a response message.
  - 9. The method of claim 8, wherein the response message comprises a log message.
  - 10. The method of claim 8, wherein observing the response of the DUA to the attack comprises receiving the response message.
  - 11. The method of claim 10, further comprising displaying the response message.
  - 12. The method of claim 10, wherein determining whether the DUA includes the security vulnerability comprises analyzing the response message.
  - 13. The method of claim 1, wherein determining whether the DUA includes the security vulnerability comprises executing a command on the DUA.
  - 14. The method of claim 1, further comprising restarting the DUA.
  - 15. The method of claim 14, wherein restarting the DUA comprises power cycling the DUA.
  - 16. The method of claim 14, wherein restarting the DUA comprises shutting down the DUA.
  - 17. The method of claim 1, wherein the DUA comprises a software application.
  - 18. The method of claim 1, wherein the DUA comprises a device.

19. A method for analyzing a security of a device under analysis (DUA), comprising:
- sending an instrumentation message to the DUA;
  
  observing a first response of the DUA to the instrumentation message;
  
  attacking the DUA in multiple ways;
  
  sending the instrumentation message to the DUA; and
  
  observing a second response of the DUA to the instrumentation message.
- View Dependent Claims (20)
- - 20. The method of claim 19, wherein attacking the DUA in multiple ways comprises sending a plurality of test messages to the DUA.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Spirent Communications Incorporated
Original Assignee
Mu Dynamics, Inc.
Inventors
Guruswamy, Kowsik

Granted Patent

US 8,095,983 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/25
CPC Class Codes

G06F 21/577 Assessing vulnerabilities a...

H04L 63/1433 Vulnerability analysis

Platform for analyzing the security of communication protocols and channels

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

106 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Platform for analyzing the security of communication protocols and channels

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

106 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links