Method and System for Mobile Network Security, Related Network and Computer Program Product
1 Assignment
0 Petitions
Accused Products
Abstract
A honeypot system for protecting a mobile communication network against malware includes one or more user-less mobile devices including a monitoring module for monitoring the events conveying software applications in the associated mobile device as well as a controller client module that emulates human-like interaction with the user-less devices as a function of the events monitored. The system controllably performs, for the applications conveyed by the events monitored, one or more of the following steps: i) installing the application on the device; ii) executing the application installed on the device; and iii) de-installing the application from the- device. After any of these steps, the state of the device is checked in order to detect if any anomalous variation has occurred in the state of the device indicative of the device being exposed to the risk of malware. If any anomalous variation is detected, the system issues a malware alert message.
-
Citations
50 Claims
-
1-25. -25. (canceled)
-
26. A method of protecting a mobile communication network against malware, comprises the step of providing in said network a honeypot function by:
-
monitoring, in at least one mobile device operatively connectable to said network, events conveying applications in said at least one mobile device; defining a set of anomalous variations in the state of said at least one device, wherein the anomalous variations in said set are indicative of said at least one device being exposed to the risk of malware; emulating a human-like interaction with said at least one device as a function of said events monitored, wherein said human-like interaction comprises controllably performing, for the applications conveyed by said events monitored, at least part of the sequence comprising the steps of; i) installing the application on said at least one device; ii) executing the application installed on said at least one device; and iii) de-installing the application from said at least one device; checking, after any of the steps performed in said sequence, the state of said at least one device to detect if any of said anomalous variations in said set has occurred in the state of said at least one device; and if any said anomalous variation is detected, issuing a malware alert message. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 50)
-
-
37. A honeypot system for protecting a mobile communication network against malware, comprising:
-
at least one mobile device operatively connectable to said network, said mobile device comprising a monitoring module for monitoring events conveying applications in said mobile device and a controller module for collecting events monitored by said monitoring module; and a computer host comprising a controller client module for emulating a human-like interaction with said at least one device as a function of said collected events, wherein said human-like interaction comprises controllably performing, for the applications conveyed by said events monitored, at least part of the sequence comprising the steps of; i) installing an application on said at least one device; ii) executing the application installed on said at least one device; and iii) de-installing the application from said at least one device; the system being configured for checking, after any of the steps performed in said sequence, a state of said at least one device to detect if any anomalous variation has occurred in the state of said at least one device indicative of said at least one device being exposed to a risk of malware, and issuing a malware alert message if any said anomalous variation is detected. - View Dependent Claims (38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49)
-
Specification