WIRELESS INTRUSION PREVENTION SYSTEM AND METHOD
First Claim
Patent Images
1. A network device, comprising:
- a network interface configured to receive an indication from a mobile device that the mobile device has detected malicious network activity originating from a source Internet protocol (IP) address, wherein the mobile device is separate from the network device; and
a mitigation agent configured to detect packets originating from the source IP address and to drop packets originating from the source IP address.
3 Assignments
0 Petitions
Accused Products
Abstract
A wireless intrusion prevention system and method to prevent, detect, and stop malware attacks is presented. The wireless intrusion prevention system monitors network communications for events characteristic of a malware attack, correlates a plurality of events to detect a malware attack, and performs mitigating actions to stop the malware attack.
42 Citations
8 Claims
-
1. A network device, comprising:
-
a network interface configured to receive an indication from a mobile device that the mobile device has detected malicious network activity originating from a source Internet protocol (IP) address, wherein the mobile device is separate from the network device; and a mitigation agent configured to detect packets originating from the source IP address and to drop packets originating from the source IP address. - View Dependent Claims (2)
-
-
3. A system comprising:
-
a network device comprising a mitigation agent configured to trigger a mitigating action in response to detected malicious events; and a mobile device, separate from the network device, the mobile device comprising a detection agent configured to detect a malicious event from network traffic received by the mobile device, to determine a source Internet protocol (IP) address for the malicious event, and to provide an indication of the source IP address to the mitigation agent of the network device, wherein the mitigation agent is configured to drop packets originating from the source IP address and to instruct one or more additional mitigation agents of one or more additional network devices, separate from the network device and the mobile device, to drop packets originating from the source IP address, in response to the indication from the mobile device. - View Dependent Claims (4)
-
-
5. A method comprising:
-
receiving, by a network device, an indication from a mobile device that the mobile device has detected malicious network activity originating from a source Internet protocol (IP) address, wherein the mobile device is separate from the network device; detecting packets originating from the source IP address; and dropping the detected packets originating from the source IP address. - View Dependent Claims (6)
-
-
7. A non-transitory computer-readable storage medium comprising instructions that, when executed, cause a processor of a network device to:
-
receive an indication from a mobile device that the mobile device has detected malicious network activity originating from a source Internet protocol (IP) address, wherein the mobile device is separate from the network device; detect packets originating from the source IP address; and drop the detected packets originating from the source IP address. - View Dependent Claims (8)
-
Specification