MOBILE BOTNET MITIGATION
First Claim
Patent Images
1. A method for botnet mitigation in a wireless network, comprising:
- analyzing data traffic in the wireless network;
detecting at least one device, operable on the wireless network, that is engaging in bot behavior;
generating a profile for the bot behavior; and
communicating the profile to the at least one mobile device that is engaging in the bot behavior.
1 Assignment
0 Petitions
Accused Products
Abstract
Mitigation of bot networks in wireless networks and/or on mobile devices is provided. A botnet detection component is provided that inspects data traffic and data flows on the wireless network to identify mobile devices that are suspected of behaving as bots. A traffic profile of the suspected bot behavior can be generated and forwarded to the mobile devices that are suspected of behaving as bots. The mobile device can correlate data traffic on the device to the traffic profile in order to identify applications responsible for the suspected bot behavior, and remove the identified applications.
-
Citations
20 Claims
-
1. A method for botnet mitigation in a wireless network, comprising:
-
analyzing data traffic in the wireless network; detecting at least one device, operable on the wireless network, that is engaging in bot behavior; generating a profile for the bot behavior; and communicating the profile to the at least one mobile device that is engaging in the bot behavior. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for botnet mitigation, comprising:
-
an analysis component configured to monitor data flows in a network, and identify at least one device exhibiting bot behavior; a profile generation component configured to produce a traffic profile of the bot behavior; and an alert component configured to send the traffic profile of the bot behavior to the at least one device exhibiting the bot behavior. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
-
-
16. A communications device, comprising:
-
an information acquisition component configured to obtain at least one profile of bot behavior occurring on the communications device; a detection component configured to inspect data traffic on the communications device, and configured to compare the data traffic to the at least one profile of bot behavior; and a protection component configured to at least one of;
erase at least one application from the communications device identified as generating the data traffic correlating to the at least one profile of bot behavior, or perform automatic mitigation including at least one of selectively dropping at least one data packet generated via the at least one application, quarantining the at least one application, or blocking user access to the at least one application. - View Dependent Claims (17, 18, 19, 20)
-
Specification