MOBILE MALICIOUS SOFTWARE MITIGATION
First Claim
1. A method for malicious software mitigation in a wireless network, comprising:
- receiving an internet protocol address that is exhibiting malicious software behavior, and a profile of the malicious software behavior being exhibited;
comparing the internet protocol address to a set of mobility logs maintaining information about activities of a set of devices associated with the wireless network; and
determining an identity of a device associated with the internet protocol address based on the comparing.
1 Assignment
0 Petitions
Accused Products
Abstract
Mitigation of malicious software in wireless networks and/or on mobile devices is provided. A mobile malicious software mitigation component is provided that obtains an internet protocol address that is exhibiting malicious software behavior, a profile of the malicious software behavior, and a time of the malicious software behavior. The malicious software mitigation component can determine an identity of a mobile device that was assigned the internet protocol address during the time it was exhibiting malicious software behavior, and transmit the profile to the mobile device. In addition, the malicious software mitigation component determine if the duration of the assignment of the internet protocol address to the mobile device is sufficient for positive identification.
-
Citations
20 Claims
-
1. A method for malicious software mitigation in a wireless network, comprising:
-
receiving an internet protocol address that is exhibiting malicious software behavior, and a profile of the malicious software behavior being exhibited; comparing the internet protocol address to a set of mobility logs maintaining information about activities of a set of devices associated with the wireless network; and determining an identity of a device associated with the internet protocol address based on the comparing. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system for malicious software mitigation in a network, comprising:
-
an alert acquisition component configured to receive an internet protocol address that is engaging in malicious software behavior, a profile of the malicious software behavior, and a time frame when the internet protocol address was engaging in the malicious software behavior; a correlation component configured to analyze a set of logs that maintain records regarding activities of a set of devices associated with the wireless network, and configured to determine an identifying characteristic of a mobile device that was assigned the internet protocol address during the time frame the internet protocol address was engaging in the malicious software behavior; and a communication component configured to send the profile to the mobile device. - View Dependent Claims (13, 14, 15, 16, 17)
-
-
18. A method for malicious software mitigation in a wireless network, comprising:
-
receiving, from a core network, an internet protocol address that is exhibiting bot behavior, a profile of the bot behavior, and a time when the internet protocol address was exhibiting the bot behavior; analyzing a set of mobility logs maintaining internet protocol address assignments by a mobility network and determining that a device in a set of devices associated with the wireless network was assigned the internet protocol address at the time the internet protocol address was exhibiting the bot behavior; determining an identity of the device based on the analyzing; and
communicating the profile to the device. - View Dependent Claims (19, 20)
-
Specification