AUTOMATIC GENERATION AND DISTRIBUTION OF POLICY INFORMATION REGARDING MALICIOUS MOBILE TRAFFIC IN A WIRELESS NETWORK

US 20130031600A1
Filed: 07/11/2012
Published: 01/31/2013
Est. Priority Date: 07/27/2011
Status: Active Grant

First Claim

Patent Images

1. A method for automatically generating and distributing policy information for malicious mobile traffic in a wireless network, the method, comprising:

aggregating suspicious activity information detected across multiple mobile devices in a wireless network;

wherein, the suspicious activity information is detected in mobile application activities occurring on the multiple mobile devices;

generating policy information for malicious mobile traffic using the suspicious activity information;

distributing the policy information among the multiple mobile devices or other mobile devices in the wireless network.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for automatically generating and distributing policy information for malicious mobile traffic in a wireless network are disclosed. One embodiment of a method which can be implemented on a system includes, aggregating suspicious activity information detected across multiple mobile devices in a wireless network, generating policy information for malicious mobile traffic using the suspicious activity information, and/or distributing the policy information among the multiple mobile devices or other mobile devices in the wireless network. The policy information can, for example, be distributed to wireless operators, mobile network carriers, or application service providers.

180 Citations

30 Claims

1. A method for automatically generating and distributing policy information for malicious mobile traffic in a wireless network, the method, comprising:
- aggregating suspicious activity information detected across multiple mobile devices in a wireless network;
  
  wherein, the suspicious activity information is detected in mobile application activities occurring on the multiple mobile devices;
  
  generating policy information for malicious mobile traffic using the suspicious activity information;
  
  distributing the policy information among the multiple mobile devices or other mobile devices in the wireless network.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The method of claim 1, further comprising, distributing the policy information to wireless operators or mobile network carriers
  - 3. The method of claim 1, further comprising, distributing the policy information to application service providers.
  - 4. The method of claim 1, wherein, the suspicious activity information is detected by a mobile operating system on the multiple mobile devices.
  - 5. The method of claim 1, wherein, the suspicious activity information is detected by a client external to the mobile operating system of the multiple mobile devices.
  - 6. The method of claim 1, further comprising, reporting the suspicious activity information to a virus protection entity or a security entity.
  - 7. The method of claim 1, wherein, the policy information includes firewall rules.
  - 8. The method of claim 1, further comprising, enabling a third party to define the policy information.
  - 9. The method of claim 1, wherein, the third party is a mobile operating system.
  - 10. The method of claim 1, wherein, the third party is a mobile operator or wireless carrier.
  - 11. The method of claim 1, wherein, the suspicious activity information includes an identification of potentially offending mobile applications.
  - 12. The system of claim 1, wherein, the policy information includes an identification of the mobile application and firewall rules which prevent the mobile application from accessing the wireless network.
  - 13. The system of claim 1, wherein, the policy information includes an identification of the mobile application and firewall rules which prevent the mobile application from interacting with a user.
  - 14. The system of claim 1, wherein, the policy information includes an identification of the mobile application and firewall rules which prevent the mobile application from requesting a user for personal information.
  - 15. The system of claim 1, wherein, the policy information includes an identification of the mobile application and rules which automatically uninstalls the mobile application.
  - 16. The system of claim 1, wherein, the policy information includes an identification of the mobile application and rules which automatically blocks future installations of the mobile application.

17. A system for automatically generating and distributing policy information for malicious mobile traffic in a wireless network, the system, comprising:
- a proxy server able to aggregating suspicious activity information detected across mobile devices in a wireless network;
  
  wherein, the suspicious activity information is detected in mobile application activities occurring on the multiple mobile devices;
  
  wherein, the proxy server blocks traffic generated by the mobile application activities that is directed to or from the mobile devices;
  
  wherein, the proxy server is physically distinct from the mobile device and able to communicate wirelessly with the mobile device.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 18. The system of claim 17, wherein, the proxy server is able to generate policy information for malicious mobile traffic using the suspicious activity information.
  - 19. The system of claim 17, wherein, the proxy server is able to distribute the policy information among the multiple mobile devices or other mobile devices in the wireless network.
  - 20. The system of claim 17, wherein, the suspicious activity is detected using a security certificate of the traffic.
  - 21. The system of claim 17, wherein, the suspicious activity is detected from traffic which invokes billable activity.
  - 22. The method of claim 17, wherein, the suspicious activity is detected based on a port to or from which the traffic is directed.
  - 23. The system of claim 17, wherein, the proxy server also manages cache on the mobile device.
  - 24. The system of claim 17, wherein, the proxy server is able to use information about requests initiated at the mobile device, to determine whether any of incoming or outgoing traffic from a mobile device to aggregate the suspicious traffic information.
  - 25. The system of claim 17, wherein, the proxy server intercepts or redirects malicious traffic;
    - wherein, the proxy server collects the information about the requests.
  - 26. The system of claim 17, wherein, a local proxy on the mobile devices detects the information about the requests and communicates the information about the requests to the proxy server.
  - 27. The system of claim 17, wherein, the proxy server notifies one or more of multiple entities when the suspicious activity information is detected in mobile application activities.
  - 28. The system of claim 27, wherein, the multiple entities includes, one or more of, a user of the mobile device, the mobile device, an operating system of the mobile device.
  - 29. The system of claim 27, wherein, the multiple entities include, one or more of, a network or cellular service provider, an application service provider, Internet service provider, and content provider.
  - 30. The system of claim 17, wherein, the proxy server uses a blacklist to detect the suspicious activity information;
    - wherein the blacklist is stored on the proxy server and aggregated from analysis of traffic in the wireless network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Seven Networks LLC (SoftBank Group Corp.)
Original Assignee
Seven Networks Inc
Inventors
Luna, Michael, Bott, Ross

Granted Patent

US 9,239,800 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/1
CPC Class Codes

G06F 12/1408   by using cryptography for d...

G06F 21/554   involving event detection a...

G06F 21/56   Computer malware detection ...

G06F 21/60   Protecting data

G06F 2221/2135   Metering

G06F 3/0623   in relation to content

G06F 3/0653   Monitoring storage devices ...

G06F 3/0673   Single storage device

H04W 12/08   Access security

H04W 12/12   Detection or prevention of ...

H04W 12/128   Anti-malware arrangements, ...

AUTOMATIC GENERATION AND DISTRIBUTION OF POLICY INFORMATION REGARDING MALICIOUS MOBILE TRAFFIC IN A WIRELESS NETWORK

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

180 Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

AUTOMATIC GENERATION AND DISTRIBUTION OF POLICY INFORMATION REGARDING MALICIOUS MOBILE TRAFFIC IN A WIRELESS NETWORK

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

180 Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links