SPOOFING PROTECTION PROTOCOL FOR NETWORK-CONNECTED THINGS
First Claim
1. A system including instructions recorded on a non-transitory computer-readable storage medium, and executable by at least one processor, the system comprising:
- a protocol controller configured to cause the at least one processor to execute a spoofing protection protocol for verifying a message received over a network from a network-connected thing, in the presence of a spoofed message transmitted from a spoofed thing illicitly representing the network-connected thing, the protocol controller including a message handler configured to implement the spoofing protection protocol includingreceiving a message identified as originating from the network-connected thing;
executing a verification of a transmission characteristic of the message against an expected transmission characteristic previously stored with respect to the network-connected thing within a transmission characteristic repository, anddetermining whether the message originated from the network-connected thing, based on the verification.
1 Assignment
0 Petitions
Accused Products
Abstract
A protocol controller may execute a spoofing protection protocol for verifying a message received over a network from a network-connected thing, in the presence of a spoofed message transmitted from a spoofed thing illicitly representing the network-connected thing. The protocol controller may include a message handler configured to implement the spoofing protection protocol, including receiving a message identified as originating from the network-connected thing, executing a verification of a transmission characteristic of the message against an expected transmission characteristic previously stored with respect to the network-connected thing within a transmission characteristic repository, and determining whether the message originated from the network-connected thing, based on the verification.
24 Citations
20 Claims
-
1. A system including instructions recorded on a non-transitory computer-readable storage medium, and executable by at least one processor, the system comprising:
-
a protocol controller configured to cause the at least one processor to execute a spoofing protection protocol for verifying a message received over a network from a network-connected thing, in the presence of a spoofed message transmitted from a spoofed thing illicitly representing the network-connected thing, the protocol controller including a message handler configured to implement the spoofing protection protocol including receiving a message identified as originating from the network-connected thing; executing a verification of a transmission characteristic of the message against an expected transmission characteristic previously stored with respect to the network-connected thing within a transmission characteristic repository, and determining whether the message originated from the network-connected thing, based on the verification. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer-implemented method for executing instructions stored on a non-transitory computer readable storage medium, the method comprising:
-
establishing, with a network-connected thing, an expected plurality of time windows in which messages from the network-connected thing are expected to be received; establishing, with the network-connected thing, an expected location parameter of the network-connected thing; receiving a message identified as originating from the network-connected thing and identified as potentially being a spoofed message transmitted from a spoofed thing illicitly representing the network-connected thing; selecting one or both of the expected plurality of time windows and the expected location parameter; and executing a verification of the message as originating from the network-connected thing, based on the selecting. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A computer program product, the computer program product being tangibly embodied on a non-transitory computer-readable storage medium and comprising instructions that, when executed, are configured to cause at least one computing device to:
-
store a spoofing protection protocol specifying at least one transmission characteristic of at least one message to be sent by a network-connected thing; receive, in accordance with the spoofing protection protocol, a message identified as originating from the network-connected thing and identified as potentially being a spoofed message transmitted from a spoofed thing illicitly representing the network-connected thing; select, based on the message and in accordance with the spoofing protection protocol, the at least one transmission characteristic as including one or both of an expected plurality of time windows in which messages from the network-connected thing are expected to be received and an expected location parameter of the network-connected thing; verify whether the at least one transmission characteristic complies with the spoofing protection protocol; and send, in a case where the transmission characteristic does not comply with the spoofing protection protocol, a backchannel message to the network-connected thing to verify an identify thereof. - View Dependent Claims (17, 18, 19, 20)
-
Specification