METHOD AND SYSTEM OF ELIMINATING VULNERABILITIES OF A ROUTER

US 20170272459A1
Filed: 05/06/2016
Published: 09/21/2017
Est. Priority Date: 03/18/2016
Status: Active Grant

First Claim

Patent Images

1. A method for eliminating vulnerabilities on a data network including a router for directing data in the data network, the method comprising:

transmitting, by a processor, a request through the data network to obtain access to at least one device communicatively coupled to the data network;

accessing, by the processor, the at least one device to obtain a list of available resources of the at least one device that can be remotely accessed or adjusted by the processor, wherein the list of available resources includes one or both of a parameter or an attribute of the at least one device;

comparing, by the processor, each of the available resources of the at least one device with resource rules in a database to identify at least one network vulnerability of the at least one device that can be exploited by the processor by identifying a resource with a similar vulnerable status in the database;

determining, by the processor, an action for repairing the at least one network vulnerability associated with the one available resource of the at least one device based on comparing of the each of the available resources with the resource rules in the database to identify the resource with the similar vulnerable status in the database; and

transmitting instructions to the at least one device to perform the action for repairing the at least one network vulnerability associated with the one available resource.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system is provided for eliminating vulnerabilities on a data network including a router for directing data in the data network. An example method includes transmitting a request through the data network to obtain access to a device coupled to the data network; accessing the device to obtain a list of available resources of the device; comparing each of the available resources of the device with resource rules in a database to identify network vulnerabilities associated with the available resources and determining an action for repairing the network vulnerabilities associated with the available resources of the device. Furthermore, according to the method, instructions can be transmitted to the device to perform the action for repairing the network vulnerabilities associated with the available resources.

Citations

21 Claims

1. A method for eliminating vulnerabilities on a data network including a router for directing data in the data network, the method comprising:
- transmitting, by a processor, a request through the data network to obtain access to at least one device communicatively coupled to the data network;
  
  accessing, by the processor, the at least one device to obtain a list of available resources of the at least one device that can be remotely accessed or adjusted by the processor, wherein the list of available resources includes one or both of a parameter or an attribute of the at least one device;
  
  comparing, by the processor, each of the available resources of the at least one device with resource rules in a database to identify at least one network vulnerability of the at least one device that can be exploited by the processor by identifying a resource with a similar vulnerable status in the database;
  
  determining, by the processor, an action for repairing the at least one network vulnerability associated with the one available resource of the at least one device based on comparing of the each of the available resources with the resource rules in the database to identify the resource with the similar vulnerable status in the database; and
  
  transmitting instructions to the at least one device to perform the action for repairing the at least one network vulnerability associated with the one available resource.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the at least one device is the router, the method further comprising:
    - accessing, by the processor, a web interface of the router by obtaining a web page and parsing elements of the web page based on a document object model; and
      
      using the web interface of the router to obtain the list of available resources of the router.
  - 3. The method of claim 2, further comprising transmitting instructions to the router to repairing the at least one network vulnerability by adjusting settings of a file of the router by changing the file.
  - 4. The method of claim 2, further comprising transmitting instructions to the router to repairing the at least one network vulnerability by adjusting through the web interface of the router.
  - 5. The method of claim 1, wherein the accessing, by the processor, of the at least one device comprises at least one of obtaining web access to the at least one device, accessing the at least one device through a universal plug and play protocol, accessing the at least one device through a file transfer by a network address of the at least one device in the data network;
    - accessing the at least one device through a remote administration protocol, and accessing the at least one device by a secure shell protocol.
  - 6. The method of claim 1, wherein the transmitting of the request through the data network comprises transmitting the request to the router that redirects the request to a plurality of devices communicatively coupled to the data network via the router.
  - 7. The method of claim 1, wherein the list of available resources includes at least one of the following passwords, remote administration, domain name system settings, network ports, Wi-Fi settings, and installed firewalls.

8. A system for eliminating vulnerabilities on a data network including a router for directing data in the data network, the system comprising:
- at least one database that stores resource rules relating to network vulnerabilities and actions for repairing the network vulnerabilities; and
  
  a processor configured to;
  
  transmit a request through the data network to obtain access to at least one device communicatively coupled to the data network,access the at least one device to obtain a list of available resources of the at least one device that can be remotely accessed or adjusted by the processor, wherein the list of available resources includes one or both of a parameter or an attribute of the at least one device,compare each of the available resources of the at least one device with resource rules in the at least one database to identify at least one network vulnerability of the at least one device that can be exploited by the processor by identifying a resource with a similar vulnerable status in the database,identify the action for repairing the at least one network vulnerability associated with the one available resource of the at least one device based on comparison of the each of the available resources with the resource rules in the database to identify the resource with the similar vulnerable status in the database, andtransmit instructions to the at least one device to perform the action for repairing the at least one network vulnerability associated with the one available resource.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8, wherein the at least one device is the router, the processor is further configured to:
    - access a web interface of the router by obtaining a web page and parsing elements of the web page based on a document object model, anduse the web interface of the router to obtain the list of available resources of the router.
  - 10. The system of claim 9, wherein the processor is further configured to transmit instructions to the router to repairing the at least one network vulnerability by adjusting settings of a file of the router by changing the file.
  - 11. The system of claim 9, wherein the processor is further configured to transmit instructions to the router to repairing the at least one network vulnerability by adjusting through the web interface of the router.
  - 12. The system of claim 8, wherein the processor is further configured to access the at least one device by at least one of obtaining web access to the at least one device, accessing the at least one device through a universal plug and play protocol, accessing the at least one device through a file transfer by a network address of the at least one device in the data network;
    - accessing the at least one device through a remote administration protocol, and accessing the at least one device by a secure shell protocol.
  - 13. The system of claim 8, wherein the processor is further configured to transmit the request through the data network by transmitting the request to the router that redirects the request to a plurality of devices communicatively coupled to the data network via the router.
  - 14. The system of claim 8, wherein the list of available resources includes at least one of the following passwords, remote administration, domain name system settings, network ports, Wi-Fi settings, and installed firewalls.

15. A non-transitory computer readable medium storing computer executable instructions for eliminating vulnerabilities on a data network including a router for directing data in the data network, including instructions for:
- transmitting a request through the data network to obtain access to at least one device communicatively coupled to the data network;
  
  accessing the at least one device to obtain a list of available resources of the at least one device that can be remotely accessed or adjusted, wherein the list of available resources includes one or both of a parameter or an attribute of the at least one device;
  
  comparing each of the available resources of the at least one device with resource rules in a database to identify at least one network vulnerability of the at least one device that can be exploited by identifying a resource with a similar vulnerable status in the database;
  
  determining an action for repairing the at least one network vulnerability associated with the one available resource of the at least one device based on comparing of the each of the available resources with the resource rules in the database to identify the resource with the similar vulnerable status in the database; and
  
  transmitting instructions to the at least one device to perform the action for repairing the at least one network vulnerability associated with the one available resource.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The non-transitory computer readable medium of claim 15, wherein the at least one device is the router and the computer executable instructions further including instructions for:
    - accessing a web interface of the router by obtaining a web page and parsing elements of the web page based on a document object model; and
      
      using the web interface of the router to obtain the list of available resources of the router.
  - 17. The non-transitory computer readable medium of claim 16, further including instructions for transmitting instructions to the router to repairing the at least one network vulnerability by adjusting settings of a file of the router by changing the file.
  - 18. The non-transitory computer readable medium of claim 16, further including instructions for transmitting instructions to the router to repairing the at least one network vulnerability by adjusting through the web interface of the router.
  - 19. The non-transitory computer readable medium of claim 15, wherein the instructions for accessing the at least one device comprises at least one of obtaining web access to the at least one device, accessing the at least one device through a universal plug and play protocol, accessing the at least one device through a file transfer by a network address of the at least one device in the data network;
    - accessing the at least one device through a remote administration protocol, and accessing the at least one device by a secure shell protocol.
  - 20. The non-transitory computer readable medium of claim 15, wherein the instructions for transmitting of the request through the data network comprises instructions for transmitting the request to the router that redirects the request to a plurality of devices communicatively coupled to the data network via the router.
  - 21. The non-transitory computer readable medium of claim 15, wherein the list of available resources includes at least one of the following passwords, remote administration, domain name system settings, network ports, Wi-Fi settings, and installed firewalls.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lab A.O. Kaspersky
Original Assignee
Lab A.O. Kaspersky
Inventors
Rusakov, Vyacheslav E., Janus, Marta Anna

Granted Patent

US 9,787,710 B1
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 16/951   Indexing; Web crawling tech...

G06F 40/221   Parsing markup language str...

H04L 49/351   for local area network [LAN...

H04L 63/1433   Vulnerability analysis

H04L 63/20   for managing network securi...

METHOD AND SYSTEM OF ELIMINATING VULNERABILITIES OF A ROUTER

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND SYSTEM OF ELIMINATING VULNERABILITIES OF A ROUTER

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links