Device reputation management
DCFirst Claim
1. A method for determining the trustworthiness of a remotely located, subject device, the method comprising:
- receiving data representing one or more attacks by one or more perpetrating devices;
receiving a request for a reputation of the subject device through a computer network;
determining whether the subject device is one of the perpetrating devices;
retrieving data representing one or more of the attacks that are associated with the subject device;
quantifying a measure of trustworthiness of the subject device from the data representing one or more of the attacks that are associated with the subject device; and
sending data representing the measure of trustworthiness of the subject device in response to the request.
4 Assignments
Litigations
1 Petition
Accused Products
Abstract
A device reputation server recognizes malicious devices used in prior attacks and prevents further attacks by the malicious devices. Server computers require a digital fingerprint of any client devices prior to providing any service to such client devices. Logging of network activity include the digital fingerprint of the device perpetrating the attack. When an attack is detected or discovered, the attacked server reports the attack and the digital fingerprint of the perpetrating device to a device reputation server. The device reputation server uses the report to improve future assessments of the reputation of the device associated with the reported digital fingerprint.
61 Citations
15 Claims
-
1. A method for determining the trustworthiness of a remotely located, subject device, the method comprising:
-
receiving data representing one or more attacks by one or more perpetrating devices; receiving a request for a reputation of the subject device through a computer network; determining whether the subject device is one of the perpetrating devices; retrieving data representing one or more of the attacks that are associated with the subject device; quantifying a measure of trustworthiness of the subject device from the data representing one or more of the attacks that are associated with the subject device; and sending data representing the measure of trustworthiness of the subject device in response to the request. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A non-transitory computer readable medium useful in association with a computer which includes one or more processors and a memory, the computer readable medium including computer instructions which are configured to cause the computer, by execution of the computer instructions in the one or more processors from the memory, to determine the trustworthiness of a remotely located, subject device by at least:
-
receiving data representing one or more attacks by one or more perpetrating devices; receiving a request for a reputation of the subject device through a computer network; determining whether the subject device is one of the perpetrating devices; retrieving data representing one or more of the attacks that are associated with the subject device; quantifying a measure of trustworthiness of the subject device from the data representing one or more of the attacks that are associated with the subject device; and sending data representing the measure of trustworthiness of the subject device in response to the request. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A computer system comprising:
-
at least one processor; a computer readable medium that is operatively coupled to the processor; and device reputation management logic (i) that executes in the processor from the computer readable medium and (ii) that, when executed by the processor, causes the computer to determine the trustworthiness of a remotely located, subject device by at least; receiving data representing one or more attacks by one or more perpetrating devices; receiving a request for a reputation of the subject device through a computer network; determining whether the subject device is one of the perpetrating devices; retrieving data representing one or more of the attacks that are associated with the subject device; quantifying a measure of trustworthiness of the subject device from the data representing one or more of the attacks that are associated with the subject device; and sending data representing the measure of trustworthiness of the subject device in response to the request. - View Dependent Claims (12, 13, 14, 15)
-
Specification