Device reputation management

US 8,881,273 B2
Filed: 12/03/2012
Issued: 11/04/2014
Est. Priority Date: 12/02/2011
Status: Active Grant

- Alert
- Pin

First Claim

Patent Images

1. A method for determining the trustworthiness of a remotely located, subject device, the method comprising:

receiving data representing one or more attacks by one or more perpetrating devices;

receiving a request for a reputation of the subject device through a computer network;

determining whether the subject device is one of the perpetrating devices;

retrieving data representing one or more of the attacks that are associated with the subject device;

quantifying a measure of trustworthiness of the subject device from the data representing one or more of the attacks that are associated with the subject device; and

sending data representing the measure of trustworthiness of the subject device in response to the request.

View all claims

4 Assignments

Timeline View

Assignment View

Litigations

1 Petition

Accused Products

Abstract

A device reputation server recognizes malicious devices used in prior attacks and prevents further attacks by the malicious devices. Server computers require a digital fingerprint of any client devices prior to providing any service to such client devices. Logging of network activity include the digital fingerprint of the device perpetrating the attack. When an attack is detected or discovered, the attacked server reports the attack and the digital fingerprint of the perpetrating device to a device reputation server. The device reputation server uses the report to improve future assessments of the reputation of the device associated with the reported digital fingerprint.

61 Citations

View as Search Results

15 Claims

1. A method for determining the trustworthiness of a remotely located, subject device, the method comprising:
- receiving data representing one or more attacks by one or more perpetrating devices;
  
  receiving a request for a reputation of the subject device through a computer network;
  
  determining whether the subject device is one of the perpetrating devices;
  
  retrieving data representing one or more of the attacks that are associated with the subject device;
  
  quantifying a measure of trustworthiness of the subject device from the data representing one or more of the attacks that are associated with the subject device; and
  
  sending data representing the measure of trustworthiness of the subject device in response to the request.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1 wherein the subject device and the perpetrating devices are each identified by respective unique digital fingerprints.
  - 3. The method of claim 1 wherein the data representing one or more attacks by one or more perpetrating devices includes digital fingerprints of the perpetrating devices.
  - 4. The method of claim 1 wherein the data representing one or more attacks by one or more perpetrating devices includes excerpts of logs of network activity.
  - 5. The method of claim 1 wherein the data representing one or more attacks by one or more perpetrating devices includes time stamps indicating the time of each of the attacks.

6. A non-transitory computer readable medium useful in association with a computer which includes one or more processors and a memory, the computer readable medium including computer instructions which are configured to cause the computer, by execution of the computer instructions in the one or more processors from the memory, to determine the trustworthiness of a remotely located, subject device by at least:
- receiving data representing one or more attacks by one or more perpetrating devices;
  
  receiving a request for a reputation of the subject device through a computer network;
  
  determining whether the subject device is one of the perpetrating devices;
  
  retrieving data representing one or more of the attacks that are associated with the subject device;
  
  quantifying a measure of trustworthiness of the subject device from the data representing one or more of the attacks that are associated with the subject device; and
  
  sending data representing the measure of trustworthiness of the subject device in response to the request.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The non-transitory computer readable medium of claim 6 wherein the subject device and the perpetrating devices are each identified by respective unique digital fingerprints.
  - 8. The non-transitory computer readable medium of claim 6 wherein the data representing one or more attacks by one or more perpetrating devices includes digital fingerprints of the perpetrating devices.
  - 9. The non-transitory computer readable medium of claim 6 wherein the data representing one or more attacks by one or more perpetrating devices includes excerpts of logs of network activity.
  - 10. The non-transitory computer readable medium of claim 6 wherein the data representing one or more attacks by one or more perpetrating devices includes time stamps indicating the time of each of the attacks.

11. A computer system comprising:
- at least one processor;
  
  a computer readable medium that is operatively coupled to the processor; and
  
  device reputation management logic (i) that executes in the processor from the computer readable medium and (ii) that, when executed by the processor, causes the computer to determine the trustworthiness of a remotely located, subject device by at least;
  
  receiving data representing one or more attacks by one or more perpetrating devices;
  
  receiving a request for a reputation of the subject device through a computer network;
  
  determining whether the subject device is one of the perpetrating devices;
  
  retrieving data representing one or more of the attacks that are associated with the subject device;
  
  quantifying a measure of trustworthiness of the subject device from the data representing one or more of the attacks that are associated with the subject device; and
  
  sending data representing the measure of trustworthiness of the subject device in response to the request.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The computer system of claim 11 wherein the subject device and the perpetrating devices are each identified by respective unique digital fingerprints.
  - 13. The computer system of claim 11 wherein the data representing one or more attacks by one or more perpetrating devices includes digital fingerprints of the perpetrating devices.
  - 14. The computer system of claim 11 wherein the data representing one or more attacks by one or more perpetrating devices includes excerpts of logs of network activity.
  - 15. The computer system of claim 11 wherein the data representing one or more attacks by one or more perpetrating devices includes time stamps indicating the time of each of the attacks.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Uniloc 2017 LLC (SoftBank Group Corp.)
Original Assignee
Uniloc Luxembourg S.à r.l. (f/k/a Uniloc Luxembourg S.A.) (Uniloc Corporation Pty. Limited)
Inventors
Etchegoyen, Craig S.
Primary Examiner(s)
Eskandarnia, Arvin

Application Number

US13/692,857
Publication Number

US 20130167230A1
Time in Patent Office

701 Days
Field of Search

726/22
US Class Current

726/22
CPC Class Codes

G06F 21/552   involving long-term monitor...

G06F 21/57   Certifying or maintaining t...

G06F 2221/2129   Authenticate client device ...

G06F 2221/2151   Time stamp

Device reputation management

First Claim

4 Assignments

Litigations

1 Petition

Accused Products

Abstract

61 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Device reputation management

First Claim

4 Assignments

Subscription Required

Subscription Required

Litigations

1 Petition

Subscription Required

Accused Products

Subscription Required

Abstract

61 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links