Automated wireless vulnerability assessment using hand-held wireless devices

US 8,925,049 B2
Filed: 11/18/2011
Issued: 12/30/2014
Est. Priority Date: 11/18/2011
Status: Active Grant

First Claim

Patent Images

1. A method for assessing network vulnerabilities for a secure target wireless network, comprising:

attempting to access the secure target wireless network via one or more wireless access points that provide access to the secure target wireless network with a hand-held wireless device;

recovering a plurality of individual commonly-used authentication passwords from a list of commonly-used authentication passwords stored in the hand-held wireless device;

automatically applying, with the hand-held wireless device programmed to employ common authentication protocols, each of the plurality of individual commonly-used authentication passwords to attempt to connect to the secure target wireless network via the one or more wireless access points;

automatically scanning the secure target wireless network with the hand-held wireless device to collect data on the secure target wireless network;

collecting information, with the hand-held wireless device, regarding relative signal strengths of signals from the one or more wireless access points;

storing the collected data and the collected information regarding the relative signal strengths in the hand-held wireless device;

analyzing the stored data and the stored information to produce an assessment of a vulnerability of the secure target wireless network to intrusion; and

outputting the results of the analysis in a usable format for a user,the hand-held wireless device being programmed to autonomously undertake all of the attempting to access, recovering, automatically applying, automatically scanning, collecting, storing, analyzing and outputting.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method are provided for employing a hand-held wireless device to assess a vulnerability of a wirelessly-accessible target network to intrusion and/or cyber-attack. The system and method are directed at providing discrete, covert and fully-automated wireless access to the target network via one or more wireless access points and to assessing characteristic of the one or more wireless access points and the target network in support of a vulnerability assessment. The hand-held wireless device is configured to collect appropriate data regarding the wirelessly-accessible network, including network and portal scans, and higher-level programmed data collection. The hand-held wireless device is further configured to analyze the collected data and to produce at least a first level vulnerability assessment of the target network without interaction by the user.

26 Citations

View as Search Results

17 Claims

1. A method for assessing network vulnerabilities for a secure target wireless network, comprising:
- attempting to access the secure target wireless network via one or more wireless access points that provide access to the secure target wireless network with a hand-held wireless device;
  
  recovering a plurality of individual commonly-used authentication passwords from a list of commonly-used authentication passwords stored in the hand-held wireless device;
  
  automatically applying, with the hand-held wireless device programmed to employ common authentication protocols, each of the plurality of individual commonly-used authentication passwords to attempt to connect to the secure target wireless network via the one or more wireless access points;
  
  automatically scanning the secure target wireless network with the hand-held wireless device to collect data on the secure target wireless network;
  
  collecting information, with the hand-held wireless device, regarding relative signal strengths of signals from the one or more wireless access points;
  
  storing the collected data and the collected information regarding the relative signal strengths in the hand-held wireless device;
  
  analyzing the stored data and the stored information to produce an assessment of a vulnerability of the secure target wireless network to intrusion; and
  
  outputting the results of the analysis in a usable format for a user,the hand-held wireless device being programmed to autonomously undertake all of the attempting to access, recovering, automatically applying, automatically scanning, collecting, storing, analyzing and outputting.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the method is initiated on a manual signal from the user via a user interface in the hand-held wireless device.
  - 3. The method of claim 2, further comprising automatically terminating the automatically scanning the target network and the storing the collected data based on a predetermined period of time elapsing from initiation of the method by the user.
  - 4. The method of claim 1, wherein:
    - the accessing, the automatically scanning and the storing are accomplished autonomously by the hand-held wireless device, andthe analyzing of the stored data and the outputting of the results are accomplished by a remote computing device communicating with the hand-held wireless device.
  - 5. The method of claim 1, wherein the collected data includes-security implementations for the one or more wireless access points.
  - 6. The method of claim 5, wherein the collected data further includes Wired Equivalent Privacy cracking.
  - 7. The method of claim 1, wherein:
    - the hand-held wireless device is one of a smartphone, a tablet and a PDA, andthe hand-held wireless device is a stand-alone device for performing all of the steps of the method.

8. A hand-held wireless device for assessing network vulnerabilities for a secure target wireless network, comprising:
- an external data communication interface configured as a receiver for receiving wireless signals passively from one or more wireless access points that provide access to one or more secure target wireless networks;
  
  a storage device that stores a list of commonly-used authentication passwords;
  
  a processor that is programmed to(1) direct a process for automatically scanning the one or more secure target wireless networks with the hand-held wireless device,(2) recover a plurality of individual commonly-used authentication passwords from the store list of commonly-used authentication passwords,(3) direct automatic attempts to connect via the one or more wireless access points using common authentication protocols, each of the plurality commonly-used authentication passwords being automatically applied in the automatic attempts to connect to the secure target wireless network via the one or more wireless access points,(4) collect data on at least one of the one or more wireless access points and the one or more secure target wireless networks to support a vulnerability assessment of the one or more secure target wireless networks to intrusion,(5) collect information regarding relative signal strengths of signals from the one or more wireless access points,(6) store the collected data and the collected information regarding relative signal strengths in the storage device, and(7) analyze the stored collected data and the stored collected information to produce the vulnerability assessment for the one or more secure target wireless networks; and
  
  an output device that outputs a result of the vulnerability assessment to a user of the hand-held wireless device.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16)
- - 9. The hand-held wireless device of claim 8, wherein the output device further comprises a display device for locally displaying the result of the vulnerability assessment.
  - 10. The hand-held wireless device of claim 8, wherein the hand-held device is one of a smartphone, a tablet or a PDA.
  - 11. The hand-held device of claim 8, further comprising a user interface by which the user provides a manual signal to the processor to initiate the process.
  - 12. The hand-held device of claim 11, wherein the processor is further programmed to automatically terminate the process for the automatically scanning based on a predetermined period of time elapsing from initiation of the process by the user.
  - 13. The hand-held device of claim 8, wherein:
    - the output device outputs the stored collected data via a wireless connection to a remote server, andthe remote server includes at least an analyzing device that analyzes the output stored collected data to produce the vulnerability assessment of the one or more secure target wireless networks.
  - 14. The hand-held device of claim 8, wherein the collected data further includes security implementations for the one or more wireless access points.
  - 15. The hand-held device of claim 14, wherein the collected data further includes Wired Equivalent Privacy cracking.
  - 16. The hand-held wireless device of claim 8, wherein the hand-held wireless device is a stand-alone device for autonomously performing all steps of data collection and analysis supporting the vulnerability assessment of the target network.

17. A non-transitory computer-readable medium storing instructions which, when executed by a processor in a hand-held wireless device, cause the processor to execute a method for assessing network vulnerabilities for a secure target wireless network, comprising:
- attempting to access the secure target wireless network via one or more wireless access points that provide access to the secure target wireless network with a hand-held wireless device;
  
  recovering a plurality of individual commonly-used authentication passwords from a list of commonly-used authentication passwords stored in the hand-held wireless device;
  
  automatically applying each of the plurality of individual commonly-used authentication passwords to attempt to connect to the secure target wireless network via the one or more wireless access points;
  
  automatically scanning the secure target wireless network with the hand-held wireless device to collect data on the secure target wireless network;
  
  collecting information regarding relative signal strengths of signals from the one or more wireless access points;
  
  storing the collected data and the collected information regarding the relative signal strengths in the hand-held wireless device;
  
  analyzing the stored data and the stored information to produce an assessment of a vulnerability of the secure target wireless network to intrusion; and
  
  outputting results of the analysis in a usable format for a user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lockheed Martin Corporation (Martin Marietta Corporation)
Original Assignee
Lockheed Martin Corporation (Martin Marietta Corporation)
Inventors
Morrison, John S., Roach, Kyle J.
Primary Examiner(s)
Siddiqi, Mohammad A

Application Number

US13/300,020
Publication Number

US 20130133044A1
Time in Patent Office

1,138 Days
Field of Search

726/2, 726/25, 726/5, 726/24, 726/23, 726/1, 726/26, 455/67.11, 455/411, 455/522
US Class Current

726/5
CPC Class Codes

G06F 21/577   Assessing vulnerabilities a...

H04L 63/1433   Vulnerability analysis

H04W 12/08   Access security

H04W 24/08   Testing, supervising or mon...

Automated wireless vulnerability assessment using hand-held wireless devices

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

26 Citations

17 Claims

Specification

Use Cases

Quick Links

Others

Automated wireless vulnerability assessment using hand-held wireless devices

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

26 Citations

17 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others