System and method of reporting and visualizing malware on mobile networks
First Claim
Patent Images
1. A system that monitors malware within a mobile network, comprising:
- a receiver component that obtains data regarding the malware transferred to a plurality of different mobile devices operating in the mobile network, the data comprising;
a first set of malware data, obtained from a first source positioned in the mobile network that monitors network data containing a first plurality of applications transferred to at least a first mobile device of the mobile devices and that scans the first plurality of applications to determine which of the first plurality of applications is a malware application, anda second set of malware data obtained from a second source positioned in the mobile network that monitors network data containing a second plurality of applications transferred to at least a second mobile device of the mobile devices and that scans the second plurality of applications to determine which of the second plurality of applications is a malware application,wherein the first source and the second source are separate from the first mobile device and the second mobile device, wherein the second source is of a different type than the first source, and wherein the first source and the second source are located at different positions within the mobile network;
an analysis component that processes the first set of malware data and the second set of malware data and generates a malware analysis of the malware applications included within the first plurality of applications transferred to the first mobile device of the mobile network and of the malware applications included within the second plurality of applications transferred to the second mobile device of the mobile network as a function of the data; and
a mitigation component that mitigates effects of the malware applications transmitted to the first and second mobile devices based at least in part on an aggregation of the first set of malware data and the second set of malware data.
4 Assignments
0 Petitions
Accused Products
Abstract
A network management system monitors malware within a mobile network. The system comprises a receiver component that obtains data regarding malware in the mobile network. The data is obtained from a first source and a second source, where the first source is of a different type than the second source. The monitoring system also includes an analysis component that generates a malware analysis of the mobile network as a function of the data.
51 Citations
29 Claims
-
1. A system that monitors malware within a mobile network, comprising:
-
a receiver component that obtains data regarding the malware transferred to a plurality of different mobile devices operating in the mobile network, the data comprising; a first set of malware data, obtained from a first source positioned in the mobile network that monitors network data containing a first plurality of applications transferred to at least a first mobile device of the mobile devices and that scans the first plurality of applications to determine which of the first plurality of applications is a malware application, and a second set of malware data obtained from a second source positioned in the mobile network that monitors network data containing a second plurality of applications transferred to at least a second mobile device of the mobile devices and that scans the second plurality of applications to determine which of the second plurality of applications is a malware application, wherein the first source and the second source are separate from the first mobile device and the second mobile device, wherein the second source is of a different type than the first source, and wherein the first source and the second source are located at different positions within the mobile network; an analysis component that processes the first set of malware data and the second set of malware data and generates a malware analysis of the malware applications included within the first plurality of applications transferred to the first mobile device of the mobile network and of the malware applications included within the second plurality of applications transferred to the second mobile device of the mobile network as a function of the data; and a mitigation component that mitigates effects of the malware applications transmitted to the first and second mobile devices based at least in part on an aggregation of the first set of malware data and the second set of malware data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 19, 20, 21, 22, 23, 24, 25)
-
-
10. A method of monitoring a mobile network, comprising:
-
obtaining malware data from which mobile device identity information for a plurality of different mobile devices operating in the mobile network is derived, wherein obtaining comprises; receiving a first set of malware data from a first source positioned in the mobile network that monitors network data containing a first plurality of applications transferred to at least a first mobile device of the mobile devices and that scans the first plurality of applications to determine which of the first plurality of applications is a malware application; and receiving a second set of malware data from a second source positioned in the mobile network that monitors network data containing a second plurality of applications transferred to at least a second mobile device of the mobile devices and that scans the second plurality of applications to determine which of the second plurality of applications is a malware application, wherein the first source and the second source are separate from the first mobile device and the second mobile device, wherein the second source is of a different type than the first source, and wherein the first source and the second source are located at different positions within the mobile network; processing the malware data to produce a malware analysis that facilitates operator comprehension of a malware on the mobile network, wherein the malware analysis provides an indication of the identity information for the mobile devices, and wherein the malware analysis provides indications of whether the malware is present on the identified mobile devices, and wherein the malware analysis provides indications of the malware applications included in the first plurality of applications transferred to the first mobile device of the mobile network and the malware applications included in the second plurality of applications transferred to the second mobile device as a function of the obtained data; and mitigating effects of the malware applications transmitted to the first and second mobile devices based at least in part on an aggregation of the first set of malware data and the second set of malware data. - View Dependent Claims (11, 12, 13, 14, 15, 16, 26)
-
-
17. A system that facilitates mitigation of malware in a mobile network, comprising:
-
means for obtaining data regarding the malware transferred to a plurality of different mobile devices operating in the mobile network, the data comprising; a first set of malware data obtained from a first source positioned in the mobile network that monitors network data containing a first plurality of applications transferred to at least a first mobile device of the mobile devices and that scans the first plurality of applications to determine which of the first plurality of applications is a malware application, and a second set of malware data obtained from a second source positioned in the mobile network that monitors network data containing a second plurality of applications transferred to at least a second mobile device of the mobile devices and that scans the second plurality of applications to determine which of the second plurality of applications is a malware application, wherein the first and second mobile devices are separate from the first and second sources, wherein the second source is of a different type than the first source, and wherein the first source and the second source are located at different positions within the mobile network; means for processing the first set of malware data and the second set of malware data and for generating a malware analysis of the malware applications included within the first plurality of applications transferred to the first mobile device of the mobile network and the malware applications within the second set of applications transferred to the second mobile device of the mobile network based at least in part upon the first malware data and the second malware data and means for mitigating effects of the malware applications transmitted to the first and second mobile devices based at least in part on an aggregation of the first set of malware data and the second set of malware data. - View Dependent Claims (18)
-
-
27. A method comprising:
-
receiving a first set of malware data from a first source positioned in a mobile network regarding malware applications transferred to at least a first mobile device of a plurality of mobile devices operating in the mobile network, wherein the first source monitors network data containing a first plurality of applications transferred to the first mobile device and scans the first plurality of applications to determine which of the first plurality of applications is a malware application; receiving a second set of malware data from a second, different source positioned in the mobile network regarding malware applications transferred to at least a second mobile device of the plurality of mobile devices operating in the mobile network, wherein the second source monitors network data containing a second plurality of applications transferred to the second mobile device and scans the second plurality of applications to determine which of the second plurality of applications is a malware application, wherein the first source and the second source are separate from the first mobile device and the second mobile device, wherein the second source is of a different type than the first source, and wherein the first source and the second source are located at different positions within the mobile network; analyzing the first set of malware data and the second set of malware data to compare the first set of malware data to the second set of malware data, and to compare the first and second sets of malware data to historical malware data for the mobile network; generating a malware analysis, based on the analysis of the first and second sets of malware data and the historical malware data, that provides an indication of applications transferred to the mobile devices of the mobile network and an indication of one or more of changes in malware activity levels in the mobile network, types of malware in the mobile network, and spread of malware over time through the mobile network; and mitigating effects of the malware applications transmitted to the first and second mobile devices based at least in part on an aggregation of the first set of malware data and the second set of malware data. - View Dependent Claims (28)
-
-
29. A non-transitory computer-readable medium comprising instructions that, when executed, cause a processor to:
-
receive a first set of malware data from a first source positioned in a mobile network regarding malware applications transferred to at least a first mobile device of a plurality of mobile devices operating in the mobile network, wherein the first source monitors network data containing a first plurality of applications transferred to the first mobile device and scans the first plurality of applications to determine which of the first plurality of applications is a malware application; receive a second set of malware data from a second, different source positioned in the mobile network regarding malware applications transferred to at least a second mobile device of the plurality of mobile devices operating in the mobile network, wherein the second source monitors network data containing a second plurality of applications transferred to the second mobile device and scans the second plurality of applications to determine which of the second plurality of applications is a malware application, wherein the first source and the second source are separate from the first mobile device and the second mobile device, wherein the second source is of a different type than the first source, and wherein the first source and the second source are located at different positions within the mobile network; analyze the first set of malware data and the second set of malware data to compare the first set of malware data to the second set of malware data, and to compare the first and second sets of malware data to historical malware data for the mobile network; generate a malware analysis, based on the analysis of the first and second sets of malware data and the historical malware data, that provides an indication of applications transferred to the mobile devices of the mobile network and an indication of one or more of changes in malware activity levels in the mobile network, types of malware in the mobile network, and spread of malware over time through the mobile network; and mitigate effects of the malware applications transmitted to the first and second mobile devices based at least in part on an aggregation of the first set of malware data and the second set of malware data.
-
Specification