Mobile risk assessment

US 9,112,896 B2
Filed: 03/06/2014
Issued: 08/18/2015
Est. Priority Date: 10/17/2011
Status: Active Grant

First Claim

Patent Images

1. At least one non-transitory machine accessible storage medium having instructions stored thereon, the instructions when executed on a machine, cause the machine to:

receive, at an endpoint device, information to indicate one or more wireless access points for one or more wireless networks at a location;

send, to a remote security server, information to identify at least a particular one of the one or more wireless access points;

receive a request from the remote security server for the endpoint device to participate in a risk assessment of the particular wireless access point;

attempt to communicate with a trusted endpoint over the particular wireless access point to assess the particular wireless access point; and

determine whether data responsive to the attempt to communicate is consistent with data expected from the trusted endpoint; and

report results of the attempt to communicate to the security server.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A query is received from a particular endpoint device identifying a particular wireless access point encountered by the particular endpoint device. Pre-existing risk assessment data is identified for the identified particular wireless access point and query result data is sent to the particular endpoint device characterizing pre-assessed risk associated with the particular wireless access point. In some instances, the query result data is generated based on the pre-existing risk assessment data. In some instances, pre-existing risk assessment data can be the result of an earlier risk assessment carried-out at least in part by an endpoint device interfacing with and testing the particular wireless access point.

Citations

25 Claims

1. At least one non-transitory machine accessible storage medium having instructions stored thereon, the instructions when executed on a machine, cause the machine to:
- receive, at an endpoint device, information to indicate one or more wireless access points for one or more wireless networks at a location;
  
  send, to a remote security server, information to identify at least a particular one of the one or more wireless access points;
  
  receive a request from the remote security server for the endpoint device to participate in a risk assessment of the particular wireless access point;
  
  attempt to communicate with a trusted endpoint over the particular wireless access point to assess the particular wireless access point; and
  
  determine whether data responsive to the attempt to communicate is consistent with data expected from the trusted endpoint; and
  
  report results of the attempt to communicate to the security server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 2. The storage medium of claim 1, wherein the instructions when executed further cause the machine to send a query to the remote security server, wherein the query identifies the particular wireless access point and requests a security report associated with the particular wireless access point.
  - 3. The storage medium of claim 2, wherein the request is received in response to the query.
  - 4. The storage medium of claim 3, wherein the request is sent in response to a determination by the security server that insufficient risk information exists for the particular wireless access point.
  - 5. The storage medium of claim 2, wherein the query queries the security server for risk information for two or more of the detected wireless access points.
  - 6. The storage medium of claim 2, wherein the query includes geo-positional data indicating the location of at least one of the endpoint device and the particular wireless access point.
  - 7. The storage medium of claim 1, wherein the endpoint device comprises a mobile user device.
  - 8. The storage medium of claim 7, wherein the endpoint device comprises one of a tablet and a smartphone.
  - 9. The storage medium of claim 1, wherein the instructions when executed further cause the machine to:
    - collect information describing attributes of the particular wireless access point; and
      
      send feedback data describing the attributes to the security server.
  - 10. The storage medium of claim 9, wherein the request is received in response to sending the feedback data.
  - 11. The storage medium of claim 9, wherein the feedback data includes at least one of a service set identifier (SSID), data describing encryption used by the particular wireless access point, splash page information, and wireless access point password information.
  - 12. The storage medium of claim 1, wherein attempting to communicate with the trusted endpoint includes attempting to establish a secured connection between the endpoint device and the trusted endpoint, and establishing the secured connection includes receiving expected trust verification data from the trusted endpoint;
    - wherein receipt of data other than the expected trust verification data in response to the attempt to communicate is presumed to indicate that the particular wireless access point is untrustworthy suggesting higher risk associated with the particular wireless access point.
  - 13. The storage medium of claim 1, wherein a plurality of attempts to communicate trusted endpoints are to be attempted by the endpoint device during a connection with the particular wireless access point to assess the particular wireless access point at a plurality of times during the connection.
  - 14. The storage medium of claim 1, wherein the instructions when executed further cause the machine to receive report data from the security server identifying results of the monitoring of the attempted communication.
  - 15. The storage medium of claim 1, wherein the instructions when executed further cause the machine to receive report data from the security server identifying which of the one or more wireless access points is a trusted wireless access point.
  - 16. The storage medium of claim 15, wherein the report data is based on a previous risk assessment of the one or more wireless access points.
  - 17. The storage medium of claim 16, wherein the endpoint device comprises a particular endpoint device and the previous risk assessment is based on a previous encounter with the particular wireless access point by an endpoint device other than the particular endpoint device.
  - 18. The storage medium of claim 17, wherein the report data is based at least in part on the monitoring of the attempted communication.
  - 19. The storage medium of claim 15, wherein the instructions when executed further cause the machine to present a graphical indicator of risk associated with the particular wireless access point at the endpoint device.
  - 20. The storage medium of claim 1, wherein the particular endpoint is to communicate with the security server over a secure connection.
  - 21. The storage medium of claim 20, wherein the secure connection is implemented over at least one of a wireless mobile broadband connection or a virtual local area network (VLAN) tunnel.

22. A method comprising:
- receiving, at an endpoint device, information to indicate one or more wireless access points for one or more wireless networks at a location;
  
  sending, to a remote security server, information to identify at least a particular one of the one or more wireless access points;
  
  receiving a request from the remote security server for the endpoint device to participate in a risk assessment of the particular wireless access point;
  
  attempting to communicate with a trusted endpoint over the particular wireless access point to assess the particular wireless access point;
  
  determining whether data responsive to the attempt to communicate is consistent with data expected from the trusted endpoint; and
  
  reporting results of the attempt to communicate to the security server.

23. A system comprising:
- at least one processor device;
  
  at least one memory element; and
  
  an endpoint device comprising a security tool comprising logic to;
  
  receive, at an endpoint device, information to indicate one or more wireless access points for one or more wireless networks at a location;
  
  send, to a remote security server, information to identify at least a particular one of the one or more wireless access points;
  
  receive a request from the remote security server for the endpoint device to participate in a risk assessment of the particular wireless access point;
  
  attempt to communicate with a trusted endpoint over the particular wireless access point to assess the particular wireless access point;
  
  determine whether data responsive to the attempt to communicate is consistent with data expected from the trusted endpoint; and
  
  report results of the attempt to communicate to the security server.
- View Dependent Claims (24, 25)
- - 24. The system of claim 23, further comprising the security server.
  - 25. The system of claim 23, wherein the endpoint device comprises a mobile user device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, LLC
Original Assignee
McAfee, Inc. (McAfee, LLC)
Inventors
Basavapatna, Prasanna Ganapathi, Gaddala, Satish Kumar, Schrecker, Sven, Goldschlag, David Moshe
Primary Examiner(s)
POWERS, WILLIAM S

Application Number

US14/199,274
Publication Number

US 20140250533A1
Time in Patent Office

530 Days
Field of Search

726/25, 455/410
US Class Current

1/1
CPC Class Codes

G06F 21/577   Assessing vulnerabilities a...

H04L 63/0272   Virtual private networks

H04L 63/12   Applying verification of th...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1433   Vulnerability analysis

H04W 12/12   Detection or prevention of ...

H04W 12/122   Counter-measures against at...

H04W 12/67   Risk-dependent, e.g. select...

H04W 4/02   Services making use of loca...

H04W 4/029   Location-based management o...

Mobile risk assessment

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Mobile risk assessment

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links