Application risk analysis

US 9,386,463 B1
Filed: 11/19/2012
Issued: 07/05/2016
Est. Priority Date: 11/19/2012
Status: Active Grant

First Claim

Patent Images

1. A mobile communication device, comprising:

a radio transceiver to communicatively couple the mobile communication device to a radio access network by a wireless communication link;

a non-transitory memory;

a processor; and

a monitoring application stored in the non-transitory memory that, when executed by the processor, is configured todetermine a risk profile of a monitored application installed on the mobile communication device based on;

a comparison of performance of the mobile communication device before and after installation of the monitored application on the mobile communication device,a comparison of requests by the monitored application to access a network associated with the mobile communication device or an application stored on or accessed by the mobile communication device versus requests for access by applications of a same application type as the monitored application, wherein the same application type comprises one of voice communication, data communication, web browsing, email, short message system, texting, multimedia message system, gaming, social networking, informational enhancing, functional enhancing, and performance enhancing, andand at least one of;

community feedback of the monitored application,an amount of time elapsed since release of the monitored application, ora risk profile of a publisher of the monitored application; and

perform an action responsive to the risk profile of the monitored application meeting or exceeding a predefined threshold.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of managing the risk of a monitored application installed on a mobile communication device comprises determining a risk profile of the monitored application based on at least one of: comparison of performance of the mobile communication device before and after installation of the monitored application on the mobile communication device, comparison of permission requests of the monitored application versus a type of the monitored application, community feedback of the monitored application, an amount of time elapsed since release of the monitored application, and a risk profile of a publisher of the monitored application; and performing a first action if the risk profile of the monitored application meets or exceeds a predefined first threshold.

Citations

16 Claims

1. A mobile communication device, comprising:
- a radio transceiver to communicatively couple the mobile communication device to a radio access network by a wireless communication link;
  
  a non-transitory memory;
  
  a processor; and
  
  a monitoring application stored in the non-transitory memory that, when executed by the processor, is configured todetermine a risk profile of a monitored application installed on the mobile communication device based on;
  
  a comparison of performance of the mobile communication device before and after installation of the monitored application on the mobile communication device,a comparison of requests by the monitored application to access a network associated with the mobile communication device or an application stored on or accessed by the mobile communication device versus requests for access by applications of a same application type as the monitored application, wherein the same application type comprises one of voice communication, data communication, web browsing, email, short message system, texting, multimedia message system, gaming, social networking, informational enhancing, functional enhancing, and performance enhancing, andand at least one of;
  
  community feedback of the monitored application,an amount of time elapsed since release of the monitored application, ora risk profile of a publisher of the monitored application; and
  
  perform an action responsive to the risk profile of the monitored application meeting or exceeding a predefined threshold.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The mobile communication device of claim 1, wherein the monitoring application is further configured to:
    - determine risk profiles of additional monitored applications installed on the mobile communication device based on at least one of;
      
      a comparison of performance of the mobile communication device before and after installation of each of the additional monitored applications on the mobile communication device,a comparison of requests by each of the additional monitored applications to access one or more networks associated with the mobile communication device or one or more applications stored on or accessed by the mobile communication device versus requests for access by applications of a same application type as each of the additional monitored applications,community feedback of each of the additional monitored applications,an amount of time elapsed since release of each of the additional monitored applications, ora risk profile of a publisher of each of the additional monitored applications; and
      
      perform a second action responsive to a predefined number of the additional monitored applications meeting or exceeding a predefined second threshold.
  - 3. The mobile communication device of claim 1, wherein the monitoring application is further configured to provide to the publisher of the monitored application at least one of:
    - the risk profile of the monitored application,the community feedback of the monitored application, orthe risk profile of the publisher of the monitored application.
  - 4. The mobile communication device of claim 1, wherein performance of the mobile communication device is based on at least one of:
    - speed of operation of an operating system of the mobile communication device,a presence of errors in the operating system, orlocking up of the operating system.
  - 5. The mobile communication device of claim 1, wherein the risk profile of the publisher of the monitored application is based on at least one of:
    - community feedback of the publisher of the monitored application, oran amount of time elapsed since the publisher of the monitored application first published an application.
  - 6. The mobile communication device of claim 1, wherein the risk profile of the monitored application is a score.
  - 7. The mobile communication device of claim 6, wherein the score is given increased consideration as an amount of the community feedback increases.
  - 8. The mobile communication device of claim 1, wherein the action comprises at least one of:
    - limiting network access of the mobile communication device,limiting functionality of the monitored application,limiting other functionality of the mobile communication device,providing alerts on an operating system of the mobile communication device,lowering at least one additional threshold that triggers additional actions, orrecommending to a user of the mobile communication device at least one security product or service.

9. A method of managing the risk of a monitored application installed on a mobile communication device, the method comprising:
- determining a risk profile of the monitored application based on;
  
  a comparison of requests by the monitored application to access a network associated with the mobile communication device or an application stored on or accessed by the mobile communication device versus requests for access by applications of a same application type as the monitored application, wherein the same application type comprises one of voice communication, data communication, web browsing, email, short message system, texting, multimedia message system, gaming, social networking, informational enhancing, functional enhancing, and performance enhancing,a comparison of performance of the mobile communication device before and after installation of the monitored application on the mobile communication device, andat least one of;
  
  community feedback of the monitored application,an amount of time elapsed since release of the monitored application, ora risk profile of a publisher of the monitored application; and
  
  performing an action responsive to the risk profile of the monitored application meeting or exceeding a predefined threshold.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The method of claim 9, further comprising:
    - determining risk profiles of additional monitored applications installed on the mobile communication device based on at least one of;
      
      a comparison of performance of the mobile communication device before and after installation of each of the additional monitored applications on the mobile communication device,a comparison of requests by each of the additional monitored applications to access one or more networks associated with the mobile communication device or one or more applications stored on or accessed by the mobile communication device versus requests for access by applications of a same application type as the monitored application,community feedback of each of the additional monitored applications,an amount of time elapsed since release of each of the additional monitored applications, ora risk profile of a publisher of each of the additional monitored applications; and
      
      performing a second action responsive to a predefined number of the additional monitored applications meeting or exceeding a predefined second threshold.
  - 11. The method of claim 9, further comprising providing to the publisher of the monitored application at least one of:
    - the risk profile of the monitored application,the community feedback of the monitored application, orthe risk profile of the publisher of the monitored application.
  - 12. The method of claim 9, wherein performance of the mobile communication device is based on at least one of:
    - speed of operation of an operating system of the mobile communication device,a presence of errors in the operating system, orlocking up of the operating system.
  - 13. The method of claim 9, wherein the risk profile of the publisher of the monitored application is based on at least one of:
    - community feedback of the publisher of the monitored application, oran amount of time elapsed since the publisher of the monitored application first published an application.
  - 14. The method of claim 9, wherein the risk profile of the monitored application is a score.
  - 15. The method of claim 14, wherein the score is given increased consideration as an amount of the community feedback increases.
  - 16. The method of claim 9, wherein the action comprises at least one of:
    - limiting network access of the mobile communication device,limiting functionality of the monitored application,limiting other functionality of the mobile communication device,providing alerts on an operating system of the mobile communication device,lowering at least one additional threshold that triggers additional actions, orrecommending to a user of the mobile communication device at least one security product or service.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
T-Mobile Innovations LLC (Deutsche Telekom AG)
Original Assignee
Sprint Communications Company LP (Deutsche Telekom AG)
Inventors
Contino, Jeffrey Ronald, Salge, Jason, Stone, M. Jeffrey, Waldrop, Robert L.
Primary Examiner(s)
Mitchell, Nathan

Application Number

US13/681,337
Time in Patent Office

1,324 Days
Field of Search

455/410, 455/411, 455/418
US Class Current

1/1
CPC Class Codes

G06F 21/552   involving long-term monitor...

H04L 63/12   Applying verification of th...

H04L 63/1425   Traffic logging, e.g. anoma...

H04W 12/00   Security arrangements; Auth...

H04W 24/02   Arrangements for optimising...

Application risk analysis

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Application risk analysis

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links