System and method for security and quality assessment of wireless access points
First Claim
1. A method for security risk assessment of wireless access point devices, the method comprising performing, by a computer system:
- receiving, from one of a first device and a second device, a first report of a first access of an access point having a unique identifier, the first report including attributes of the first access of the access point;
receiving, from the one of the first device, the second device and a third device, a second report of access of the access point occurring after the first access of the access point, the second report including attributes of the second access of the access point;
aggregating the attributes of the first and second accesses to obtain aggregate attributes, each aggregate attribute being an aggregation of values of a corresponding attribute of the attributes of the first and second accesses;
determining, that the aggregate attributes of the first access and the second access indicate that the access point is not secure;
transmitting, to the first device, a message indicating that the access point is not secure;
wherein aggregating the attributes of the first and second accesses to obtain aggregate attributes further comprises;
computing a first value that is a function of a number of reconnects per session for each of the first and second accesses;
at least one ofcomputing a second value that is a function of the a number of local internet protocol (IP) addresses detected during the first and second accesses;
computing a third value that is a function of an elapsed time between the first and second accesses; and
computing a fourth value that is a number of unique users that have accessed the access point and have transmitted reports to the computer system;
generating a score that is a combination of the first, and at least one of the second, third, and fourth values;
wherein determining, that the aggregate attributes of the first access and the second access indicate that the access point is not secure comprises determining that the score indicates the access point is not secure.
20 Assignments
0 Petitions
Accused Products
Abstract
A computer-implemented method for security risk assessment of wireless access point devices, the computer-implemented method comprising: receiving signals from one or more wireless access points by two or more mobile wireless devices visiting said access points, obtaining Basic Service Set Identifiers (BSSID) of visited access points and reporting values derived from BSSID and from an identifier of corresponding mobile device to a first database, receiving a request for a security risk assessment of evaluated wireless access point, said request containing value derived from BSSID of the evaluated access point, searching the first database for one or more entries corresponding to the evaluated access point, and processing search results to assess security risk of the evaluated access point, said processing comprises computing a component of said risk dependent on the count of unique identifiers of mobile devices reported for the evaluated access point.
13 Citations
2 Claims
-
1. A method for security risk assessment of wireless access point devices, the method comprising performing, by a computer system:
-
receiving, from one of a first device and a second device, a first report of a first access of an access point having a unique identifier, the first report including attributes of the first access of the access point; receiving, from the one of the first device, the second device and a third device, a second report of access of the access point occurring after the first access of the access point, the second report including attributes of the second access of the access point; aggregating the attributes of the first and second accesses to obtain aggregate attributes, each aggregate attribute being an aggregation of values of a corresponding attribute of the attributes of the first and second accesses; determining, that the aggregate attributes of the first access and the second access indicate that the access point is not secure; transmitting, to the first device, a message indicating that the access point is not secure; wherein aggregating the attributes of the first and second accesses to obtain aggregate attributes further comprises; computing a first value that is a function of a number of reconnects per session for each of the first and second accesses; at least one of computing a second value that is a function of the a number of local internet protocol (IP) addresses detected during the first and second accesses; computing a third value that is a function of an elapsed time between the first and second accesses; and computing a fourth value that is a number of unique users that have accessed the access point and have transmitted reports to the computer system; generating a score that is a combination of the first, and at least one of the second, third, and fourth values; wherein determining, that the aggregate attributes of the first access and the second access indicate that the access point is not secure comprises determining that the score indicates the access point is not secure.
-
-
2. A system for security risk assessment of wireless access point devices, the system comprising one or more processors and one or more memory devices operably coupled to the one or more processors, the one or more memory devices storing executable code effective to cause the one or more processors to:
-
receive, from one of a first device and a second device, a first report of first access of an access point having a unique identifier, the first report including attributes of the first access of the access point; receive, from the one of the first device, the second device and a third device, a second report of access of the access point occurring after the first access of the access point, the second report including attributes of the second access of the access point; aggregate the attributes of the first and second accesses to obtain aggregate attributes, each aggregate attribute being an aggregation of values of a corresponding attribute of the attributes of the first and second accesses; if the aggregate attributes of the first access and the second access indicate that the access point is not secure, transmit, to the first device, a message indicating that the access point is not secure; wherein the executable code is further effective to cause the one or more processors to aggregate the attributes of the first and second accesses to obtain aggregate attributes by; computing a first value that is a function of a number of reconnects per session for each of the first and second accesses; computing at least one of— a second value that is a function of the a number of local internet protocol (IP) addresses detected during the first and second accesses; a third value that is a function of an elapsed time between the first and second accesses; and a fourth value that is a number of unique users that have accessed the access point and have transmitted reports to the computer system; generating a score that is a combination of the first and at least one of the second, third, and fourth values; if the score indicates the access point is not secure, transmit, to the first device, a message indicating that the access point is not secure.
-
Specification