System and method for security and quality assessment of wireless access points

US 9,763,099 B2
Filed: 12/17/2014
Issued: 09/12/2017
Est. Priority Date: 12/30/2013
Status: Active Grant

First Claim

Patent Images

1. A method for security risk assessment of wireless access point devices, the method comprising performing, by a computer system:

receiving, from a plurality of devices, a plurality of reports, each report being transmitted by a device of the plurality of devices in response to accessing an access point having a unique access point identifier and including a unique user identifier;

determining a number of unique user identifiers represented in the plurality of reports;

determining that both of (a) the number of unique user identifiers exceeds a first threshold and (b) the number of unique user identifiers is below a second threshold that is higher than the first threshold; and

in response to determining that both (a) and (b) are true, transmitting a message to one or more devices of the plurality of devices, the message indicating that the access point is not secure.

View all claims

20 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer-implemented method for security risk assessment of wireless access point devices, the computer-implemented method comprising: receiving signals from one or more wireless access points by two or more mobile wireless devices visiting said access points, obtaining Basic Service Set Identifiers (BSSID) of visited access points and reporting values derived from BSSID and from an identifier of corresponding mobile device to a first database, receiving a request for a security risk assessment of evaluated wireless access point, said request containing value derived from BSSID of the evaluated access point, searching the first database for one or more entries corresponding to the evaluated access point, and processing search results to assess security risk of the evaluated access point, said processing comprises computing a component of said risk dependent on the count of unique identifiers of mobile devices reported for the evaluated access point.

14 Citations

View as Search Results

18 Claims

1. A method for security risk assessment of wireless access point devices, the method comprising performing, by a computer system:
- receiving, from a plurality of devices, a plurality of reports, each report being transmitted by a device of the plurality of devices in response to accessing an access point having a unique access point identifier and including a unique user identifier;
  
  determining a number of unique user identifiers represented in the plurality of reports;
  
  determining that both of (a) the number of unique user identifiers exceeds a first threshold and (b) the number of unique user identifiers is below a second threshold that is higher than the first threshold; and
  
  in response to determining that both (a) and (b) are true, transmitting a message to one or more devices of the plurality of devices, the message indicating that the access point is not secure.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, further comprising:
    - determining that the number of unique user identifiers of the access point is growing; and
      
      wherein transmitting the message is performed in response to both of growth in the number of unique user identifiers and determining that (a) and (b) are true.
  - 3. The method of claim 1, wherein the plurality of reports are a first plurality of reports and the access point is a first access point, the method further comprising:
    - receiving, from a plurality of devices, a second plurality of reports, each report being transmitted by a device of the plurality of devices in response to accessing a second access point having a unique access point identifier and including a unique user identifier;
      
      determining that at least one of (a) the number of unique user identifiers is below a first threshold and (b) the number of unique user identifiers is above a second threshold that is higher than the first threshold; and
      
      in response to determining that at least one of (a) and (b) are true, refraining from notifying one or more devices of the plurality of devices that the access point is not secure.
  - 4. The method of claim 1, further comprising determining a security score for the access point by:
    - determining the security score according to a function of a numbers of reconnects per session included in the plurality of reports;
      
      determining that the security score indicates that the access point is not secure; and
      
      in response to determining that the security score indicates that the access point is not secure, transmitting the message to the one or more devices of the plurality of devices.
  - 5. The method of claim 1, further comprising determining a security score for the access point by:
    - determining the security score according to a function of a number of local internet protocol (IP) addresses detected during one or more accesses;
      
      determining that the security score indicates that the access point is not secure; and
      
      in response to determining that the security score indicates that the access point is not secure, transmitting the message to the one or more devices of the plurality of devices.
  - 6. The method of claim 1, further comprising determining a security score for the access point by:
    - additionally determining the security score according to a second function of an elapsed time between a first time of access reported in a first-received report of the plurality of reports and a second time of access reported in a last-received report of the plurality of reports;
      
      determining that the security score indicates that the access point is not secure; and
      
      in response to determining that the security score indicates that the access point is not secure, transmitting the message to the one or more devices of the plurality of devices.
  - 7. The method of claim 1, further comprising determining a security score for the access point by:
    - determining the security score according to a function of a number of reconnects per session detected during one or more accesses;
      
      additionally determining the security score according to a second function of the a number of local internet protocol (IP) addresses detected during one or more accesses;
      
      additionally determining the security score according to a third function of an elapsed time between two or more accesses;
      
      determining that the security score indicates that the access point is not secure; and
      
      in response to determining that the security score indicates that the access point is not secure, transmitting the message to the one or more devices of the plurality of devices.
  - 8. The method of claim 1, wherein transmitting the message to one or more devices of the plurality of devices comprises transmitting an instruction to the one or more devices to not use the access point.
  - 9. The method of claim 1, wherein transmitting the message to one or more devices of the plurality of devices comprises transmitting an instruction to the one or more devices to perform data access using the access point using a virtual private network (VPN).
  - 10. The method of claim 1, wherein transmitting the message to one or more devices of the plurality of devices comprises transmitting an interface to one or more devices, the interface indicating that the access point is not secure and providing an interface element configured to invoke performing of data access using the access point by means of a virtual private network (VPN).

11. A method for security risk assessment of wireless access point devices, the method comprising performing, by a computer system:
- receiving, from a plurality of devices, a plurality of reports, each report being transmitted by a device of the plurality of devices in response to accessing an access point having a unique access point identifier and including a unique user identifier;
  
  determining a number of unique user identifiers represented in the plurality of reports;
  
  determining a security score for the access point according to a function that indicates higher risk with increasing number of unique user identifiers; and
  
  determining that the score indicates that the access point is not secure;
  
  in response to determining that the score indicates that the access point is not secure, transmitting a message to one or more devices of the plurality of devices, the message indicating that the access point is not secure,wherein determining the security score for the access point according to the function that indicates higher risk with increasing number of unique user identifiers comprises, computing the security score according to a nonlinear function of risk with respect to number of unique user identifiers such that;
  
  for a first portion of a range of possible numbers of unique user identifiers, the security score indicates decreasing risk with increasing number of unique user identifiers;
  
  for a second portion of the range of possible numbers of unique user identifiers, the security score indicates increasing risk with increasing number of unique user identifiers;
  
  for a third portion of the range of possible numbers of unique user identifiers, the security score indicates decreasing risk with increasing number of unique user identifiers;
  
  wherein the third portion includes higher values for the number of unique user identifiers than the second portion and the second portion includes higher values for the number of unique user identifiers than the first portion.

12. A system for security risk assessment of wireless access point devices, the system comprising one or more processors and one or more memory devices operably coupled to the one or more processors, the one or more memory devices storing executable code effective to cause the one or more processors to:
- receive, from a plurality of devices, a plurality of reports, each report being transmitted by a device of the plurality of devices in response to accessing an access point having a unique access point identifier and including a unique user identifier;
  
  determine a number of unique user identifiers represented in the plurality of reports;
  
  andif the number of unique user identifiers is greater than a first threshold and less than a second threshold, transmit a message to one or more devices of the plurality of devices, the message indicating that the access point is not secure, the second threshold being greater than the second threshold.
- View Dependent Claims (13, 14, 15, 16, 17)
- - 13. The system of claim 12, wherein the executable data is further effective to cause the one or more processors to determine a growth in the number of unique user identifiers;
    - anddetermining that the access point indicates higher risk if the number of unique users is increasing and the number of unique user identifiers is below the second threshold.
  - 14. The system of claim 12, wherein the executable data is further effective to cause the one or more processors to:
    - if the number of unique user identifiers is at least one of less than the first threshold and greater than the second threshold, refrain from notifying one or more devices of the plurality of devices that the access point is not secure.
  - 15. The system of claim 12, wherein the executable data is further effective to cause the one or more processors to:
    - determine a security risk according to a first function of the number of reconnects per session for one or more accesses;
      
      additionally determine a security risk according to a second function of a number of local internet protocol (IP) addresses detected during one or more accesses; and
      
      additionally determine the security risk according to a third function of an elapsed time between two or more accesses;
      
      notify one or more of the plurality of devices that the access point is not secure if the security risk is above a threshold value.
  - 16. The system of claim 12, wherein the executable data is further effective to cause the one or more processors to transmit the message to one or more devices of the plurality of devices by transmitting an instruction to the one or more devices to not use the access point.
  - 17. The system of claim 12, wherein transmitting the message to one or more devices of the plurality of devices by transmitting an interface to one or more devices, the interface indicating that the access point is not secure and providing an interface element configured to invoke performing of data access using the access point by means of a virtual private network (VPN).

18. A system for security risk assessment of wireless access point devices, the system comprising one or more processors and one or more memory devices operably coupled to the one or more processors, the one or more memory devices storing executable code effective to cause the one or more processors to:
- receive, from a plurality of devices, a plurality of reports, each report being transmitted by a device of the plurality of devices in response to accessing an access point having a unique access point identifier and including a unique user identifier;
  
  determine a number of unique user identifiers represented in the plurality of reports;
  
  determine a security score for the access point according to a function that indicates higher risk with increasing number of unique user identifiers; and
  
  if the score indicates that the access point is not secure, transmit a message to one or more devices of the plurality of devices, the message indicating that the access point is not securewherein the executable data is further effective to cause the one or more processors to determine the security score by computing the security score according to a nonlinear function of risk with respect to number of unique user identifiers such that;
  
  for a first portion of a range of possible numbers of unique user identifiers, the security score indicates decreasing risk with increasing number of unique user identifiers;
  
  for a second portion of the range of possible numbers of unique user identifiers, the security score indicates increasing risk with increasing number of unique user identifiers;
  
  for a third portion of the range of possible numbers of unique user identifiers, the security score indicates decreasing risk with increasing number of unique user identifiers;
  
  wherein the third portion includes higher values for the number of unique user identifiers than the second portion and the second portion includes higher values for the number of unique user identifiers than the first portion.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Aura Sub, LLC
Original Assignee
Anchorfree Incorporated
Inventors
Lapidous, Eugene
Primary Examiner(s)
Siddiqi, Mohammad A

Application Number

US14/574,240
Publication Number

US 20150189511A1
Time in Patent Office

1,000 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/0272   Virtual private networks

H04W 12/12   Detection or prevention of ...

H04W 12/122   Counter-measures against at...

H04W 12/67   Risk-dependent, e.g. select...

System and method for security and quality assessment of wireless access points

First Claim

20 Assignments

0 Petitions

Accused Products

Abstract

14 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for security and quality assessment of wireless access points

First Claim

20 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

14 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links