Determining a reputation through network characteristics
First Claim
Patent Images
1. At least one non-transitory computer-readable medium comprising one or more instructions that when executed by at least one processor, cause the processor to:
- monitor network traffic to and from a device;
compare the monitored network traffic to characteristics of the device to determine if the monitored traffic is outside the characteristics of the device, wherein the characteristics of the device at least partially include characteristics from an original equipment manufacturer related to sending and receiving packets, and wherein the characteristics from an original equipment manufacturer are retrieved while monitoring network traffic; and
assign an untrusted reputation to the device if the monitored traffic is outside the characteristics of the device.
10 Assignments
0 Petitions
Accused Products
Abstract
Particular embodiments described herein provide for an electronic device that can be configured to monitor network traffic to and from a device, compare the monitored network traffic to characteristics of the device to determine if the monitored traffic is outside the characteristics of the device, and take remedial action if the monitored traffic is outside the characteristics of the device.
-
Citations
18 Claims
-
1. At least one non-transitory computer-readable medium comprising one or more instructions that when executed by at least one processor, cause the processor to:
-
monitor network traffic to and from a device; compare the monitored network traffic to characteristics of the device to determine if the monitored traffic is outside the characteristics of the device, wherein the characteristics of the device at least partially include characteristics from an original equipment manufacturer related to sending and receiving packets, and wherein the characteristics from an original equipment manufacturer are retrieved while monitoring network traffic; and assign an untrusted reputation to the device if the monitored traffic is outside the characteristics of the device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. An apparatus comprising:
-
a hardware processor; and a behavior reputation engine configured to; monitor network traffic to and from a device; compare the monitored network traffic to characteristics of the device to determine if the monitored traffic is outside the characteristics of the device, wherein the characteristics of the device at least partially include characteristics from an original equipment manufacturer related to sending and receiving packets, and wherein the characteristics from an original equipment manufacturer are retrieved while monitoring network traffic; and assign an untrusted reputation to the device if the monitored traffic is outside the characteristics of the device. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A system for determining a reputation through network characteristics, the system comprising:
-
a hardware processor; and a behavior reputation engine configured for; monitoring network traffic to and from a device; comparing the monitored network traffic to characteristics of the device to determine if the monitored traffic is outside the characteristics of the device, wherein the characteristics of the device at least partially include characteristics from an original equipment manufacturer related to sending and receiving packets, and wherein the characteristics from an original equipment manufacturer are retrieved while monitoring network traffic; and assigning an untrusted reputation to the device if the monitored traffic is outside the characteristics of the device. - View Dependent Claims (18)
-
Specification