Secured home network

US 10,257,223 B2
Filed: 12/21/2015
Issued: 04/09/2019
Est. Priority Date: 12/21/2015
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, by malware detection logic executed by a secured device residing in a home network, a message from an unsecured device of a first network and intended for a destination device of the home network, the destination device comprising a security client;

determining, by the malware detection logic and based on a characteristic of the secured device, not to detect whether the message includes malware, the characteristic including at least a processing capability of the secured device;

responsive to the malware detection logic determining not to detect whether the message includes malware, transmitting, by the malware detection logic, the message to a cloud computing server;

responsive to receiving, from the cloud computing server, an indication that the message includes malware;

reporting, by the malware detection logic, an alarm to the security client of the destination device; and

preventing, by the malware detection logic, an application associated with the destination device from processing the message.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Malware detection logic executed by a secured device residing in a home network may receive a message from an unsecured device of a first unsecured network and intended for a destination device of the home network, the destination device comprising a security client. The malware detection logic may establish a secure communication channel between the malware detection logic of the secured device and the security client of the destination device. The malware detection logic may execute a validation test on the message to determine that the message includes malware. The malware detection logic may report an alarm to the security client of the destination device. The malware detection logic may transmit information related to the malware to a cloud computing server. The malware detection logic may prevent an application associated with the destination device from processing the message.

18 Citations

View as Search Results

21 Claims

1. A method comprising:
- receiving, by malware detection logic executed by a secured device residing in a home network, a message from an unsecured device of a first network and intended for a destination device of the home network, the destination device comprising a security client;
  
  determining, by the malware detection logic and based on a characteristic of the secured device, not to detect whether the message includes malware, the characteristic including at least a processing capability of the secured device;
  
  responsive to the malware detection logic determining not to detect whether the message includes malware, transmitting, by the malware detection logic, the message to a cloud computing server;
  
  responsive to receiving, from the cloud computing server, an indication that the message includes malware;
  
  reporting, by the malware detection logic, an alarm to the security client of the destination device; and
  
  preventing, by the malware detection logic, an application associated with the destination device from processing the message.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, further comprising encrypting, by the malware detection logic, the message before transmitting the message to the cloud computing server.
  - 3. The method of claim 1, further comprising determining that the secured device has insufficient processing power or needs more expertise to determine whether the message includes malware, wherein determining not to detect whether the message includes malware is based on at least one of the secured device having insufficient processing power or the secured device needing more expertise to determine whether the message includes malware.
  - 4. The method of claim 1, further comprising receiving an indication that an alert level of the home network has increased.
  - 5. The method of claim 1, wherein the characteristic of the secured device further includes at least a security sensitivity of the secured device, and wherein determining not to detect whether the message includes malware is based on the security sensitivity of the secured device.
  - 6. The method of claim 1, wherein the application resides on the secured device.
  - 7. The method of claim 1, further comprising:
    - receiving, by the malware detection logic, an additional message; and
      
      conducting, by the malware detection logic for the additional message, one or more validation tests comprising at least one of a port verification, content verification for virus detection, or a deep packet inspection for detection of known attacks.
  - 8. The method of claim 1, further comprising:
    - receiving, by the malware detection logic, an additional message;
      
      determining, by the malware detection logic, that the additional message includes malware; and
      
      transmitting, by the malware detection logic, an indication of a presence of the malware to the cloud computing server.
  - 9. The method of claim 1, wherein the alarm is indicative of a presence of the malware.
  - 10. The method of claim 1, wherein the malware detection logic is configured to provide one or more of a secure booting process, a secure download process, or a generation process for generating one or more keys to encrypt the message.

11. A system comprising:
- a memory to store instructions; and
  
  a processing device operatively coupled to the memory, the processing device residing in a home network, the processing device being configured to;
  
  receive a message from an unsecured device of a first network and intended for a destination device of the home network, the destination device comprising a security client;
  
  determine, based on a characteristic of the system, not to detect whether the message includes malware, the characteristic including at least a processing capability of the system;
  
  responsive to a malware detection logic determining not to detect whether the message includes malware, transmit the message to a cloud computing server;
  
  responsive to receiving, from the cloud computing server, an indication that the message includes malware;
  
  report an alarm to the security client of the destination device; and
  
  prevent an application associated with the destination device from processing the message.
- View Dependent Claims (12, 13, 14, 15, 16, 17)
- - 12. The system of claim 11, wherein the processing device is further configured to encrypt the message before transmitting the message to the cloud computing server.
  - 13. The system of claim 11, wherein the processing device is further configured to determine that the system has insufficient processing power or needs more expertise to determine whether the message includes malware, wherein determining not to detect whether the message includes malware is based on at least one of the system having insufficient processing power or the system needing more expertise to determine whether the message includes malware.
  - 14. The system of claim 11, wherein the characteristic of the secured device further includes at least a security sensitivity of the secured device, and wherein determining not to detect whether the message includes malware is based on the security sensitivity of the secured device.
  - 15. The system of claim 11, wherein the application resides on the system.
  - 16. The system of claim 11, wherein the processing device is further configured to determine:
    - receive, by the malware detection logic, an additional message;
      
      determine, by the malware detection logic, that the additional message includes malware; and
      
      transmit, by the malware detection logic, an indication of a presence of the malware to a cloud computing server.
  - 17. The system of claim 11, wherein the malware detection logic is configured to provide a generation process for generating one or more keys to encrypt the message.

18. A system comprising:
- a home network;
  
  a secured device comprising a memory and a processing device operatively coupled to the home network, wherein the processing device of the secured device is configured to;
  
  receive, by malware detection logic executed by the processing device, a message from an unsecured device of a first network and intended for a destination device of the home network, the destination device comprising a security client;
  
  determine, by the malware detection logic and based on a characteristic of the secured device, not to detect whether the message includes malware, the characteristic including at least a processing capability of the secured device;
  
  responsive to the malware detection logic determining not to detect whether the message includes malware, transmit, by the processing device, the message to a cloud computing server;
  
  responsive to receipt, from the cloud computing server, of an indication that the message includes malware;
  
  report, by the processing device, an alarm to the security client of the destination device; and
  
  prevent, by the processing device, an application associated with the destination device from processing the message.
- View Dependent Claims (19, 20, 21)
- - 19. The system of claim 18, wherein the processing device is further configured to determine that the secured device has insufficient processing power or needs more expertise to determine whether the message includes malware, wherein determining not to detect whether the message includes malware is based on at least one of the secured device having insufficient processing power or the secured device needing more expertise to determine whether the message includes malware.
  - 20. The system of claim 18, wherein the characteristic of the secured device further includes at least a security sensitivity of the secured device, and wherein determining not to detect whether the message includes malware is based on the security sensitivity of the secured device.
  - 21. The system of claim 18, wherein the malware detection logic is configured to provide one or more of a secure booting process for generating one or more keys to encrypt the message.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nagravision SA (Kudelski SA)
Original Assignee
Nagravision SA (Kudelski SA)
Inventors
Stransky-Heilkron, Philippe
Primary Examiner(s)
Zhao, Don G

Application Number

US14/976,441
Publication Number

US 20170180395A1
Time in Patent Office

1,205 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/1416   Event detection, e.g. attac...

H04L 63/145   the attack involving the pr...

H04W 12/12   Detection or prevention of ...

H04W 12/128   Anti-malware arrangements, ...

Secured home network

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

18 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Secured home network

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

18 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links