METHOD AND SYSTEM OF REPAIRING VULNERABILITIES OF SMART DEVICES

US 20180077194A1
Filed: 11/21/2017
Published: 03/15/2018
Est. Priority Date: 03/18/2016
Status: Active Grant

First Claim

Patent Images

1. A method for repairing vulnerabilities of smart devices connected to a data network, the method comprising:

transmitting, by a processor, a broadcast request through the data network to obtain access to a smart device;

obtaining settings of the smart device by accessing a configuration file stored on the smart device, the configuration file containing settings of the smart device;

comparing each of the settings of the smart device with settings of known vulnerabilities to identify a network vulnerability of the smart device that can be exploited by the processor by identifying a setting with a similar vulnerable status in the database;

determining a repair action for repairing the at least one network vulnerability associated with at least one setting of the smart device based on the setting with the similar vulnerable status in the database; and

transmitting, by the processor, instructions to the smart device to perform the repair action wherein the repair action comprises adjusting the setting of the smart device by making changes in the configuration file.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed are systems and methods for repairing vulnerabilities of smart devices connected to a data network. An example method includes: transmitting a request through the network to obtain access to a smart device; obtaining settings of the smart device by accessing a configuration file containing settings of the smart device; comparing each of the settings of the device with known vulnerabilities to identify a vulnerability of the smart device that can be exploited; determining a repair action for repairing the at least one network vulnerability associated with at least one setting of the smart device based on the setting with the similar vulnerable status in the database; and transmitting instructions to the smart device to perform the repair action wherein the repair action comprises adjusting the setting of the smart device by making changes in the configuration file.

1 Citation

20 Claims

1. A method for repairing vulnerabilities of smart devices connected to a data network, the method comprising:
- transmitting, by a processor, a broadcast request through the data network to obtain access to a smart device;
  
  obtaining settings of the smart device by accessing a configuration file stored on the smart device, the configuration file containing settings of the smart device;
  
  comparing each of the settings of the smart device with settings of known vulnerabilities to identify a network vulnerability of the smart device that can be exploited by the processor by identifying a setting with a similar vulnerable status in the database;
  
  determining a repair action for repairing the at least one network vulnerability associated with at least one setting of the smart device based on the setting with the similar vulnerable status in the database; and
  
  transmitting, by the processor, instructions to the smart device to perform the repair action wherein the repair action comprises adjusting the setting of the smart device by making changes in the configuration file.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising:
    - accessing, by the processor, an interface of the smart device by obtaining a web page and parsing elements of the web page, wherein the web page contains the settings of the smart device; and
      
      using the interface to obtain the settings of the smart device.
  - 3. The method of claim 1 wherein transmitting instructions to the smart device further comprises:
    - changing a value in the configurations file corresponding to the network vulnerability associated with the setting of the smart device.
  - 4. The method of claim 2, further comprising transmitting instructions to the smart device for repairing the network vulnerability by adjusting the setting through the interface of the smart device, comprising:
    - modifying the web page using the document object model to select a control element corresponding to a setting of the smart device.
  - 5. The method of claim 1, further comprising:
    - accessing a second smart device, wherein the accessing of the second smart device comprises at least one of obtaining web access to the second smart device, accessing the second smart device through a universal plug and play protocol, accessing the second smart device through a file transfer by a network address of the second smart device in the data network;
      
      accessing the second smart device through a remote administration protocol, and accessing the second smart device by a secure shell protocol.
  - 6. The method of claim 1, wherein the transmitting of the broadcast request through the data network comprises transmitting the request to a router that redirects the request to a plurality of smart devices communicatively coupled to the data network via the router.
  - 7. The method of claim 1, further comprising accessing the smart device by one or more of:
    - obtaining web access to the smart device, accessing the smart device through a universal plug and play protocol, accessing the smart device through a file transfer by a network address of the smart device in the data network;
      
      accessing the smart device through a remote administration protocol, and accessing the smart device by a secure shell protocol.

8. A system for repairing vulnerabilities of smart devices connected to a data network, the system comprising:
- a database that stores settings of devices relating to network vulnerabilities and actions for repairing the network vulnerabilities; and
  
  a hardware processor configured to;
  
  transmit a broadcast request through the data network to obtain access to a smart device;
  
  obtain settings of the smart device by accessing a configuration file stored on the smart device, the configuration file containing settings of the smart device;
  
  compare each of the settings of the smart device with settings of known vulnerabilities to identify a network vulnerability of the smart device that can be exploited by the processor by identifying a setting with a similar vulnerable status in the database;
  
  determine a repair action for repairing the at least one network vulnerability associated with at least one setting of the smart device based on the setting with the similar vulnerable status in the database; and
  
  transmit instructions to the smart device to perform the repair action wherein the repair action comprises adjusting the setting of the smart device by making changes in the configuration file.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8, wherein the at least one device is the router, the processor is further configured to:
    - access an interface of the smart device by obtaining a web page and parsing elements of the web page, wherein the web page contains the settings of the smart device; and
      
      use the interface to obtain the settings of the smart device.
  - 10. The system of claim 8, wherein the processor is further configured to:
    - change a value in the configurations file corresponding to the at least one network vulnerability associated with the at least one setting of the at least one smart device.
  - 11. The system of claim 9, wherein the processor is further configured to transmit instructions to the at least one smart device for repairing the at least one network vulnerability by adjusting the setting through the interface of the at least one smart device, wherein the processor is further configured to:
    - modify the web page using the document object model to select a control element corresponding to at least one setting of the smart device.
  - 12. The system of claim 8, wherein the processor is further configured to:
    - access a second smart device by performing at least one of obtaining web access to the second smart device, accessing the second smart device through a file transfer by a network address of the second smart device in the data network;
      
      accessing the second smart device through a remote administration protocol, and accessing the second smart device by a secure shell protocol.
  - 13. The system of claim 8, wherein the processor is further configured to transmit the broadcast request through the data network by transmitting the broadcast request to the router that redirects the request to a plurality of smart devices communicatively coupled to the data network via the router.
  - 14. The system of claim 8, wherein the processor is further configured to access the smart device by one or more of:
    - obtaining web access to the smart device, accessing the smart device through a universal plug and play protocol, accessing the smart device through a file transfer by a network address of the smart device in the data network;
      
      accessing the smart device through a remote administration protocol, and accessing the smart device by a secure shell protocol.

15. A non-transitory computer readable medium storing computer executable instructions for repairing vulnerabilities of smart devices connected to a data network, including instructions for:
- transmitting a broadcast request through the data network to obtain access to a smart device;
  
  obtaining settings of the smart device by accessing a configuration file stored on the smart device, the configuration file containing settings of the smart device;
  
  comparing each of the settings of the smart device with settings of known vulnerabilities to identify a network vulnerability of the smart device that can be exploited by the processor by identifying a setting with a similar vulnerable status in the database;
  
  determining a repair action for repairing the at least one network vulnerability associated with at least one setting of the smart device based on the setting with the similar vulnerable status in the database; and
  
  transmitting instructions to the smart device to perform the repair action wherein the repair action comprises adjusting the setting of the smart device by making changes in the configuration file.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The non-transitory computer readable medium of claim 15, further including instructions for:
    - accessing an interface of the smart device by obtaining a web page and parsing elements of the web page, wherein the web page contains the settings of the smart device; and
      
      using the interface to obtain the settings of the smart device.
  - 17. The non-transitory computer readable medium of claim 15, wherein the instructions for transmitting instructions to the smart device for repairing the network vulnerability further comprises instructions for:
    - changing a value in the configurations file corresponding to the network vulnerability associated with the setting of the smart device.
  - 18. The non-transitory computer readable medium of claim 16, further including instructions for transmitting instructions to the smart device for repairing the network vulnerability by adjusting the setting through the web interface of the smart device, comprising instructions for:
    - modifying the web page using the document object model to select a control element corresponding to a setting of the smart device.
  - 19. The non-transitory computer readable medium of claim 15, further comprising instructions for:
    - accessing a second device comprises at least one of obtaining web access to the smart device, accessing the second smart device through a universal plug and play protocol, accessing the second smart device through a file transfer by a network address of the second smart device in the data network;
      
      accessing the second smart device through a remote administration protocol, and accessing the second smart device by a secure shell protocol.
  - 20. The non-transitory computer readable medium of claim 15, wherein the instructions for transmitting of the broadcast request through the data network comprises instructions for transmitting the broadcast request to a router that redirects the request to a plurality of smart devices communicatively coupled to the data network via the router.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lab A.O. Kaspersky
Original Assignee
Lab A.O. Kaspersky
Inventors
Rusakov, Vyacheslav E, Janus, Marta Anna

Granted Patent

US 10,084,812 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/577   Assessing vulnerabilities a...

H04L 41/0809   Plug-and-play configuration

H04L 63/1433   Vulnerability analysis

H04L 67/02   based on web technology, e....

H04L 67/06   specially adapted for file ...

METHOD AND SYSTEM OF REPAIRING VULNERABILITIES OF SMART DEVICES

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

1 Citation

20 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND SYSTEM OF REPAIRING VULNERABILITIES OF SMART DEVICES

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

1 Citation

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links