Layered two-dimensional projection generation and display
US-2016048984-A1 · Feb 18, 2016 · US
IOT device risk assessment and scoring
US11706246B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11706246-B2 |
| Application number | US-202217840234-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jun 14, 2022 |
| Priority date | Dec 12, 2018 |
| Publication date | Jul 18, 2023 |
| Grant date | Jul 18, 2023 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Techniques for establishing a risk score for Internet of Things (IoT) device parameters and acting in response thereto are disclosed. One or more data packets transmitted to or from an Internet of Things (IoT) device are analyzed to obtain event parameters. The event parameters are analyzed to determine a context of the IoT device. A behavior of the IoT device is determined based at least in part on the event parameters and the context. A progressive risk score is obtained for the IoT device. Subsequent to obtaining the progressive risk assessment score, the progressive risk assessment score is updated based at least in part on an analysis of one or more additional data packets.
First claim
Opening claim text (preview).
The invention claimed is: 1. A method, comprising: analyzing one or more data packets transmitted to or from an Internet of Things (IoT) device over a network to which the IoT device is connected to obtain event parameters; analyzing the event parameters to determine a context of the IoT device; determining behavior of the IoT device based at least in part on the event parameters and the context of the IoT device; obtaining a progressive risk assessment score for the IoT device; subsequent to obtaining the progressive risk assessment score for the IoT device, updating the progressive risk assessment score based at least in part on analysis of one or more additional data packets; and sending an alert via the network when it is determined that the progressive risk assessment score exceeds a threshold. 2. The method of claim 1 , wherein the event parameters comprise one or more of data and metadata. 3. The method of claim 1 , further comprising using a network administration engine, including a graphical user interface, to facilitate one or more of providing data to and receiving instructions from an administrator of the network to which the IoT device is connected. 4. The method of claim 1 , wherein a severity of the alert is based on one or more of priorities and rules of an administrator of the network to which the IoT device is connected. 5. The method of claim 1 , wherein the alert is a policy violation alert, a threat alert, or an incident alert. 6. The method of claim 1 , wherein the one or more data packets are correlated to an event of a particular application being executed on the IoT device. 7. The method of claim 1 , wherein the one or more data packets are analyzed using packet header analysis. 8. The method of claim 1 , wherein the one or more data packets are analyzed using deep packet inspection (DPI). 9. The method of claim 1 , further comprising using activity graphs to update the progressive risk assessment score. 10. A system, comprising: a processor configured to: analyze one or more data packets transmitted to or from an Internet of Things (IoT) device over a network to which the IoT device is connected to obtain event parameters; analyze the event parameters to determine a context of the IoT device; determine behavior of the IoT device based at least in part on the event parameters and the context of the IoT device; obtain a progressive risk assessment score for the IoT device; subsequent to obtaining the progressive risk assessment score for the IoT device, update the progressive risk assessment score based at least in part on analysis of one or more additional data packets; and send an alert via the network when it is determined that the progressive risk assessment score exceeds a threshold; and a memory coupled to the processor and configured to provide the processor with instructions. 11. The system of claim 10 , wherein the event parameters comprise one or more of data and metadata. 12. The system of claim 10 , wherein the system further includes a network administration engine that includes a graphical user interface to facilitate one or more of providing data to and receiving instructions from an administrator of the network to which the IoT device is connected. 13. The system of claim 10 , wherein a severity of the alert is based on one or more of priorities and rules of an administrator of the network to which the IoT device is connected. 14. The system of claim 10 , wherein the alert is a policy violation alert, a threat alert, or an incident alert. 15. The system of claim 10 , wherein the one or more data packets are correlated to an event of a particular application being executed on the IoT device. 16. The system of claim 10 , wherein the one or more data packets are analyzed using packet header analysis. 17. The system of claim 10 , wherein the one or more data packets are analyzed using deep packet inspection (DPI). 18. The system of claim 10 , wherein the processor is further configured to use activity graphs to update the progressive risk assessment score. 19. The system of claim 10 , wherein at least a portion of the system is implemented remotely from the IoT device. 20. A computer program product embodied on a non-transitory medium, the computer program product including instructions which, when the computer program product is executed by a computer, cause the computer to carry out a method comprising: analyzing one or more data packets transmitted to or from an Internet of Things (IoT) device over a network to which the IoT device is connected to obtain event parameters; analyzing the event parameters to determine a context of the IoT device; determining behavior of the IoT device based at least in part on the event parameters and the context of the IoT device; obtaining a progressive risk assessment score for the IoT device; subsequent to obtaining the progressive risk assessment score for the IoT device, updating the progressive risk assessment score based at least in part on analysis of one or more additional data packets; and sending an alert via the network when it is determined that the progressive risk assessment score exceeds a threshold.
Assignees
Inventors
Classifications
- H04L63/1433Primary
Vulnerability analysis · CPC title
for managing network security; network security policies in general (filtering policies H04L63/0227) · CPC title
Counter-measures against attacks; Protection against rogue devices · CPC title
Risk-dependent, e.g. selecting a security level depending on risk profiles · CPC title
Gesture-dependent or behaviour-dependent · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11706246B2 cover?
- Techniques for establishing a risk score for Internet of Things (IoT) device parameters and acting in response thereto are disclosed. One or more data packets transmitted to or from an Internet of Things (IoT) device are analyzed to obtain event parameters. The event parameters are analyzed to determine a context of the IoT device. A behavior of the IoT device is determined based at least in pa…
- Who is the assignee on this patent?
- Palo Alto Networks Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/1433. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Jul 18 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).