Who is the assignee on this patent?

Black Chuck A, Ford Daniel E, Hewlett Packard Entpr Dev Lp

What technology area does this patent fall under?

Primary CPC classification H04W12/08. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Apr 12 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Determination of spoofing of a unique machine identifier

US9313221B2 · US · B2

Patent metadata
Field	Value
Publication number	US-9313221-B2
Application number	US-201214372517-A
Country	US
Kind code	B2
Filing date	Jan 31, 2012
Priority date	Jan 31, 2012
Publication date	Apr 12, 2016
Grant date	Apr 12, 2016

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

In one embodiment, an edge network device may monitor a network service that is provided at a network service device. Information related to the monitored network service may be temporarily stored at the edge network device and transmitted to a remote network device. In one embodiment, an administrative device may compare current extracted information with stored historical information to determine if a unique machine identifier of an end user device has been spoofed.

First claim

Opening claim text (preview).

We claim: 1. A method, comprising: receiving, at an administrative device, current browsing information from an edge network device, the received current browsing information associated with a media access control (MAC) address of an end user device; sending, by the administrative device, an acknowledgment request to the end user device; determining, by the administrative device, if an acknowledgement is received from the end user device in response to the acknowledgement request; if the acknowledgement is not received at the administrative device from the end user device: determining, based on a comparison of the received current browsing information with stored historical information associated with the MAC address of the end user device, whether the MAC address of the end user device has been spoofed. 2. The method of claim 1 , wherein the current browsing information is stored in the edge network device, wherein the edge network device is a wireless access point directly connected to the end user device. 3. The method of claim 1 , wherein receiving current information from the edge network device includes: receiving current information identifying a service the end user device has accessed. 4. The method of claim 1 , wherein receiving current information from the edge network device includes: receiving current information identifying a physical location of the end user device. 5. The method of claim 1 , further comprising: performing remediation if it is determined the MAC address of the end user device has been spoofed. 6. The method of claim 5 , wherein performing remediation includes at least one of denying network access to the end user device, restricting a portion of network access to the end user device, and issuing an alert that address of the end user device has been spoofed. 7. The method of claim 1 , wherein the edge network device stores a table including a plurality of entries, wherein each entry of the plurality of entries includes browsing information uniquely associated with one of a plurality of MAC addresses. 8. The method of claim 1 , wherein each of the plurality of MAC addresses uniquely identifies one of a plurality of end user devices, wherein each of the plurality of end user devices has directly connected to the edge network device. 9. An apparatus, comprising: a memory, storing a set of instructions; and a processor, to execute the stored set of instructions, the processor to: receive, from an edge network device, current browsing information associated with a media access control (MAC) address of an end user device; send an acknowledgment to an end user device; determine whether an acknowledgement is received from the end user device in response to the acknowledgement request; if the acknowledgement is not received from the end user device: compare the current browsing information associated with the unique machine identifier to historical information associated with the MAC address of the end user device to determine, based on a result of the comparison, whether the MAC address of the end user device has been spoofed. 10. The apparatus of claim 9 , the processor further to: at least one of deny network access to the end user device, restrict a portion of network access to the end user device, and issue an alert that address of the end user device has been spoofed if it is determined that the MAC address of the end user device has been spoofed. 11. The apparatus of claim 9 , further comprising: a receiver to periodically receive information from an edge network device, the information being associated with the MAC address of the end user device. 12. The apparatus of claim 9 , wherein when the processor is to compare current information with historical information, the processor is further to determine if the comparison result exceeds a predetermined threshold thereby determining the MAC address of the end user device has been spoofed. 13. The apparatus of claim 9 , wherein the current browsing information is stored in the edge network device. 14. The apparatus of claim 9 , wherein the edge network device is a wireless access point directly connected to the end user device. 15. A non-transitory computer-readable medium, storing a set of instructions, executable by a processor, to perform a method comprising: receiving, at an administrative network device, current browsing information from an edge network device, the received current browsing information associated with a media access control (MAC) address of an end user device; sending, by the administrative network device, an acknowledgment request to the end user device; determining, by the administrative network device, if an acknowledgement is received from the end user device in response to the acknowledgement request; if the acknowledgement is not received at the administrative network device from the end user device: determining, based on a comparison of the received current browsing information with stored historical information associated with the MAC address of the end user device, whether the MAC address of the end user device has been spoofed. 16. The non-transitory computer-readable medium of claim 15 , wherein the current browsing information is stored in the edge network device. 17. The non-transitory computer-readable medium of claim 15 , wherein the edge network device is a wireless access point directly connected to the end user device. 18. The non-transitory computer-readable medium of claim 15 , wherein the edge network device stores a table including a plurality of entries, wherein each entry of the plurality of entries includes browsing information uniquely associated with one of a plurality of MAC addresses. 19. The non-transitory computer-readable medium of claim 18 , wherein each of the plurality of MAC addresses uniquely identifies one of a plurality of end user devices, wherein each of the plurality of end user devices has directly connected to the edge network device.

Assignees

Inventors

Classifications

H04W12/08Primary
Access security · CPC title
H04L43/10
Active monitoring, e.g. heartbeat, ping or trace-route · CPC title
H04L63/1466
Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks · CPC title
H04L63/1425Primary
Traffic logging, e.g. anomaly detection · CPC title
H04W12/12
Detection or prevention of fraud · CPC title

Patent family

Related publications grouped by family.

View patent family 48905662

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US9313221B2 cover?: In one embodiment, an edge network device may monitor a network service that is provided at a network service device. Information related to the monitored network service may be temporarily stored at the edge network device and transmitted to a remote network device. In one embodiment, an administrative device may compare current extracted information with stored historical information to deter…
Who is the assignee on this patent?: Black Chuck A, Ford Daniel E, Hewlett Packard Entpr Dev Lp
What technology area does this patent fall under?: Primary CPC classification H04W12/08. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Apr 12 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).