Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

Advanced Endpoint Security Advisor (AESA)

IP.com Disclosure Number: IPCOM000250629D
Publication Date: 2017-Aug-10
Document File: 4 page(s) / 220K

Publishing Venue

The IP.com Prior Art Database

This text was extracted from a Microsoft Word document.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 45% of the total text.

Advanced Endpoint Security Advisor (AESA)

Abstract

Disclosed is an automated intelligent web crawler system that gathers information in real time about cyber security threats and then uses that information as input to vulnerability/penetration test tools. This solution is aimed to simplify and enhance the security process to reduce the risk of cyber threats.

Many vulnerable devices, such as traffic lights, point-of-sales (POS) systems, and supervisory control and data acquisition (SCADA) systems are often not protected with the same standards as more mainstream devices within an organization (e.g., computers, cell phones, etc.) through patching or antivirus. Perhaps these devices came with proprietary operating software. The most common method for removing this exposure to external attacks is a manual vulnerability check of the devices. If an organization has thousands of devices (e.g., a local government or company), proper protection becomes difficult or impossible; leaving devices highly vulnerable to cyber-attack.
The novel contribution is the Advanced Endpoint Security Advisor (AESA). This is an automated intelligent web crawler system that gathers information in real time about cyber security threats based on predefined profiles that serve as inputs to vulnerability/penetration test tools and any other cyber security system.

The system comprises:

·         A dynamic/social database of common usernames/passwords based on the latest reports, attacks, news, and dictionaries

·         A classification module for user/password pairs, basing relevance/priority on recent attacks, latest dictionaries published, latest password lists, etc.

·         A system that provides alerts to system admins when a weak (generic) password is detected on any device of the network

·         Lists of default username/password pairs, lists of common weak passwords; available on a plurality of web resources

The outputs of this system can be used to:

·         Gather cyber security intelligence, which helps during the decision-making process in terms of Cyber security

·         Feed automated password compliance tools

·         Improve data for awareness campaigns by helping identify new threats and risks associated with weak passwords and the most common passwords used by attackers

·         Build a database of default user/passwords that enables companies to have an updated list of the default username/password pairs within their infrastructure, allowing the organization to find and fix these unsecure username/password pairs before an attacker can exploit the vulnerability

Figure: System components

Diagram narrative and process flow:

1.    Internet: a reference of one of the inputs used by the system

2.    Configuration DB: stores all the information regarding the settings of the entire system

3.    User Manual Input Module: as a cognitive system, the system needs expert human inputs to fine-tune the system. This module handles this kind of input from expert users to improve the cognition of the system.

4.    Internet Sources DB...