Processing

Please wait...

Settings

Settings

Goto Application

1. WO2020136635 - METHOD AND SYSTEM FOR IDENTIFYING VULNERABILITY LEVELS IN DEVICES OPERATED ON A GIVEN NETWORK

Publication Number WO/2020/136635
Publication Date 02.07.2020
International Application No. PCT/IL2019/051356
International Filing Date 11.12.2019
IPC
H04L 29/08 2006.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
29Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/-H04L27/136
02Communication control; Communication processing
06characterised by a protocol
08Transmission control procedure, e.g. data link level control procedure
H04L 29/06 2006.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
29Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/-H04L27/136
02Communication control; Communication processing
06characterised by a protocol
G06F 21/60 2013.01
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
60Protecting data
CPC
G06F 21/577
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
577Assessing vulnerabilities and evaluating computer system security
H04L 63/14
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
14for detecting or protecting against malicious traffic
H04L 63/1433
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
14for detecting or protecting against malicious traffic
1433Vulnerability analysis
H04L 63/1441
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
14for detecting or protecting against malicious traffic
1441Countermeasures against malicious traffic
H04L 63/145
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
14for detecting or protecting against malicious traffic
1441Countermeasures against malicious traffic
145the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
H04L 63/20
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
20for managing network security; network security policies in general
Applicants
  • TARTICO LTD [IL]/[IL]
Inventors
  • HAYMAN, Meir
  • LAVI, Kfir
  • ABU-YITZHAK, Nitzan
Priority Data
26395825.12.2018IL
Publication Language English (EN)
Filing Language English (EN)
Designated States
Title
(EN) METHOD AND SYSTEM FOR IDENTIFYING VULNERABILITY LEVELS IN DEVICES OPERATED ON A GIVEN NETWORK
(FR) PROCÉDÉ ET SYSTÈME D'IDENTIFICATION DE NIVEAUX DE VULNÉRABILITÉ DANS DES DISPOSITIFS EXPLOITÉS SUR UN RÉSEAU DONNÉ
Abstract
(EN)
The present invention discloses a method operable by a discovery system comprising at least one computerized device connected to an internet-protocol based network, the computerized device configured to operate a scan on a range of internet-protocol addresses and detect open ports available for communication. The discovery system is configured to generate an open port list denoted as first open port list of the open ports available for communication in the given range of the internet-protocol addresses and send request headers over an application protocol to at least one port of the ports in the first open port list and receive response headers comprising header fields from open ports available for communication in the range of internet-protocol addresses. The discovery system may be configured to utilize the header fields in a preconfigured data structure to identify device types, associate a test reference to the device type and preform the test accordingly to communicate with the identified open ports and determine vulnerability levels according to the test results.
(FR)
La présente invention concerne un procédé pouvant être exécuté par un système de découverte comprenant au moins un dispositif informatisé connecté à un réseau basé sur un protocole internet, le dispositif informatisé étant configuré pour exécuter un balayage sur une plage d'adresses de protocole internet et détecter des ports ouverts disponibles pour une communication. Le système de découverte est configuré pour générer une liste de ports ouverts désignée en tant que première liste de ports ouverts des ports ouverts disponibles pour une communication dans la plage donnée des adresses de protocole internet, envoyer des en-têtes de demande sur un protocole d'application à au moins l'un des ports de la première liste de ports ouverts, et recevoir des en-têtes de réponse contenant des champs d'en-tête en provenance de ports ouverts disponibles pour une communication dans la plage d'adresses de protocole internet. Le système de découverte peut être configuré pour utiliser les champs d'en-tête dans une structure de données préconfigurée pour identifier des types de dispositifs, associer une référence de test au type de dispositif et façonner le test en conséquence pour communiquer avec les ports ouverts identifiés et déterminer des niveaux de vulnérabilité d'après les résultats de test.
Latest bibliographic data on file with the International Bureau