Patent · US Active

System and method to detect lateral movement of ransomware by deploying a security appliance over a shared network to implement a default gateway with point-to-point links between endpoints

US11171985B1 · kind B1 · utility

12Cited by

4References

21Claims

0Family size

Assignee

AIRGAP Networks Inc. · US

Inventors

Ritesh R. Agrawal · San Jose, US
Vinay Adavi · Sunnyvale, US
Satish M. Mohan · San Jose, US

Key dates

Filing date	Jun 24, 2021
Grant date	Nov 9, 2021
Priority date	—
Expiry date	Jun 24, 2041

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1416
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A technique to stop lateral movement of ransomware between endpoints in a VLAN is disclosed. A security appliance is set as the default gateway for intra-LAN communication. Message traffic from compromised endpoints is detected. Attributes of ransomware may be detected in the message traffic, as well as attempts to circumvent the security appliance. Compromised devices may be quarantined.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.