Patent · US Active

System and method for preventing lateral propagation of ransomware using a security appliance that functions as a DHCP relay on a shared network

US11303673B1 · kind B1 · utility

12Cited by

7References

20Claims

0Family size

Assignee

AIRGAP Networks Inc. · US

Inventors

Ritesh R. Agrawal · San Jose, US
Vinay Adavi · Sunnyvale, US
Satish M. Mohan · San Jose, US

Key dates

Filing date	Oct 8, 2021
Grant date	Apr 12, 2022
Priority date	—
Expiry date	Oct 8, 2041

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/0245
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A technique to stop lateral movement of ransomware between endpoints in a VLAN is disclosed. A security appliance is set as the default gateway for intra-LAN communication by overwriting the DHCP responses. Message traffic from compromised endpoints is detected. Attributes of ransomware may be detected in the message traffic, as well as attempts to circumvent the security appliance. Compromised devices may be quarantined.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.