Patent · US Active

System and method for utilizing DHCP relay to police DHCP address assignment in ransomware protected network

US11916957B1 · kind B1 · utility

0Cited by

25References

16Claims

0Family size

Assignee

AIRGAP Networks Inc. · US

Inventors

Raymond Wing Chon Cheh · Sunnyvale, US
Chia-Chi Cheng · Taipei, TW
Satish M. Mohan · San Jose, US
Ritesh R. Agrawal · San Jose, US
Vinay Adavi · Sunnyvale, US

Key dates

Filing date	Dec 9, 2022
Grant date	Feb 27, 2024
Priority date	—
Expiry date	Dec 9, 2042

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1416
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A technique to stop lateral movement of ransomware between endpoints in a VLAN is disclosed. A security appliance is set as the default gateway for intra-LAN communication by overwriting the DHCP responses. Message traffic from compromised endpoints is detected. Attributes of ransomware may be detected in the message traffic, as well as attempts to circumvent the security appliance. Compromised devices may be quarantined. Additionally, the DHCP address assignment may be policed to ensure accuracy and correctness to provide an additional layer of security.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.