System and method for identifying exploitable weak points in a network
US9043920B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Oct 17, 2012 |
| Grant date | May 26, 2015 |
| Priority date | — |
| Expiry date | Apr 3, 2033 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L41/12
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
The system and method described herein may leverage passive and active vulnerability discovery to identify network addresses and open ports associated with connections that one or more passive scanners observed in a network and current connections that one or more active scanners enumerated in the network. The observed and enumerated current connections may be used to model trust relationships and identify exploitable weak points in the network, wherein the exploitable weak points may include hosts that have exploitable services, exploitable client software, and/or exploitable trust relationships. Furthermore, an attack that uses the modeled trust relationships to target the exploitable weak points on a selected host in the network may be simulated to enumerate remote network addresses that could compromise the network and determine an exploitation path that the enumerated remote network addresses could use to compromise the network.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.