System and method for assessing vulnerability of a mobile device

Description

TECHNICAL FIELD

This invention relates generally to the mobile security field, and more specifically to a new and useful system and method for assessing vulnerability of a mobile device in the mobile security field.

BACKGROUND

As mobile devices become increasingly ubiquitous, users are beginning to store sensitive information, perform financial transactions, and take other actions that are normally done on non-mobile computing platforms. This type of activity makes mobile devices an attractive target to malicious parties who may wish to compromise the security of a user's mobile device to steal data, snoop on a user's communication, or perform some other type of fraudulent actions. Therefore, the security of the mobile device (including both its hardware and software platform) is becoming increasingly important. Traditional approaches to mobile device software security often involve adopting the antivirus from non-mobile computing platforms, where installed applications and files are scanned locally on the device using signatures and heuristics to determine whether malicious applications or files may be present. However, the environment of mobile devices is where devices are less powerful have limited battery lives. Additionally, user behavior on mobile devices is different where users frequently install new applications. The number of malicious apps is unlimited, and thus, attempting to detect and prevent malicious code is unreasonable for the mobile hardware/software environment. Thus, there is a need in the mobile security field to create a new and useful system and method for assessing vulnerability of a mobile device. This invention provides such a new and useful system and method.

BRIEF DESCRIPTION OF THE FIGURES

FIG. 1 is a schematic representation of a system of a first preferred embodiment of the invention;

FIG. 2 is a schematic representation depicting a multitenant application of a system of a first preferred embodiment of the invention;

FIGS. 3-4 are schematic representations of methods of preferred embodiments of the invention;

FIG. 5 is a detailed schematic representation of alternative variations of a Vulnerability Assessment Component of a preferred embodiment of the invention; and

FIG. 6 is a detailed schematic representation of alternative variations of a analysis cloud service of a preferred embodiment of the invention.

DESCRIPTION OF THE PREFERRED EMBODIMENTS

The following description of the preferred embodiments of the invention is not intended to limit the invention to these preferred embodiments, but rather to enable any person skilled in the art to make and use this invention.

The system and method for assessing vulnerability of a mobile device of the preferred embodiments employ an analysis cloud service to provide vulnerability assessment to mobile devices. The system and method primarily function to identify software components or files on a mobile computing device that contain vulnerabilities that may be leveraged by malicious parties to attack the mobile device or software of the mobile device. While the approaches of some mobile security solutions simply attempt to identify malicious software on the mobile device, the system of the preferred embodiment can securely and in a scalable manner identify components that may be leveraged by malicious entities. A vulnerability assessment can preferably identify vulnerabilities in legitimate software that may be exploited by malicious applications or attackers, as opposed to just identifying existing malicious applications installed on the mobile device as traditional mobile security software does. On many mobile devices, there are often app ecosystems that promote the installation of numerous applications. The system and method preferably uses the distributed vulnerability assessments to target a bounded number of security issues as opposed to combating a constantly evolving and growing number of malicious code. Additionally, the analysis cloud service can facilitate the heavyweight processing that some vulnerability assessment techniques may require, which can alleviate mobile devices from these processing tasks. Vulnerability assessment also facilitates identifying security fixes in the mobile computing landscape which has numerous stake holders including maintainers of mobile OS's, device firmware developers, carriers configuring device and various developers for libraries and applications. The system and method of a preferred embodiment is preferably employed for mobile devices. Here mobile devices may include mobile phones, tablet computers, gaming devices, TV-computer devices, GPS devices, or any suitable computing device.

A System for Assessing Vulnerability of a Mobile Device

As shown in FIG. 1, a system for assessing vulnerability of a mobile device of a preferred embodiment includes an analysis cloud service 110 and a Vulnerability Assessment Component (VAC) of a mobile computing device 120. The analysis cloud service may additionally include cloud-based storage system 1114 and a platform control interface 1116. As described above the system of the preferred embodiment functions to identify software components or files on a mobile computing device that contain vulnerabilities that may be leveraged by malicious parties to attack the mobile device or software of the mobile device. The system is preferably configured such that the analysis cloud service may provide vulnerability assessment to a large number of mobile computing devices as shown in FIG. 2. As exemplary applications, this system may be deployed for use on carrier devices or within a collection of devices managed by a corporate IT department. The use of an analysis cloud service to facilitate vulnerability assessment additionally preferably enables the system to be used by a wide variety of devices. Updates can preferably be easily and quickly made to the analysis cloud service, and mobile devices utilizing a VAC can instantly benefit from up-to-date vulnerability information.

The analysis cloud service 110 of the preferred embodiment functions to remotely analyze and assess the vulnerability of a plurality of mobile devices that utilize the service. The analysis cloud service 110 is preferably a network-based service. The analysis cloud service 110 is preferably a software component running on a server that is accessible to the mobile device via the network. Such a network may be public or private in nature, and the analysis cloud service 110 may communicate with the VAC using any variety of protocols using any type of network interface deemed appropriate. The analysis cloud service 110 is preferably configured to scale within a cloud computing environment to meet large volumes of vulnerability requests. The analysis cloud service 110 is tasked with receiving vulnerability assessment requests from a VAC, using the information in the request to identify vulnerabilities using one of its analysis engines 112, and returning the result back to the VAC over the network or through any suitable means. The analysis cloud service may additionally include a vulnerability storage system 114 to facilitate the detection and analysis of vulnerability in a plurality of devices. In another alternative embodiment, the analysis cloud service may be communicatively coupled with a platform control interface 116 that can provide vulnerability assessment response control or informational statistics.

The analysis engine 112 of the analysis cloud service 110 of a preferred embodiment functions to process and assess whether a vulnerability is present in an operable object on a mobile device. The analysis engine 112 may implement any number of algorithms or heuristics to perform a vulnerability assessment. For known vulnerabilities, the analysis engine 112 may have certain patterns it can identity in an operable object to determine whether the vulnerability is present. As most vulnerabilities present themselves in software code, the analysis engine may disassemble an operable object and analyze underlying machine code to determine whether a vulnerability is present or not. For unknown vulnerabilities, the analysis engine 112 may employ heuristics to identify more general weaknesses that may be representative of a class of vulnerabilities, rather than attempting to identify a specific vulnerability. Any number of analysis engines 112 or routines may be present in the analysis cloud service 110. As an example, the analysis engine 112 may include algorithms and heuristics to identify privilege escalation vulnerabilities such as bugs allowing a device to be rooted (e.g., ASHMEM vulnerability), neglecting to check if messages are from a trusted source (e.g., Exploid or Gingerbreak vulnerability), privilege levitating (e.g., Levitator vulnerability), writing to arbitrary memory address space (e.g., Mempodroid vulnerability), overwhelming a system with command arguments (e.g., Android ZergRush vulnerability), neglecting to check return values enabling root shells (e.g., Zimperlich vulnerability), and/or any suitable vulnerability or exploits.

The vulnerability storage system 114 of a preferred embodiment functions to store vulnerability assessment results and any related metadata. The vulnerability storage system 114 is preferably communicatively coupled to the analysis cloud service 110. Data of the vulnerability storage system 114 may additionally be indexed by cryptographic hashes or signatures of operable objects or identifiers. This functions to enable vulnerability assessments to be cached and quickly delivered to a mobile device while avoiding reprocessing similar or duplicate operable objects. This has unique benefits for a multitenant analysis cloud service 110, and can result in considerable processing savings. The vulnerability storage system 114 may additionally store data that may be used by the platform control interface 116 to provide statistical data for one or more mobile devices.

The platform control interface 116 of a preferred embodiment functions to provide a control interface for global management over at least a subset of the mobile devices using the analysis cloud service 110. The platform control interface 116 in one variation provides statistical and infographic reports based on the vulnerability assessment of a plurality of devices. For example, a company could see the vulnerability assessment for all devices used by employees. An IT department of the company would then be empowered to make decisions about how to update their mobile IT infrastructure to ensure the mobile security of their employees. Additionally or alternatively, the platform control interface 116 may be used to control devices. The platform control interface 116 may additionally or alternatively provide functionality for a user to initiate pushing patches or any suitable device updates to a mobile device or devices.

The vulnerability assessment component (VAC) 120 of a preferred embodiment functions to facilitate communicating required information from a mobile device to the analysis cloud service 110. The VAC 120 is preferably a software agent installed on a mobile device that collects software objects to be assessed and transmits vulnerability assessment requests to the analysis cloud service 110. The VAC 120 additionally can receive the vulnerability assessments and depending on the application present the vulnerability assessment result to a user, provide the assessment to an application, automatically initiate patching a vulnerability, or take any suitable action. As many vulnerability assessment techniques may be computationally heavyweight, the VAC 120 preferably off-loads these tasks to the analysis cloud service 110. The VAC 120 may be built into the mobile software platform itself, installed as a third-party app by the user of the mobile device, or delivered via any other mechanism available to execute software on the mobile device.

The VAC 120 preferably compiles information about operable objects on the mobile device. An operable object is preferably an entity upon which the vulnerability assessment is being performed. The operable object is a software entity, which can include a system component, a mobile application, a data file, or any other logical or physical collection of data. Vulnerabilities are typically present in software code, so in most cases the operable object would be some executable code used by the mobile software platform that is suspected to have a known or unknown vulnerability present. The information on the operable object is preferably compiled into an object identifier. The object identifier is preferably a direct identifier such as copy of the code or segment of code from the operable object, but the object identifier may be file or executable name, a version number or ID, a configuration file, a hash or signature generated from the operable object, any alternative references to the data object, or any suitable data that may be used to identify the operable object.

A Method for Assess Vulnerability of a Mobile Device

As shown in FIG. 3, method for assessing vulnerability of a mobile device of preferred embodiment includes at a remote analysis cloud service, receiving at least one vulnerability assessment request that includes an object identifier for an operative object of a mobile computing device block S210; identifying a vulnerability assessment associated with the identifier of the operative object block S220; and communicating the identified vulnerability assessment to the mobile computing device block S230. As described above, the method of a preferred embodiment functions to identify software components or files on a mobile computing device that may contain vulnerabilities that can be leveraged by malicious parties to attack the mobile device or software of the mobile device. Preferably, the method is additionally adapted for implementing vulnerability assessment for a plurality of mobile devices. In this alternative embodiment, a plurality of vulnerability assessment requests are received at the analysis cloud service, and correspondingly, vulnerability assessments may be identified and communicated to the associated mobile devices. This multitenant alternative preferably includes storing identified vulnerability assessments in a cloud based storage system as described below.

Block S210, which includes at a remote analysis cloud service, receiving at least one vulnerability assessment request that includes an object identifier for an operative object of a mobile computing device, functions to obtain the data needed to perform a vulnerability assessment on behalf of a mobile device. The vulnerability assessment request originates from a mobile computing device and received over a network. The network communication may use any suitable network interface protocol. Vulnerability requests may be received from a plurality of devices. A vulnerability assessment request preferably includes at least one object identifier for an operative software object of a mobile computing device. The object identifier is preferably a copy or segment of code from the software of the operable object. The object identifier may alternatively be an application identifier or version number, data name, a version number or ID, a configuration file, the code or segment of code from the operable object, a hash or signature generated from the operable object, or any suitable data that may be used to identify the operable object.

Block S220, which includes identifying a vulnerability assessment associated with the identifier of the operative object, functions to determine if a potential vulnerability or weakness is present in an operable object of a mobile device. An analysis engine or any suitable component of the analysis cloud service preferably performs the processing on the object identifier. Preferably, identifying a vulnerability includes disassembling the executable code into native machine code and detecting unpatched vulnerabilities. For example, a file such as the volume manager file may be disassembled into its native machine code and analyzed to determine whether a known vulnerability, such as the gingerbreak vulnerability for Android devices, has been patched. Code analysis routines can preferably be developed and deployed to the analysis cloud service at any suitable time, which enables the analysis cloud service to provide current vulnerability assessment to all devices at the time of their vulnerability assessment. Alternatively or additionally, identifying a vulnerability may include querying a map of object identifiers to vulnerability assessments. For example, the version number of software may have been included as the object identifier, and that object identifier may be used to look up a known vulnerability assessment. More preferably, a cryptographic hash of a code segment may be used to query a storage system for an assessment previously calculated for the code segment. The analysis cloud service preferably includes a combination of approaches to identify a vulnerability.

Block S230, which includes communicating the identified vulnerability assessment to the mobile computing device, functions to return the analysis result and any other relevant metadata from the cloud service back to the mobile device over the network. If a vulnerability is identified, a parameter is preferably set in the response to the mobile device to indicate the vulnerability. Additional vulnerability information or data may additionally or alternatively be compiled, such as the appropriate patch or executable code to run on the machine to fix the executable, a link to an online resource to find an appropriate patch, contact information for the entity responsible for patching the vulnerability, or any suitable information about the vulnerability. In some variations, the analysis cloud service may send a response to the vulnerability assessment request that requests a second object identifier from the VAC. For example, in an initial request, the VAC may transmit an object identifier only including the version number. If this version number is determined by the analysis cloud service to be insufficient to determine the vulnerability status of the device, the VAC may be asked to transmit a code segment as the object identifier.

Additionally, the method of the preferred embodiment may include at a vulnerability assessment component (VAC) operable on the mobile device, compiling at least one object identifier for the vulnerability assessment request block S240; and communicating the vulnerability assessment request to the analysis cloud service block S250 as shown in FIG. 4. Blocks S240 and S250 function to collect information needed to assess vulnerability of a mobile device and transmit the information from the mobile device to the analysis cloud service. The VAC is preferably substantially similar to the VAC described above. The VAC may be an application, a component integrated and used by an application, a component used by an OS, or any suitable object operable on the mobile device. The vulnerability assessment request transmitted from the VAC preferably corresponds to the vulnerability assessment request received at the analysis cloud service. Thus, blocks S240 and S250 are preferably performed prior to the analysis cloud service receiving the vulnerability assessment request.

A vulnerability assessment process is preferably initiated on the mobile device by a user, but a vulnerability assessment process may be scheduled, automatically initiated, initiated through an API, initiated by the analysis cloud service, or initiated in any suitable manner. In one variation, the VAC may trigger a vulnerability assessment request without requiring the user to request it. For example, the analysis cloud service or a third-party service may communicate with the VAC on the mobile device to initiate a vulnerability assessment without any user interaction on the mobile device.

The VAC may seek out and collect an operable object from the software that makes up the mobile platform and applications and prepare the object for transmission to the analysis cloud system. For example, an executable file that implements a system service of the mobile platform that is suspected to be vulnerable to a known exploit can be collected by the VAC. The aforementioned file may be transmitted in the request to the analysis cloud service along with other identifying details or metadata about the device, file, or request. As described, the object identifier may include a portion of executable code. In a variation of the embodiment described above, the VAC may send an alternate or compact form of the operable object to be analyzed by the CS. For example, this alternate form could be a summary, cryptographic hash, version number, or other identifier that results in a more efficient transmission of the object identifier to the analysis cloud service instead of transmitting the full operable object. The analysis cloud service may use this compact representation to avoid unnecessary or duplicate analysis. For example, a cryptographic hash of an operable object may be sent to the analysis cloud service by the VAC; the VAC can check whether that operable object has already been analyzed by looking up the hash in a vulnerability storage system; if the object has been analyzed, the result can be immediately returned; if not, the analysis cloud service can request that the VAC send the full Object and perform its usual analysis routines on the Object. In one variation, a plurality of object identifiers are included in a vulnerability assessment request. The plurality of object identifiers may include executable code segments, device identifiers, and software version identifiers, and/or any suitable identifiers.

A vulnerability assessment request may be for a single vulnerability check but may alternatively be for multiple vulnerability checks. For example, communicating the vulnerability assessment request may include multiplexing a plurality of vulnerability assessment requests into a single communication to the remote analysis cloud service; and wherein receiving at least one vulnerability assessment request at the analysis cloud service includes demultiplexing a vulnerability assessment request into a plurality of vulnerability assessment requests. This batched transmission functions for more efficient use of the mobile device's network radio. While at least one of the assessment request includes an object identifier for which a vulnerability assessment is required, extraneous, faked, or otherwise superfluous vulnerability assessment requests may be made. The superfluous requests function to misdirect any attempts to reverse engineer the vulnerability assessment process by a malicious party.

Alternatively or additionally, a method of a preferred embodiment may include at the VAC, performing at least a partial vulnerability assessment prior to communicating the vulnerability assessment request to the cloud service S260 as shown in FIG. 5. Certain analysis routines may be performed on the mobile device by the VAC instead of being performed on the analysis cloud service. These analysis routines may be bundled with the VAC initially, updated periodically from the analysis cloud service, or pushed down from the analysis cloud service to the VAC at the time a vulnerability assessment is requested or triggered. Preferably, the VAC will initially contact the analysis cloud service, and the analysis cloud service will return an executable probe to the VAC. The executable probe is preferably a script, application, and/or file facilitating an at least partial vulnerability assessment performed on the mobile device. The executable probe may identify the presence of a vulnerability or alternatively collect information indicative of a vulnerability that may be subsequently used by the analysis cloud service. The result of the test of the executable probe is preferably communicated to the analysis cloud service as an object identifier of a vulnerability assessment request. Similarly, a cache of object identifiers or hashes of object identifiers may be stored locally on the device, and vulnerability assessments may initially be checked on the mobile device before sending a vulnerability request to the analysis cloud service.

Additionally, a method of a preferred embodiment may include performing some action based on the result of the analysis that was submitted block S270 as shown in FIG. 5. Such an action may include notifying the user of a potential vulnerability, giving the user additional information on the origin of the vulnerability and how it may be mitigated, notifying a third-party service about the presence of the vulnerability on the user's mobile platform, or even automatically patching the vulnerability or taking further action that may limit the risk of the vulnerability's presence. For example, a banking application may want to ensure that the mobile device is not vulnerable to particular attacks during particular transactions. The method for assessing vulnerability of a mobile device may be performed and the resulting vulnerability assessment may be appended to a transaction as a qualifier for the transaction. When automatically patching a vulnerability, a vulnerability patch is preferably included or referenced in the vulnerability assessment response from the analysis cloud service. The vulnerability patch may be automatically installed or may alternatively require user interaction to complete installation of the vulnerability patch.

Additionally, a method of a preferred embodiment may include the use of a vulnerability storage system to facilitate vulnerability identification. The vulnerability storage system is preferably a database, but may alternatively be a memory cache or any suitable storage system. Preferably, a cloud based storage system stores identified vulnerability assessments according to the associated object identifier block S280 as shown in FIG. 6. The cloud based storage system may be a component of the analysis cloud service, but may alternatively be any suitable storage component. A cryptographic hash of the vulnerability assessment or other sufficiently unique identifier may be used to lookup and store the results in the cache. The vulnerability storage system can preferably be used as a cache to avoid performing unnecessary duplicate analysis for various operable objects that have been previously submitted and analyzed. For example, a VAC may submit a code segment of an operable object from Alice's device for analysis, which the analysis cloud service will analyze and store the result in the vulnerability storage system. If a VAC on Bob's mobile device submits an identical code segment later, the CS can avoid re-running a potentially expensive analysis and simply lookup the existing result and return it immediately. In an alternative variation of the above example, a VAC of Alice's device calculates a cryptographic hash of the code segment. This hash is initially sent to the analysis cloud service. Assuming this code segment has never been analyzed, the analysis cloud service sends a response requesting the code segment. Alice's VAC then transmits the code segment as the object identifier. The analysis cloud service will analyze and store the result in the vulnerability storage system using the hash as a key. On Bob's mobile device, the VAC also generates a hash of the code segment and initially transmits the hash to the analysis cloud service. In this example, the code segments (and thus the hashes) of Alice and Bob are identical. The analysis cloud service uses the hash to find the results calculated from Alice's vulnerability assessment. These results are sent to Bob's device. Analysis of the code segment from Bob was never processed directly because the result had been collected from another device.

In a variation of the embodiment described above, the VAC can authenticate itself to the CS in order to verify the identity of the mobile devices sending requests and also uniquely identify those devices for statistical trending, inventory, or other tracking purposes. The VAC may be seeded with some unique identifiers (IMEI, IMSI, hardware IDs, etc) and keys with which to cryptographically sign requests (eg. HMAC-SHA1, RSA, etc) to the CS.

Additionally, a method of a preferred embodiment may include at a platform control interface communicatively coupled to the analysis cloud service, compiling a mapping of identified vulnerability and associated object identifiers stored in the cloud based storage system and generating collective vulnerability data for the plurality of mobile computing devices block S290 as shown in FIG. 6. The vulnerability data preferably provides insight into overall statistics of mobile devices that use the analysis cloud service. This vulnerability data may additionally be segmented according to particular devices. For example, a company with employee issued phones may be able to view data on the vulnerability of all employee-issued phones in a single interface. The platform control interface may additionally be used for device management. At the platform control interface, the method may include pushing a vulnerability fix to the at least one mobile device in response to generated collective vulnerability data, collecting vulnerability assessments from one or more mobile devices, or remotely initiating any suitable action within the vulnerability assessment system.

An alternative embodiment preferably implements the above methods in a computer-readable medium storing computer-readable instructions. The instructions are preferably executed by computer-executable components preferably integrated with an analysis cloud service and/or a Vulnerability Assessment Component. The computer-readable medium may be stored on any suitable computer readable media such as RAMs, ROMs, flash memory, EEPROMs, optical devices (CD or DVD), hard drives, floppy drives, or any suitable device. The computer-executable component is preferably a processor but the instructions may alternatively or additionally be executed by any suitable dedicated hardware device.

As a person skilled in the art will recognize from the previous detailed description and from the figures and claims, modifications and changes can be made to the preferred embodiments of the invention without departing from the scope of this invention defined in the following claims.

Claims

1. A method for assessing vulnerability associated with a computing device comprising: receiving a vulnerability assessment request;in response to receiving the vulnerability assessment request, performing at a remote cloud service a vulnerability assessment of an operative object of a computing device, wherein the operative object includes executable code and is operable on the computing device, wherein the vulnerability assessment request includes an object identifier of the operative object, and wherein the object identifier includes a subset of executable code from the operative object; andidentifying the vulnerability assessment of the operative object associated with the object identifier, comprising: disassembling the subset of executable code of the object identifier into native machine code, anddetecting unpatched vulnerabilities in the native machine code.
2. The method of claim 1, wherein the vulnerability assessment request further includes at least one additional superfluous or extraneous object identifier.
3. The method of claim 2, wherein: the computing device is a mobile computing device remotely located from the remote cloud service,the vulnerability assessment request originates from the mobile computing device,the operative object is operable on the mobile computing device, and wherein the method further comprises communicating, from the remote cloud service to the mobile computing device, the vulnerability assessment of the operative object associated with the object identifier.
4. The method of claim 1, further comprising: receiving at least one additional superfluous vulnerability assessment request.
5. The method of claim 1, further comprising: compiling, using a vulnerability assessment component (VAC), at least one object identifier for the vulnerability assessment request.
6. The method of claim 5, wherein compiling the at least one object identifier for the vulnerability assessment request includes compiling at least one additional superfluous object identifier.
7. The method of claim 6, further comprising the VAC initiating installation of a vulnerability patch to relevant vulnerabilities identified in the vulnerability assessment results.
8. The method of claim 5, wherein compiling the at least one object identifier for the vulnerability assessment request includes compiling at least one additional extraneous or faked object identifier.
9. The method of claim 5, further comprising: compiling at least one additional superfluous vulnerability assessment request.
10. The method of claim 5, wherein the at least one compiled object identifier is a plurality of object identifiers that includes an executable code segment, a device identifier, and component version identifier.
11. The method of claim 5, further comprises: communicating the identified vulnerability assessment to the computing device, wherein communicating the identified vulnerability assessment includes multiplexing a plurality of vulnerability assessment requests into a single communication to the remote cloud service; andreceiving at least one vulnerability assessment request at the remote cloud service includes demultiplexing a vulnerability assessment request into a plurality of vulnerability assessment requests.
12. The method of claim 5, further comprising: at the VAC, receiving an executable probe; andperforming at least a partial vulnerability assessment according to the executable probe prior to communicating the vulnerability assessment request to the cloud service.
13. The method of claim 12, wherein performing at least a partial vulnerability assessment includes checking a cache of vulnerability assessments.
14. The method of claim 5, wherein the VAC is a standalone application controlled by a user.
15. The method of claim 5, wherein the VAC is a component integrated into an application of the computing device; and further comprising communicating the identified vulnerability assessment from the VAC to the application of the computing device.
16. The method of claim 1, wherein detecting unpatched vulnerabilities includes detecting privilege escalation vulnerabilities.
17. A method for assessing vulnerability of a mobile device, comprising: receiving, at a remote cloud service, a plurality of vulnerability assessment requests, wherein a vulnerability assessment request includes at least one object identifier for an operative object of a mobile computing device, wherein the operative object includes executable code and is operable on the mobile computing device, and wherein the object identifier includes a subset of executable code from the operative object; andin response to receiving the plurality of vulnerability assessment requests, for each vulnerability assessment request of the plurality of vulnerability assessment requests, performing, at the remote cloud service, a vulnerability assessment of the operative object of the vulnerability assessment request, andidentifying the vulnerability assessment associated with the object identifier of the operative object, comprising: disassembling the subset of executable code of the object identifier into native machine code, anddetecting unpatched vulnerabilities in the native machine code.
18. The method of claim 17, further comprising in a cloud based storage system, storing identified vulnerability assessments according to the associated object identifier.
19. The method of claim 18, wherein storing identified vulnerability assessments are stored according to a hash of the associated object identifier.
20. The method of claim 19, further comprising: at a vulnerability assessment component (VAC) and prior to receiving a vulnerability assessment request at the remote cloud service, compiling a hash of at least one object identifier for the vulnerability assessment request;communicating a first vulnerability assessment request including the hash to the remote cloud service; andwherein identifying vulnerability assessment includes querying the cloud based storage system for an identified vulnerability assessment associated with the hash.
21. The method of claim 18, further comprising at a platform control interface, compiling a mapping of identified vulnerability and associated object identifiers stored in the cloud based storage system and generating collective vulnerability data for the plurality of mobile computing devices.
22. The method of claim 21, further comprising at the platform control interface, pushing a vulnerability repair to the mobile computing device in response to generated collective vulnerability data.
23. The method of claim 17, further comprising: at a vulnerability assessment component (VAC) and prior to receiving a vulnerability assessment request at the remote cloud service, compiling at least one object identifier for the vulnerability assessment request and compiling at least one additional superfluous object identifier, wherein the superfluous object identifier is different from the at least one object identifier;and communicating the vulnerability assessment request to the remote cloud service.
24. A method for assessing vulnerability associated with a computing device comprising: receiving one or more vulnerability assessment requests;performing, at a remote cloud service, a vulnerability assessment of an operative object of a computing device based on the one or more vulnerability assessment requests, wherein the operative object includes executable code and is operable on the computing device, and wherein the one or more vulnerability assessment requests include: 1) an object identifier of the operative object and a superfluous object identifier, the superfluous object identifier being different than the object identifier, or2) an object identifier of the operative object and a superfluous vulnerability assessment request,wherein the object identifier of the operative object includes a subset of executable code from the operative object;determining the vulnerability assessment of the operative object associated with the object identifier, comprising: disassembling the subset of executable code of the object identifier into native machine code, anddetecting unpatched vulnerabilities in the native machine code; andcommunicating the determined vulnerability assessment.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a continuation of U.S. patent application Ser. No. 13/601,409, filed 31 Aug. 2012, which claims the benefit of U.S. Provisional Application No. 61/530,560, filed 2 Sep. 2011, and titled SYSTEM AND METHOD OF CLOUD-ASSISTED VULNERABILITY ASSESSMENT OF MOBILE DEVICES, both applications are incorporated by reference herein in their entireties.

STATEMENT OF FEDERALLY SPONSORED RESEARCH AND DEVELOPMENT

This invention was made with government support under DARPA-RA-11-52 Cyber Fast Track awarded by the Defense Advanced Research Projects Agency. The government has certain rights in the invention.

US Referenced Citations (449)

Number	Name	Date	Kind
5754763	Bereiter	May 1998	A
5838792	Ganesan	Nov 1998	A
5870723	Pare et al.	Feb 1999	A
6119096	Mann et al.	Sep 2000	A
6209091	Sudia et al.	Mar 2001	B1
6311272	Gressel	Oct 2001	B1
6662205	Bereiter	Dec 2003	B1
6694025	Epstein et al.	Feb 2004	B1
6758394	Maskatiya et al.	Jul 2004	B2
6823359	Heidingsfeld et al.	Nov 2004	B1
6934858	Woodhill	Aug 2005	B2
6956950	Kausik	Oct 2005	B2
6996716	Hsu	Feb 2006	B1
7000247	Banzhof	Feb 2006	B2
7093133	Hopkins et al.	Aug 2006	B2
7096354	Wheeler et al.	Aug 2006	B2
7107246	Wang	Sep 2006	B2
7146009	Andivahis et al.	Dec 2006	B2
7172115	Lauden	Feb 2007	B2
7213260	Judge	May 2007	B2
7331518	Rable	Feb 2008	B2
7334255	Lin et al.	Feb 2008	B2
7340600	Corella	Mar 2008	B1
7386720	Sandhu et al.	Jun 2008	B2
7447784	Eun	Nov 2008	B2
7463637	Bou-Diab et al.	Dec 2008	B2
7483384	Bryant et al.	Jan 2009	B2
7496662	Roesch et al.	Feb 2009	B1
7526792	Ross	Apr 2009	B2
7562382	Hinton et al.	Jul 2009	B2
7562385	Thione et al.	Jul 2009	B2
7571471	Sandhu et al.	Aug 2009	B2
7574733	Woodhill	Aug 2009	B2
7599493	Sandhu et al.	Oct 2009	B2
7630493	Sandhu et al.	Dec 2009	B2
7711122	Allen et al.	May 2010	B2
7712137	Meier	May 2010	B2
7716240	Lim	May 2010	B2
7733803	Vogel et al.	Jun 2010	B2
7764970	Neil et al.	Jul 2010	B2
7793110	Durfee et al.	Sep 2010	B2
7836501	Sobel et al.	Nov 2010	B2
7904608	Price	Mar 2011	B2
7953979	Borneman et al.	May 2011	B2
7958362	Hwang	Jun 2011	B2
7961645	Gudipudi et al.	Jun 2011	B2
7982595	Hanna et al.	Jul 2011	B2
7983987	Kranzley et al.	Jul 2011	B2
8001610	Chickering et al.	Aug 2011	B1
8010779	Sermersheim et al.	Aug 2011	B2
8028329	Whitcomb	Sep 2011	B2
8099368	Coulter et al.	Jan 2012	B2
8108933	Mahaffey	Jan 2012	B2
8136148	Chayanam et al.	Mar 2012	B1
8141146	Ozeki	Mar 2012	B2
8151333	Zhu et al.	Apr 2012	B2
8161527	Curren	Apr 2012	B2
8181253	Zaitsev et al.	May 2012	B1
8185740	Choe et al.	May 2012	B2
8185744	Brown et al.	May 2012	B2
8185962	Moore	May 2012	B2
8200980	Robinson et al.	Jun 2012	B1
8225392	Dubrovsky et al.	Jul 2012	B2
8245044	Kang	Aug 2012	B2
8250478	Dharmarajan et al.	Aug 2012	B2
8259947	Gantman et al.	Sep 2012	B2
8281401	Pennington et al.	Oct 2012	B2
8281403	Asheghian et al.	Oct 2012	B1
8321437	Lim	Nov 2012	B2
8332627	Matthews et al.	Dec 2012	B1
8335933	Humphrey et al.	Dec 2012	B2
8340287	Sandhu et al.	Dec 2012	B2
8340635	Herz et al.	Dec 2012	B2
8380192	Kim et al.	Feb 2013	B2
8381297	Touboul	Feb 2013	B2
8397212	Chijiiwa	Mar 2013	B2
8397301	Hering et al.	Mar 2013	B2
8397302	Mont et al.	Mar 2013	B2
8402526	Ahn	Mar 2013	B2
8418168	Tyhurst et al.	Apr 2013	B2
8458308	Steves	Jun 2013	B1
8458798	Williams et al.	Jun 2013	B2
8484708	Chern	Jul 2013	B2
8495720	Counterman	Jul 2013	B2
8499149	Chen	Jul 2013	B2
8499339	Chao et al.	Jul 2013	B2
8510820	Oberheide et al.	Aug 2013	B2
8522010	Ozzie et al.	Aug 2013	B2
8528039	Chakarapani	Sep 2013	B2
8533844	Mahaffey	Sep 2013	B2
8538028	Yeap et al.	Sep 2013	B2
8539544	Srinivasan et al.	Sep 2013	B2
8539567	Luxemberg et al.	Sep 2013	B1
8548426	Smith	Oct 2013	B2
8549601	Ganesan	Oct 2013	B2
8571220	Ollikainen et al.	Oct 2013	B2
8578162	Jentzsch et al.	Nov 2013	B2
8588422	Beachem et al.	Nov 2013	B2
8595809	Chayanam et al.	Nov 2013	B2
8595822	Schrecker et al.	Nov 2013	B2
8601554	Gordon et al.	Dec 2013	B2
8612305	Dominguez et al.	Dec 2013	B2
8627438	Bhimanaik	Jan 2014	B1
8646060	Ayed	Feb 2014	B1
8646086	Chakra et al.	Feb 2014	B2
8667288	Yavuz	Mar 2014	B2
8689287	Bohmer et al.	Apr 2014	B2
8700729	Dua	Apr 2014	B2
8707365	Corl	Apr 2014	B2
8707384	Jain et al.	Apr 2014	B2
8713329	Schneider	Apr 2014	B2
8713639	Cheeniyil et al.	Apr 2014	B2
8719930	Lapsley et al.	May 2014	B2
8732475	Fahrny et al.	May 2014	B2
8732839	Hohl	May 2014	B2
8737623	Hart	May 2014	B2
8745703	Lambert et al.	Jun 2014	B2
8751801	Harris et al.	Jun 2014	B2
8756651	Baer et al.	Jun 2014	B2
8756698	Sidagni	Jun 2014	B2
8763077	Oberheide et al.	Jun 2014	B2
8789178	Kejriwal et al.	Jul 2014	B2
8806609	Gladstone et al.	Aug 2014	B2
8806638	Mani	Aug 2014	B1
8813228	Magee et al.	Aug 2014	B2
8838759	Eatough et al.	Sep 2014	B1
8850017	Ebrahimi et al.	Sep 2014	B2
8850516	Hrebicek et al.	Sep 2014	B1
8850530	Shahbazi	Sep 2014	B2
8862097	Brand et al.	Oct 2014	B2
8891772	D Souza et al.	Nov 2014	B2
8893230	Oberheide et al.	Nov 2014	B2
8898762	Kang	Nov 2014	B2
8903365	Stricklen et al.	Dec 2014	B2
8910268	Hudis et al.	Dec 2014	B2
8935769	Hessler	Jan 2015	B2
8938531	Cotton	Jan 2015	B1
8938799	Kuo	Jan 2015	B2
8949596	Yin et al.	Feb 2015	B2
8949927	Arnott et al.	Feb 2015	B2
8955038	Nicodemus et al.	Feb 2015	B2
8955075	Von Bokern et al.	Feb 2015	B2
8959568	Hudis et al.	Feb 2015	B2
8966587	Nair et al.	Feb 2015	B2
8984276	Benson et al.	Mar 2015	B2
9037127	Raleigh	May 2015	B2
9043886	Srinivasan et al.	May 2015	B2
9049011	Agrawal	Jun 2015	B1
9049594	Chen et al.	Jun 2015	B2
9071611	Yadav et al.	Jun 2015	B2
9076343	Chaar et al.	Jul 2015	B2
9077758	McGovern et al.	Jul 2015	B1
9110754	Poonamalli et al.	Aug 2015	B2
9118656	Ting et al.	Aug 2015	B2
9122888	Devi	Sep 2015	B2
9124582	Kalinichenko et al.	Sep 2015	B2
9135458	Hankins et al.	Sep 2015	B1
9154387	Maki et al.	Oct 2015	B2
9172545	Edstrom et al.	Oct 2015	B2
9189491	Fushman et al.	Nov 2015	B2
9201644	Klein et al.	Dec 2015	B2
9203841	Neuman et al.	Dec 2015	B2
9210044	Kacin et al.	Dec 2015	B2
9215234	Black	Dec 2015	B2
9223961	Sokolov	Dec 2015	B1
9225840	Malatack et al.	Dec 2015	B2
9253185	Alaranta et al.	Feb 2016	B2
9258296	Juthani	Feb 2016	B2
9264443	Weisman	Feb 2016	B2
9270674	Lang et al.	Feb 2016	B2
9282085	Oberheide et al.	Mar 2016	B2
9338156	Oberheide et al.	May 2016	B2
9338163	Wendling et al.	May 2016	B2
9338176	Trumbull et al.	May 2016	B2
9344275	Bar-El et al.	May 2016	B2
9349000	Du et al.	May 2016	B2
9374654	Lindeman et al.	Jun 2016	B2
9386003	Kumar	Jul 2016	B2
9391980	Krahn et al.	Jul 2016	B1
9397892	Kirner et al.	Jul 2016	B2
9411963	Robke et al.	Aug 2016	B2
9430938	Proud	Aug 2016	B2
9443073	Oberheide et al.	Sep 2016	B2
9443084	Nice et al.	Sep 2016	B2
9454365	Oberheide et al.	Sep 2016	B2
9467463	Oberheide	Oct 2016	B2
9479509	Zeuthen	Oct 2016	B2
9491189	Zeitlin et al.	Nov 2016	B2
9501315	Desai et al.	Nov 2016	B2
9544143	Oberheide et al.	Jan 2017	B2
9607155	Beresnevichiene	Mar 2017	B2
9619307	Maltese et al.	Apr 2017	B2
9635041	Warman et al.	Apr 2017	B1
9659160	Ligatti et al.	May 2017	B2
9668137	Sigurdson et al.	May 2017	B2
9680864	Khesin	Jun 2017	B2
9706410	Sreenivas et al.	Jul 2017	B2
9723019	Rathor	Aug 2017	B1
9754097	Hessler	Sep 2017	B2
9762429	Elmaliah	Sep 2017	B2
9769538	Killick	Sep 2017	B2
9832221	Newstadt et al.	Nov 2017	B1
9918226	Khan	Mar 2018	B2
9940119	Brownell et al.	Apr 2018	B2
9996343	Oberheide et al.	Jun 2018	B2
20020013898	Sudia et al.	Jan 2002	A1
20020091745	Ramamurthy et al.	Jul 2002	A1
20020123967	Wang	Sep 2002	A1
20020131404	Mehta et al.	Sep 2002	A1
20020136410	Hanna	Sep 2002	A1
20030011545	Sagano et al.	Jan 2003	A1
20030012093	Tada et al.	Jan 2003	A1
20030061506	Cooper et al.	Mar 2003	A1
20030115452	Sandhu et al.	Jun 2003	A1
20030120931	Hopkins et al.	Jun 2003	A1
20030126472	Banzhof	Jul 2003	A1
20030147536	Andivahis et al.	Aug 2003	A1
20030149781	Yared et al.	Aug 2003	A1
20030172291	Judge et al.	Sep 2003	A1
20040064706	Lin et al.	Apr 2004	A1
20040139318	Fiala et al.	Jul 2004	A1
20040187018	Owen et al.	Sep 2004	A1
20040215672	Pfitzner	Oct 2004	A1
20040218763	Gantman et al.	Nov 2004	A1
20050024052	Bendall et al.	Feb 2005	A1
20050097350	Patrick et al.	May 2005	A1
20050097352	Patrick et al.	May 2005	A1
20050218215	Lauden	Oct 2005	A1
20050221268	Chaar et al.	Oct 2005	A1
20050240522	Kranzley et al.	Oct 2005	A1
20050268107	Harris et al.	Dec 2005	A1
20050278777	Loza	Dec 2005	A1
20060021018	Hinton et al.	Jan 2006	A1
20060024269	Doyle et al.	Feb 2006	A1
20060026304	Price	Feb 2006	A1
20060031938	Choi	Feb 2006	A1
20060059569	Dasgupta et al.	Mar 2006	A1
20060075475	Boulos et al.	Apr 2006	A1
20060101519	Lasswell et al.	May 2006	A1
20060130139	Sobel et al.	Jun 2006	A1
20060165060	Dua	Jul 2006	A1
20060182276	Sandhu et al.	Aug 2006	A1
20060184787	Sandhu et al.	Aug 2006	A1
20060184788	Sandhu et al.	Aug 2006	A1
20060195588	Pennington et al.	Aug 2006	A1
20060242692	Thione et al.	Oct 2006	A1
20070016948	Dubrovsky et al.	Jan 2007	A1
20070027961	Holzer	Feb 2007	A1
20070033148	Cahill	Feb 2007	A1
20070081667	Hwang	Apr 2007	A1
20070101145	Sachdeva et al.	May 2007	A1
20070143860	Hardt	Jun 2007	A1
20070156592	Henderson	Jul 2007	A1
20070156659	Lim	Jul 2007	A1
20070180490	Renzi et al.	Aug 2007	A1
20070185978	Montulli	Aug 2007	A1
20070186106	Ting et al.	Aug 2007	A1
20070199060	Touboul	Aug 2007	A1
20070204016	Kunz et al.	Aug 2007	A1
20070204346	Meier	Aug 2007	A1
20070228148	Rable	Oct 2007	A1
20070250914	Fazal	Oct 2007	A1
20070254631	Spooner	Nov 2007	A1
20070258594	Sandhu et al.	Nov 2007	A1
20070284429	Beeman	Dec 2007	A1
20070297607	Ogura et al.	Dec 2007	A1
20080004964	Messa et al.	Jan 2008	A1
20080010665	Hinton et al.	Jan 2008	A1
20080012041	Kesler	Jan 2008	A1
20080034413	He et al.	Feb 2008	A1
20080049642	Gudipudi et al.	Feb 2008	A1
20080059804	Shah et al.	Mar 2008	A1
20080069347	Brown et al.	Mar 2008	A1
20080120411	Eberle	May 2008	A1
20080134311	Medvinsky et al.	Jun 2008	A1
20080198856	Vogel et al.	Aug 2008	A1
20080201186	Poon et al.	Aug 2008	A1
20080215675	Kaminitz et al.	Sep 2008	A1
20080229104	Ju et al.	Sep 2008	A1
20080301669	Rao et al.	Dec 2008	A1
20090055906	Wendorff	Feb 2009	A1
20090077060	Sermersheim et al.	Mar 2009	A1
20090083225	Jacobs et al.	Mar 2009	A1
20090167489	Nan et al.	Jul 2009	A1
20090177675	Trumbull et al.	Jul 2009	A1
20090187986	Ozeki	Jul 2009	A1
20090198997	Yeap et al.	Aug 2009	A1
20090210705	Chen	Aug 2009	A1
20090254978	Rouskov et al.	Oct 2009	A1
20090259848	Williams et al.	Oct 2009	A1
20090271863	Govindavajhala et al.	Oct 2009	A1
20090300596	Tyhurst et al.	Dec 2009	A1
20090300707	Garimella et al.	Dec 2009	A1
20090328178	McDaniel et al.	Dec 2009	A1
20100002378	Chen et al.	Jan 2010	A1
20100018000	Hsu	Jan 2010	A1
20100023781	Nakamoto	Jan 2010	A1
20100026302	Doty et al.	Feb 2010	A1
20100036931	Certain et al.	Feb 2010	A1
20100042954	Rosenblatt et al.	Feb 2010	A1
20100050263	Weisman	Feb 2010	A1
20100069104	Neil et al.	Mar 2010	A1
20100100725	Ozzie et al.	Apr 2010	A1
20100100924	Hinton	Apr 2010	A1
20100100963	Mahaffey	Apr 2010	A1
20100107225	Spencer et al.	Apr 2010	A1
20100114740	Dominguez et al.	May 2010	A1
20100115578	Nice et al.	May 2010	A1
20100121767	Coulter et al.	May 2010	A1
20100125737	Kang	May 2010	A1
20100131755	Zhu et al.	May 2010	A1
20100180001	Hardt	Jul 2010	A1
20100186082	Ladki et al.	Jul 2010	A1
20100202609	Sandhu et al.	Aug 2010	A1
20100216425	Smith	Aug 2010	A1
20100217986	Schneider	Aug 2010	A1
20100233996	Herz et al.	Sep 2010	A1
20100257610	Hohl	Oct 2010	A1
20100263021	Arnott et al.	Oct 2010	A1
20100263046	Polavarapu	Oct 2010	A1
20100274859	Bucuk	Oct 2010	A1
20100319068	Abbadessa et al.	Dec 2010	A1
20100330969	Kim et al.	Dec 2010	A1
20110026716	Tang et al.	Feb 2011	A1
20110047597	Barton et al.	Feb 2011	A1
20110055903	Leggette	Mar 2011	A1
20110086616	Brand et al.	Apr 2011	A1
20110107389	Chakarapani	May 2011	A1
20110113484	Zeuthen	May 2011	A1
20110119765	Hering et al.	May 2011	A1
20110138469	Ye et al.	Jun 2011	A1
20110145900	Chern	Jun 2011	A1
20110179472	Ganesan	Jul 2011	A1
20110185287	Dharmarajan et al.	Jul 2011	A1
20110185431	Deraison	Jul 2011	A1
20110197266	Chu et al.	Aug 2011	A1
20110197267	Gravel et al.	Aug 2011	A1
20110219449	St. Neitzel et al.	Sep 2011	A1
20110231265	Brown et al.	Sep 2011	A1
20110277025	Counterman	Nov 2011	A1
20110277034	Hanson	Nov 2011	A1
20110282908	Fly	Nov 2011	A1
20110289582	Kejriwal et al.	Nov 2011	A1
20110302410	Clarke et al.	Dec 2011	A1
20110302630	Nair et al.	Dec 2011	A1
20120029084	Wong	Feb 2012	A1
20120030093	Farias	Feb 2012	A1
20120060360	Liu	Mar 2012	A1
20120063601	Hart	Mar 2012	A1
20120090028	Lapsley et al.	Apr 2012	A1
20120096274	Campagna et al.	Apr 2012	A1
20120110671	Beresnevichiene et al.	May 2012	A1
20120117229	Van et al.	May 2012	A1
20120117626	Yates et al.	May 2012	A1
20120151567	Chayanam et al.	Jun 2012	A1
20120159600	Takagi	Jun 2012	A1
20120198050	Maki et al.	Aug 2012	A1
20120198228	Oberheide et al.	Aug 2012	A1
20120216239	Yadav et al.	Aug 2012	A1
20120227098	Obasanjo et al.	Sep 2012	A1
20120254957	Fork et al.	Oct 2012	A1
20120278454	Stewart et al.	Nov 2012	A1
20120290841	Jentzsch	Nov 2012	A1
20120300931	Ollikainen et al.	Nov 2012	A1
20120317287	Amitai et al.	Dec 2012	A1
20120321086	D'Souza et al.	Dec 2012	A1
20120323950	Wilson et al.	Dec 2012	A1
20130004200	Okabe	Jan 2013	A1
20130007848	Chaskar et al.	Jan 2013	A1
20130008110	Rothwell	Jan 2013	A1
20130012429	Eddowes et al.	Jan 2013	A1
20130017968	Gurtner et al.	Jan 2013	A1
20130024628	Benhase et al.	Jan 2013	A1
20130042002	Cheeniyil et al.	Feb 2013	A1
20130060708	Oskolkov et al.	Mar 2013	A1
20130067538	Dharmarajan et al.	Mar 2013	A1
20130081101	Baer et al.	Mar 2013	A1
20130086210	Yiu et al.	Apr 2013	A1
20130086658	Kottahachchi et al.	Apr 2013	A1
20130091544	Oberheide et al.	Apr 2013	A1
20130097585	Jentsch et al.	Apr 2013	A1
20130110676	Kobres	May 2013	A1
20130117826	Gordon et al.	May 2013	A1
20130124292	Juthani	May 2013	A1
20130125226	Shah et al.	May 2013	A1
20130174246	Schrecker et al.	Jul 2013	A1
20130179681	Benson et al.	Jul 2013	A1
20130239167	Sreenivas et al.	Sep 2013	A1
20130239168	Sreenivas et al.	Sep 2013	A1
20130239177	Sigurdson et al.	Sep 2013	A1
20130246281	Yamada et al.	Sep 2013	A1
20130263211	Neuman et al.	Oct 2013	A1
20130276142	Peddada	Oct 2013	A1
20130310006	Chen et al.	Nov 2013	A1
20130311776	Besehanic	Nov 2013	A1
20130326224	Yavuz	Dec 2013	A1
20130326493	Poonamalli et al.	Dec 2013	A1
20140001975	Lee et al.	Jan 2014	A1
20140007238	Magee et al.	Jan 2014	A1
20140019752	Yin et al.	Jan 2014	A1
20140020051	Lu et al.	Jan 2014	A1
20140020184	Loth	Jan 2014	A1
20140047546	Sidagni	Feb 2014	A1
20140181517	Alaranta et al.	Jun 2014	A1
20140181520	Wendling et al.	Jun 2014	A1
20140188796	Fushman et al.	Jul 2014	A1
20140189863	Rorabaugh et al.	Jul 2014	A1
20140201841	Deshpande et al.	Jul 2014	A1
20140208405	Hashai	Jul 2014	A1
20140235230	Raleigh	Aug 2014	A1
20140237236	Kalinichenko et al.	Aug 2014	A1
20140244993	Chew	Aug 2014	A1
20140245278	Zellen	Aug 2014	A1
20140245396	Oberheide et al.	Aug 2014	A1
20140247140	Proud	Sep 2014	A1
20140297840	Qureshi	Oct 2014	A1
20140310415	Kirner et al.	Oct 2014	A1
20140351954	Brownell et al.	Nov 2014	A1
20140376543	Malatack et al.	Dec 2014	A1
20150002646	Namii	Jan 2015	A1
20150012914	Klein et al.	Jan 2015	A1
20150026461	Devi	Jan 2015	A1
20150040194	Chaskar et al.	Feb 2015	A1
20150058983	Zeitlin et al.	Feb 2015	A1
20150213259	Du et al.	Jul 2015	A1
20150213268	Nance et al.	Jul 2015	A1
20150237026	Kumar	Aug 2015	A1
20150242643	Hankins et al.	Aug 2015	A1
20150261955	Huang et al.	Sep 2015	A1
20150281318	Warner et al.	Oct 2015	A1
20150304351	Oberheide et al.	Oct 2015	A1
20150312233	Graham et al.	Oct 2015	A1
20160005696	Tomohiro	Jan 2016	A1
20160018007	Eckholz	Jan 2016	A1
20160021117	Harmon et al.	Jan 2016	A1
20160028639	Wong et al.	Jan 2016	A1
20160056962	Mehtala	Feb 2016	A1
20160080366	Agarwal	Mar 2016	A1
20160164866	Oberheide et al.	Jun 2016	A1
20160180072	Ligatti et al.	Jun 2016	A1
20160180343	Poon et al.	Jun 2016	A1
20160212129	Johnston et al.	Jul 2016	A1
20160286391	Khan	Sep 2016	A1
20160300231	Shavell et al.	Oct 2016	A1
20160314301	Johns et al.	Oct 2016	A1
20160366589	Jean	Dec 2016	A1
20170039242	Milton et al.	Feb 2017	A1
20170046519	Cam	Feb 2017	A1
20170169066	Mantri et al.	Jun 2017	A1

Foreign Referenced Citations (3)

Number	Date	Country
2639997	Sep 2014	EP
2007075850	Jul 2007	WO
2014150073	Sep 2014	WO

Non-Patent Literature Citations (11)

Entry
Edge, Kenneth, et al. “The use of attack and protection trees to analyze security for an online banking system.” System Sciences, 2007. HICSS 2007. 40th Annual Hawaii International Conference on. IEEE, 2007.
Neuenhofen, Kay, and Mathew Thompson. “A secure marketplace for mobile java agents.” Proceeding of the second international Conference on Autonomous agents. ACM, 1998. (pp. 212-218).
Simske et al., “APEX: Automated Policy Enforcement eXchange”, Sep. 21-24, 2010, ACM, pp. 139-142.
Symantec, Administration Guide for Symantec TM Endpoint Protection and Symantec Network Access Control, Aug. 1, 2007.
Symantec, Administration guide for symantec Endpoint protection and symantec network access control, 2009, version 11.00.05.00.00.
“Aloul S Zahidi; et al. “Two factor authentication using mobile phones,” 2009 IEEE/ACS International Conference on Computer Systems and Applications, Rabat, 2009, pp. 641-644.”, Feb. 6, 2018 00:00:00.0.
“Bonneau Joseph; et al. “Passwords and the evolution of imperfect authentication.” Communications of the ACM 58.7 (2015): 78-87.”, Feb. 6, 2018 00:00:00.0.
“Goldfeder et al., Securing Bitcoin wallets via a new DSA/ECDSA threshold signature scheme, http://www.cs.princeton.edu/˜stevenag/threshold_sigs.pdf”.
“Kher Vishal; et al. “Securing distributed storage: challenges, techniques and systems.” Proceedings of the 2005 ACM workshop on Storage security and survivability. ACM, 2005, pp. 9-25.”, Feb. 6, 2018 00:00:00.0.
Stone-Gross Brett; et al. “Peering Through the iFrame”, INFOCOM Proceeding, IEEE, Apr. 10-15, 2011, pp. 111-415.
Yao, Qiong, et al.,“Effective Iframe-based Strategy for Processing Dynamic Data in Embedded Browser”, International Conference on Advanced Computer Theory and Engineering (ICACTE), IEEE, Dec. 20-22, 2008, pp. 538-542.

Related Publications (1)

	Number	Date	Country
	20160381063 A1	Dec 2016	US

Provisional Applications (1)

	Number	Date	Country
	61530560	Sep 2011	US

Continuations (1)

	Number	Date	Country
Parent	13601409	Aug 2012	US
Child	15259457		US

System and method for assessing vulnerability of a mobile device

Information

Patent Number

Date Filed

Date Issued

Inventors

Original Assignees

Examiners

CPC

Field of Search

US

International Classifications

Disclaimer

Term Extension

Abstract