Abstract
A system is provided for identifying compromised mobile devices from a network administrator's point of view. The provided system utilizes a graph-based inference approach that leverages an assumed correlation that devices sharing a similar set of installed applications will have a similar probability of being compromised. Stated differently, the provided system determines whether a given unknown device is compromised or not by analyzing its connections to known devices. Such connections are generated from a small set of known compromised mobile devices and the network traffic data of mobile devices collected by a service provider or network administrator. The proposed system is accordingly able to reliably detect unknown compromised devices without relying on device-specific features.
| Original language | English |
|---|---|
| Patent number | US2022116782 |
| IPC | H04W 12/ 30 A I |
| Priority date | 6/10/21 |
| Publication status | Published - 14 Apr 2022 |