GB2590467A - Automatic change of password - Google Patents
Automatic change of password Download PDFInfo
- Publication number
- GB2590467A GB2590467A GB1918809.3A GB201918809A GB2590467A GB 2590467 A GB2590467 A GB 2590467A GB 201918809 A GB201918809 A GB 201918809A GB 2590467 A GB2590467 A GB 2590467A
- Authority
- GB
- United Kingdom
- Prior art keywords
- password
- passwords
- communication device
- successful
- generated
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
- H04L63/0846—Network architectures or network communication protocols for network security for authentication of entities using passwords using time-dependent-passwords, e.g. periodically changing passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
- G06F21/46—Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2129—Authenticate client device independently of the user
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Methods and apparatus which change passwords in a security device include intercepting messages exchanged between communications devices and access points. Identifying communications devices by parameters included in intercepted messages (S1). Checking if default passwords are successful to log into communication devices (S2), checking if generated passwords are successful to login to communication devices (S2), if logins are successful with default passwords or generated passwords, setting (S3) temporary passwords satisfying password change policies and providing (S4) temporary passwords to access point users. Default passwords may be checked against default passwords stored in database servers. Generated passwords may be generated using password cracking, dictionary attacks, pattern checking, word list substitution, or brute force attacks. Temporary passwords may be sent and requests to set new passwords within configurable times made. Upon time expiration, temporary passwords are checked to determine if they have been changed. If they have not been changed, new temporary passwords are set and provided to set new passwords within a configurable time. If they have been changed, successful login using generated passwords are checked. If successful, new temporary passwords are set, and provided in messages to set new passwords within a configurable time. If unsuccessful, temporary passwords are deleted.
Description
AUTOMATIC CHANGE OF PASSWORD
FIELD OF INVENTION
100011 The present subject matter generally relates to the field of password management in telecommunication networks
BACKGROUND
100021 Enterprises have been trying to put security modules everywhere in their architecture but passwords are still the weakest ring which can break the security chain. Especially with the prevalence of connected things, the passwords are left by default for the new devices introduced. Recently, the malware called "Mirai" has taken control over a large number (hundreds of thousands) of IoT devices using default usernames and passwords from IoT vendor and turned them into bots. The infected devices have been used to launch many Distributed Denial of Service Attacks in 2016.
100031 For IoT devices in general, and in Industrial environments in particular, the default passwords are left unchanged (easy to remember for operators that have to manage different devices). This raises the risk for these devices to be accessed and monitored by attackers (e.g botnets).
100041 Usually, password change policies and password management solutions identified are built-in solutions that require human intervention for the password change which does not resolve the general problem of default passwords not being modified and the resulting vulnerability.
SUMMARY
100051 This summary is provided to introduce concepts related to the present inventive subject matter. This summary is not intended to identify essential features of the claimed subject matter nor is it intended for use in determining or limiting the scope of the claimed subject matter.
100061 In one implementation, a method for an automatic change of password comprises in a security device: intercepting at least one message exchanged between a communication device and an access point of a telecommunication network and identifying the communication device by means of parameters included in at least one intercepted message, checking if at least a default password is successful to login to the communication device, checking if at least a generated password is successful to login to the communication device, if the login is successful with at least a default password or at least a generated password, setting a temporary password satisfying a password change policy, providing the temporary password to a user of the access point.
100071 Advantageously, it is provided a security module that automatically changes the passwords left by default of a new device onboarded in the network by a strong and unique password. The device is still functional but to access its management interface, the user has to get the new password from the security module and has a limited time to change it in order to claim the responsibility of the password management If the password is not changed during this limited time, the security module will rechange it to keep the access secured.
100081 In an embodiment, said at least a default password is taken by using default passwords stored in a database sewer.
100091 In an embodiment, said at least a generated password is generated by using methods of password cracking.
100101 In an embodiment, said at least a generated password is generated by using one of the dictionary attacks, pattern checking, word list substitution, or brute-force attack within a predetermined time window.
100111 In an embodiment, the communication device is identified when at least one of the following information is retrieved: mac address, manufacturer, brand, type, release.
100121 In an embodiment, the security device connects to an administration application of the communication device to attempt to login to the communication device.
100131 In an embodiment, said at least a generated password is checked if said at least a default password is not successful to login to the communication device.
100141 In an embodiment, the password change policy is related to a manufacturer of the communication device.
100151 In an embodiment, the temporary password is sent to a user of the access point by requesting to set a new password within a configurable time. The temporary password can be sent in a message or via an administration interface of the security device.
100161 In an embodiment, at the expiration of the configurable time, the security device checks if the temporary password has been changed by the user.
100171 In an embodiment, if the temporary password has not been changed, the security device sets a new temporary password and provides this latter to said user by requesting to set a new password within a configurable time.
100181 In an embodiment, if the temporary password has been changed, the security device checks if at least a generated password is successful to login to the communication device.
100191 In an embodiment, if' said at least a generated password is successful to login to the communication device, the security device sets a new temporary password and provides this latter to said user in another message requesting to set a new password within a configurable time.
100201 In an embodiment, if said at least a generated password is not successful to login to the communication device, the security device deletes the temporary password.
100211 In another implementation there is provided an apparatus for an automatic change of password, the apparatus comprising: one or more network interfaces to communicate with the connected device; a processor coupled to the network interfaces and configured to execute one or more processes; and a memory configured to store a process executable by the processor, the process when executed operable to: intercept at least one message exchanged between a communication device and an access point of a telecommunication network and identifying the communication device by means of parameters included in at least one intercepted message, check if at least a default password is successful to login to the communication device, check if at least a generated password is successful to login to the communication device, if the login is successful with at least a default password or at least a generated password, set a temporary password satisfying a password change policy, provide the temporary password to a user of the access point 100221 In another implementation there is provided a computer-readable medium having embodied thereon a computer program for executing a method for an automatic change of password Said computer program comprises instructions which carry out steps according to the method according to the invention.
BRIEF DESCRIPTION OF THE FIGURES
100231 The detailed description is described with reference to the accompanying figures. In the figures, the left-most digit(s) of a reference number identifies the figure in which the reference number first appears. The same numbers are used throughout the figures to reference like features and components. Some embodiments of system and/or methods in accordance with embodiments of the present subject matter are now described, by way of example only, and with reference to the accompanying figures, in which: 100241 FIG. 1 illustrates a schematic block diagram of a communication system according to one embodiment of the invention for an automatic change of password.
100251 FIG. 2 illustrates a flow chart illustrating a method for an automatic change of password according to one embodiment of the invention.
100261 The same reference number represents the same element or the same type of element on all drawings 100271 It should be appreciated by those skilled in the art that any block diagrams herein represent conceptual views of illustrative systems embodying the principles of the present subject matter. Similarly, it will be appreciated that any flow charts, flow diagrams, state transition diagrams, pseudo code, and the like represent various processes which may be substantially represented in computer readable medium and so executed by a computer or processor, whether or not such computer or processor is explicitly shown.
DESCRIPTION OF EMBODIMENTS
100281 The figures and the following description illustrate specific exemplary embodiments of the invention. It will thus be appreciated that those skilled in the art will be able to devise various arrangements that, although not explicitly described or shown herein, embody the principles of the invention and are included within the scope of the invention.
Furthermore, any examples described herein are intended to aid in understanding the principles of the invention, and are to be construed as being without limitation to such specifically recited examples and conditions As a result, the invention is not limited to the specific embodiments or examples described below, but by the claims and their equivalents.
100291 Referring to FIG. 1, a security device SD communicates through a telecommunication network TN with a communication device CD and a database server DS.
100301 The telecommunication network TN may be a wired or wireless network, or a combination of wired and wireless networks The telecommunication network TN can be associated with a packet network, for example, an IP ("Internet Protocol") high-speed network such as the Internet or an intranet, or even a company-specific private network.
100311 The telecommunication network TN is for example a digital cellular radio communication network of the GPRS (General Packet Radio Service), UMTS (Universal Mobile Telecommunications System), CDMA (Code Division Multiple Access) type, LTE (Long Term Evolution) or even 5G (Fifth Generation) type. Furthermore, the wireless telecommunication network TN can be accessed by the communication device via a wireless link, such as a Wi-Fi network or Bluetooth connection.
100321 In another example, the telecommunication network TN is a public wireless network of limited scope, such as WEAN (Wireless Local Area Network) or conforming to a standard 802 lx, or medium range according to the protocol WiMAX (World Wide Interoperability Microwave Access.
100331 Additionally, the telecommunication network TN may be operating in accordance with fourth or fifth generation wireless communication protocols and/or the like as well as similar wireless communication protocols that may be developed in the future.
100341 The database server DS is managed by the security device SD and can be implemented in the security device or in an entity accessible by the security device through the telecommunication network, 100351 The database server DS contains a list of identifiers of communication devices for which at least the following information is attributed: mac address, manufacturer, brand, type, release. The database server DS is periodically updated and crowdsourced with information on new communication devices from different manufacturers.
100361 The database server DS further contains a list of manufacturers and the following information is attributed to each manufacturer's type of object or release if need be: default passwords set by manufacturer, password change policy and password restitution policy. The database server DS is periodically updated with information from manufacturers on default passwords and change/restitution policies.
100371 The database server DS also contains flags that track the password status which are updated at each iteration of an automatic password change 100381 A communication device CD is a connected object that comprises a network interface connected to the telecommunication network TN, via an access point AP. The network interface is part of a data processing unit that may be directly embedded in the communication device CD. The communication device CD may be of different nature. For instance, the communication device CD may be devices such as an advertisement board, a television set, a household appliance, a communication terminal, a fridge, a camera, a media drive, an information display etc. The communication device CD may be present in the user's home, in vehicles but also in public environments or other locations, for instance the user's workplace.
100391 The security device SD contains an identification module EV and a password module PM. The security device can be implemented in different kind of access points AP, like a LAN or WLAN access point or a network gateway (for example a set-top box). The security device can communicate with a control access function of the access point, like X500 or Role Based Access Control, in order to retrieve identifiers of users of the access point and ways to communicate with said users.
100401 The identification module TM is able to identify a communication device CD, by detecting a connection of the communication device to the access point AP for accessing the telecommunication network and intercepting connection parameters in the connection request from the communication device. The identification module TM interrogates the database server DS with the intercepted connection parameters to determine the type of communication device and to retrieve the information associated with. The identification module IM can use known mechanisms of finger printing to identify precisely the communication device.
100411 The password module PM is able to check if default passwords stored in the server database is used by a communication device, and if default password has been changed, to check if changed password is easily cracked using a dictionary of weak passwords for example 100421 The password module PM is able to set a temporary password according to password change policy and store it in the database server if there is a successful login with a default or assumed weak password. The password module PM can then provide a temporary password to a user according to password restitution policy.
100431 After restitution of temporary password to the administrator of the communication device, the administrator is requested to set a new password within a configurable time. At the expiration of the configurable time, the password module PM checks if the temporary password has been changed by the administrator. If the temporary password has not been changed, the password module PM has to reset a new temporary password. It thus avoids letting a working or weak password outside of any responsibility. At the end of the configurable time, if the password has been changed, the password module PM checks if the new password is a weak password.
100441 With reference to FIG. 2, a method for an automatic password change according to one embodiment of the invention comprises steps S1 to S5.
100451 In step Si, a communication device CD tries to connect to the telecommunication network, by sending a connection request to the access point. The security device SD intercepts the connection request and the identification module IM identifies the communication device by interrogating the database server by means of parameters included in the connection request. Alternately, the identification can be inferred by fingerprinting technics after the connection request is done. The identification can be based upon parameters included in further intercepted messages issued to or from the communication device. The communication device is assumed to be identified or recognized when information related to the communication device can be retrieved like the mac address, manufacturer, brand, type, release. In the database server, an identifier of the communication device is associated with said information.
100461 If the communication device is not identified, the security device SD raises an alert indicating an unrecognized device in the database server. For example, a flag associated with the identifier of the communication device is updated with said alert 100471 In step S2, once the communication device is identified, the security device connects to the administration application of the communication device via an Application programming interface API, for example by means of plugins able to connect to a numerous of management protocols.
100481 The password module PM attempts to login to the communication device by using default passwords stored in the database server. The login process can allow access to an administration application that offers configuration functions or service functions for example. In one embodiment, once the manufacturer, type and release of the communication device have been retrieved, the security device can access a list of default passwords used by the manufacturer of the communication device.
100491 If the security device cannot login to the administration application with a default password, meaning that the default password has been changed, the security device checks if at least a generated password is successful to login to the communication device. In one embodiment, the security device performs a password cracking, for example by using a dictionary of weak passwords 100501 The security device checks if the password is cracked by trying to login with passwords that are assumed to be weak. The passwords that are used to attempt to login to the communication device are generated using some methods of password cracking, such as dictionary attacks, pattern checking, word list substitution. In one embodiment, a brute-force attack is attempted within a predetermined time window. In all cases, it is assumed that the security device generates passwords in order to crack the password for login, and even in case of dictionary of weak passwords the generated password can be based on or a copy of a weak password.
100511 In case the security device cannot login with a default password or a generated password, the security device raises an alert indicating the password is not retrieved and has not been changed. For example, a flag associated with the identifier of the communication device is updated with said alert.
100521 In step 53, if the login is successful with a default password or a generated password, the security device sets a temporary password. The temporary password is compliant with a password change policy associated with the manufacturer of the communication device and potentially the type of the communication device. It is assumed the password change policy is stored in the server database.
100531 In case the security device is unable to set a temporary password, the security device raises an alert indicating the retrieved password has not been changed. For example, a flag associated with the identifier of the communication device is updated with said alert.
100541 In step S4, the security device SD provides the temporary password to a user of the communication device, for example in a message or via an administration interface of the security device or via an administration interface of the access point. The way of transmission of the temporary password is compliant with a password restitution policy associated with the manufacturer of the communication device. It is assumed that the sewer database stores the password restitution policy and the security device adapts the password restitution policy to the identifier of the user retrieved from the control access function of the access point. For example, the security device sends the temporary password to an administrator of the access point via an email or a short message.
100551 The message further contains or the administration interface provides a request to set a new password within a configurable time. The message can thus contain or the administration interface can display a link or an indication that the temporary password should be changed by the user within the configurable time 100561 In step S5, at the expiration of the configurable time, the security device checks if the temporary password has been changed by the user. If the temporary password has not been changed, the security device sets a new temporary password and step S4 is repeated. It thus avoid letting a working password outside of any responsibility. At the end of the expiration time, if the temporary password has been changed, the security device performs again step S2 to check if the new password is a weak one, i.e. can be cracked based on a generated password, using a dictionary of weak passwords for example. If the new password can be cracked, then the device performs S3 again.
100571 If the new password cannot be cracked based on a generated password, it is assumed the new password is strong enough to be safe and the security device delete the temporary password that was previously created. A flag associated with the identifier of the communication device is updated with information that the temporary password has been deleted.
100581 This solution prevents against remote administration of connected devices for which passwords are generally left by default It prevents in most cases successful access to these devices through password cracking attacks (dictionary, brute force, guessing) and their remote monitoring. The security module is evolutive as it is constantly updated with new loT devices and their default passwords and management protocols.
100591 An embodiment comprises a security device SD under the form of an apparatus comprising one or more processor(s), I/O interface(s), and a memory coupled to the processor(s). The processor(s) may be implemented as one or more microprocessors, microcomputers, microcontrollers, digital signal processors, central processing units, state machines, logic circuitries, and/or any devices that manipulate signals based on operational instructions. The processor(s) can be a single processing unit or a number of units, all of which could also include multiple computing units. Among other capabilities, the processor(s) are configured to fetch and execute computer-readable instructions stored in the memory.
100601 The functions realized by the processor may be provided through the use of dedicated hardware as well as hardware capable of executing software in association with appropriate software. When provided by a processor, the functions may be provided by a single dedicated processor, by a single shared processor, or by a plurality of individual processors, some of which may be shared. Moreover, explicit use of the term "processor" should not be construed to refer exclusively to hardware capable of executing software, and may implicitly include, without limitation, digital signal processor (DSP) hardware, network processor, application specific integrated circuit (ASIC), field programmable gate array (FPGA), read only memory (ROM) for storing software, random access memory (RAM), and non volatile storage. Other hardware, conventional and/or custom, may also be included.
100611 The memory may include any computer-readable medium known in the art including, for example, volatile memory, such as static random access memory (SRAM) and dynamic random access memory (DRAM), and/or non-volatile memory, such as read only memory (ROM), erasable programmable ROM, flash memories, hard disks, optical disks, and magnetic tapes. The memory includes modules and data. The modules include routines, programs, objects, components, data structures, etc., which perform particular tasks or implement particular abstract data types. The data, amongst other things, serves as a repository for storing data processed, received, and generated by one or more of the modules.
100621 A person skilled in the art will readily recognize that steps of the methods, presented above, can be performed by programmed computers. Herein, some embodiments are also intended to cover program storage devices, for example, digital data storage media, which are machine or computer readable and encode machine-executable or computer-executable programs of instructions, where said instructions perform some or all of the steps of the described method. The program storage devices may be, for example, digital memories, magnetic storage media, such as a magnetic disks and magnetic tapes, hard drives, or optically readable digital data storage media.
Claims (1)
12 CLAims 1 A method for an automatic change of password comprising in a security device (SD) intercepting (S1) at least one message exchanged between a communication device and an access point of a telecommunication network and identifying the communication device by means of parameters included in at least one intercepted message, checking (S2) if at least a default password is successful to login to the communication device, checking (52) if at least a generated password is successful to login to the communication device, if the login is successful with at least a default password or at least a generated password, setting (S3) a temporary password satisfying a password change policy, providing (S4) the temporary password to a user of the access point 2 The method as claimed in claim 1, wherein said at least a default password is taken by using default passwords stored in a database server.3. The method as claimed in claim 1 or 2, wherein said at least a generated password is generated by using methods of password cracking.4. The method as claimed in any of the claims 1 to 3, wherein said at least a generated password is generated by using one of the dictionary attacks, pattern checking, word list substitution, or brute-force attack within a predetermined time window.5. The method as claimed in any of the claims Ito 4, wherein the communication device is identified when at least one of the following information is retrieved: mac address, manufacturer, brand, type, release.6. The method as claimed in any of the claims 1 to 5, wherein said at least a generated password is checked if said at least a default password is not successful to login to the communication device, 7. The method as claimed in any of the claims 1 to 6, wherein the temporary password is sent to a user of the access point by requesting to set a new password within a configurable time 8. The method as claimed in claim 7, wherein at the expiration of the configurable time, the security device cheeks if the temporary password has been changed by the user.9. The method as claimed in claim 8, wherein if the temporary password has not been changed, the security device sets a new temporary password and provides this latter to said user by requesting to set a new password within a configurable time.10. The method as claimed in claim 8, wherein if the temporary password has been changed, the security device checks if at least a generated password is successful to login to the communication device.11. The method as claimed in claim 10, wherein if said at least a generated password is successful to login to the communication device, the security device sets a new temporary password and provides this latter to said user in another message requesting to set a new password within a configurable time 12. The method as claimed in claim 10, wherein if said at least a generated password is not successful to login to the communication device, the security device deletes the temporary password.13. An apparatus for an automatic change of password, the apparatus comprising: one or more network interfaces to communicate with the connected device; a processor coupled to the network interfaces and configured to execute one or more processes; and a memory configured to store a process executable by the processor, the process 30 when executed operable to: intercept at least one message exchanged between a communication device and an access point of a telecommunication network and identifying the communication device by means of parameters included in at least one intercepted message, check if at least a default password is successful to login to the communication device, check if at least a generated password is successful to login to the communication device, if the login is successful with at least a default password or at least a generated password, set a temporary password satisfying a password change policy, provide the temporary password to a user of the access point 14. A computer-readable medium haying embodied thereon a computer program for executing a method for a secured validation in management of a telecommunication network according to any of claims Ito 12.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| GB1918809.3A GB2590467A (en) | 2019-12-19 | 2019-12-19 | Automatic change of password |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| GB1918809.3A GB2590467A (en) | 2019-12-19 | 2019-12-19 | Automatic change of password |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| GB201918809D0 GB201918809D0 (en) | 2020-02-05 |
| GB2590467A true GB2590467A (en) | 2021-06-30 |
Family
ID=69322626
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| GB1918809.3A Withdrawn GB2590467A (en) | 2019-12-19 | 2019-12-19 | Automatic change of password |
Country Status (1)
| Country | Link |
|---|---|
| GB (1) | GB2590467A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20230179586A1 (en) * | 2021-12-02 | 2023-06-08 | Fortinet, Inc | Systems and methods for proactively upgrading low quality access credentials |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20180041499A1 (en) * | 2016-08-03 | 2018-02-08 | American Megatrends, Inc. | System and method for securing ipmi remote authenticated key-exchange protocol (rakp) over hash cracks |
| CN108833447A (en) * | 2018-08-01 | 2018-11-16 | 杭州安恒信息技术股份有限公司 | A kind of IP Camera weak passwurd detection method and system |
| US20190260751A1 (en) * | 2018-02-18 | 2019-08-22 | Cisco Technology, Inc. | Internet of things security system |
-
2019
- 2019-12-19 GB GB1918809.3A patent/GB2590467A/en not_active Withdrawn
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20180041499A1 (en) * | 2016-08-03 | 2018-02-08 | American Megatrends, Inc. | System and method for securing ipmi remote authenticated key-exchange protocol (rakp) over hash cracks |
| US20190260751A1 (en) * | 2018-02-18 | 2019-08-22 | Cisco Technology, Inc. | Internet of things security system |
| CN108833447A (en) * | 2018-08-01 | 2018-11-16 | 杭州安恒信息技术股份有限公司 | A kind of IP Camera weak passwurd detection method and system |
Non-Patent Citations (1)
| Title |
|---|
| GUDRUN JONSDOTTIR ET AL: "IoT network monitor", 2017 IEEE MIT UNDERGRADUATE RESEARCH TECHNOLOGY CONFERENCE (URTC), 1 November 2017 (2017-11-01), pages 1 - 5, XP055543935, DOI: 10.1109/URTC.2017.8284179 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20230179586A1 (en) * | 2021-12-02 | 2023-06-08 | Fortinet, Inc | Systems and methods for proactively upgrading low quality access credentials |
Also Published As
| Publication number | Publication date |
|---|---|
| GB201918809D0 (en) | 2020-02-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11775622B2 (en) | Account monitoring | |
| US20210029156A1 (en) | Security monitoring system for internet of things (iot) device environments | |
| US10929538B2 (en) | Network security protection method and apparatus | |
| JP7299415B2 (en) | Security vulnerability protection methods and devices | |
| US11503073B2 (en) | Live state transition using deception systems | |
| US8266672B2 (en) | Method and system for network identification via DNS | |
| US8392972B2 (en) | Protected access control method for shared computer resources | |
| US7966650B2 (en) | Dynamic internet address assignment based on user identity and policy compliance | |
| US9489193B2 (en) | Method and system for providing software updates to local machines | |
| US8170352B2 (en) | String searching facility | |
| US20090217346A1 (en) | Dhcp centric network access management through network device access control lists | |
| RU2526754C2 (en) | System and method for selecting mobile device control functions | |
| EP1956463A2 (en) | Method and apparatus for providing network security based on device security status | |
| US20180198786A1 (en) | Associating layer 2 and layer 3 sessions for access control | |
| EP3298527A1 (en) | Secured access control to cloud-based applications | |
| US20220092087A1 (en) | Classification including correlation | |
| US8161558B2 (en) | Network management and administration | |
| US9686311B2 (en) | Interdicting undesired service | |
| GB2590467A (en) | Automatic change of password | |
| CN116996238A (en) | Processing method and related device for network abnormal access | |
| CN107846480B (en) | NXDOMAIN response packet processing method and device | |
| GB2624757A (en) | Method and system for outbound spam mitigation | |
| CN116614310A (en) | Method and device for authenticating and preventing attacks, storage medium and electronic equipment | |
| CN112398785A (en) | Resource sharing control method, device, system, storage medium and electronic device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| WAP | Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1) |