( Sta rt D
Contents
1. 23 2013 Sheet 3 of 3 US 2013 0133044 A1 s3090 ATES Obtain Signal fo Commence Wireless Access To Target Network For Assessment 53200 Collect And Record Target Wireless Access Point Characteristics At Predetermined Intervals S3300 Is Target NO Wireless Access Point Secured 3400 l F z reer Attempt Connection Via Target Wireless Access Point Using Common Authentication Passwords S3500 Connect To Target Network Via Target Wireless Access Point And Perform Scan Of Farget Network And Portals i Perform Additional Collection Functions Via Target Wireless Access Point As Appropriate 53700 Assessment Completion Criterion Satisfied YES PASER Analyze Collected Data Regarding Target Network and Portals S3900 Display And Or Export Data And Assessment Results As Appropriate 54000 FIG 3 US 2013 0133044 Al SELF PROPELLED HARVESTING VEHICLE INCLUDING A THERMOCHEMICAL REACTOR FOR CARBONIZING HARVESTED CROP MATERIAL BACKGROUND 0001 1 Field of the Disclosed Embodiments 0002 This disclosure relates to systems and methods for using hand held wireless devices to discretely scan for wire less access points and to collect various details regarding the scanned wireless access points and the networks that are accessible via those scanned wireless access points The col lected various details may include basic security implemen tations signal strengths and other like details regarding the scanned2. being achieved The method may analyze the gathered data in order to produce a first level of initial vul nerability assessment The analysis of the data and the detail of the initial assessment will vary depending on the sophisti cation of the analysis depth level and the computing resources of the user s own local hand held wireless device The method may then export raw data and the first level analysis to a remote user for additional analysis or other review 0056 FIG 3 illustrates a flowchart of an exemplary method for discretely and automatically assessing a wire lessly accessible network according to this disclosure As shown in FIG 3 operation of the method commences at Step 3000 and proceeds to Step 3100 0057 In Step 3100 the method may commence the data collection process by receiving a signal from a user generally when the user s own local hand held wireless device is posi tioned within range of one or more target wireless access points Such signal maybe manually generated by the user activating a user interface on the user s own local hand held wireless device The manual generation may be for example May 23 2013 via user activating the keyboard or touch screen or by using a voice command Operation method proceeds to Step 3200 0058 InStep S3200 the user s own local hand held wire less device receives data from one or more target wireless access points via for example a Wi Fi receiver in the
3. environments in which the subject matter of this disclosure may be implemented for familiarity and ease of understanding Although not required embodiments of the disclosure may be provided at least in part in a form of hardware circuits firmware or software computer executable instructions to carry out the specific functions described These may include individual program modules executed by a processor Generally program modules include routine pro grams objects components data structures and the like that perform particular tasks or implement particular data types in support of the overall objective of data collection analysis and assessment 0071 Those skilled in the art will appreciate that other embodiments of the disclosed subject matter may be prac ticed in communication and data network environments with many types of communication equipment and computer sys tem configurations including personal computers hand held devices multi processor systems microprocessor based or programmable consumer electronics and the like In keeping with an objective of the disclosed subject matter itis intended that the host device be generally hand held or otherwise May 23 2013 small in size in order that the user i e network assessor can discretely or otherwise covertly pass through the local net worked computing environment accessing one or more target wireless access points to collect relevant vulnerability data as descri
4. not limitation such com puter readable media can comprise RAM ROM EEPROM CD ROM flash drives data memory cards or other analog or digital data storage device that can be used to carry or store desired program elements or steps in the form of accessible computer executable instructions or data structures When information is transferred or provided over a network or another communications connection whether wired wire less or in some combination of the two the receiving proces sor properly views the connection as a computer readable medium Thus any such connection is properly termed a computer readable medium Combinations of the above should also be included within the scope of the computer readable media for the purposes of this disclosure 0074 Computer executable instructions include for example non transitory instructions and data that can be executed and accessed respectively to cause a user s own local hand held wireless device or a processor in such a user s own local hand held wireless device to perform cer tain of the above specified functions individually or in vari ous combinations Computer executable instructions may also include program modules that are remotely stored for access by a user s own local hand held wireless device to be executed by processors in the user s own local hand held wireless device when that device is caused to communicate in a network environment 0075 The exemplary depicted
5. undertaken is through installation of spe cific hardware appliances installed on site to perform routine vulnerability scans on the connected network and any devices connected to the network Drawbacks to this conventional solution include that such hardware installations tend to be less agile and are rarely accessible by entities outside the specific organization such as a company that operates or maintains the local network SUMMARY OF THE DISCLOSED EMBODIMENTS 0012 Many currently available commercial off the shelf hand held wireless devices such as smartphones have capa bilities to access various networks via random wireless access points These devices further have capabilities to gather cer tain details regarding access to the wireless access point Specifically there are applications for these devices that allow them to scan for wireless network access points or to perform network and port scans These devices can collect details that may include basic level security implementations and or signal strengths of the wireless access points In this regard information such as that which is collected by con ventional vulnerability assessment means can be collected by these standard commercial hand held wireless devices To date however there is generally no application for these commercial hand held devices to automate the process or to link together for example access point scanning with more detailed network port scanning
6. wireless access points and networks 0003 2 Related Art 0004 All manner of wireless devices are used to access various networks and network connected systems via ran dom wireless access points There has emerged a need for entities to accurately assess certain characteristics regarding specific wireless access points and the networks that are accessible via those wireless access points 0005 These assessment capabilities can be used to a num ber of beneficial purposes Among the benefits of assessing characteristics of a particular wireless access point is to assist commercial enterprises operating local networks govern ment agencies and law enforcement entities in performing overall vulnerability assessments on networks and the sys tems connected thereto that may be accessed through one or more wireless access points Vulnerability assessments can be used to determine weaknesses in particular target local net works or devices connected to the target local networks in order to evaluate susceptibility of the a particular target net work or individual device in communication with the par ticular target network to cyber attack 0006 Conventionally vulnerability assessments have been carried out on specific networks or otherwise in specific network environments using desktop computer systems or laptop computers For example existing programs for per sonal computers are available to perform extensive vulner ability scans
7. 0 may include a random access memory RAM or another type of dynamic storage device that is capable of storing collected information and separately storing instructions for execution of system opera tions by for example processor s 240 Data storage device US 2013 0133044 Al s 250 may also include a read only memory ROM which may include a conventional ROM device or another type of static storage device that stores static information and instruc tions for processor s 240 Further the data storage device s 250 may be integral to the system 210 or may be provided external to and in wired or wireless communication with the system 210 0048 The system 210 may include one or more external data communication interfaces 260 by which the system 210 may communicate with components external to the system 210 such as the exemplary wirelessly accessible local net worked computer environment 100 shown for example in FIG 1 Principal external data communication for the system 210 will generally be via at least one external data commu nication interface 260 configured to detect and communicate with one or more wireless access points such as those depicted as elements 120A C in FIG 1 In other words a specified one of the external data communication interfaces 260 may be configured as a Wi Fi receiver usable to detect signals indicative of wireless access points to collect charac teristic information regarding target wireless acce
8. 0013 It would be advantageous in view of the above identified drawbacks in conventional systems and methods for performing vulnerability assessments and in view of the capabilities of modern hand held wireless device to provide an individual user or user entity with a simple portable discrete and generally automated system and method for con ducting at least first level vulnerability assessments on par ticular wirelessly accessible networks The disclosed sys tems and methods may obviate the requirement for the use of US 2013 0133044 Al cumbersome conspicuous and specialized equipment gen erally in the form of a desktop or laptop computer with a particular operator to access particular networks via wireless access points to perform vulnerability assessments 0014 Invarious exemplary embodiments the systems and methods according to this disclosure may provide a simple solution via a user s own local hand held wireless device such as a commercially available smartphone tablet PDA or the like to discretely and automatically access a particular target network via one or more wireless access point to assess characteristics of the target network and the wireless access points The assessment of these characteristics may advanta geously provide a basis for for example a vulnerability assessment of the target network 0015 Invarious exemplary embodiments the systems and methods according to this disclosure may provide gover
9. US 20130133044A1 as United States a2 Patent Application Publication 10 Pub No US 2013 0133044 Al MORRISON et al 54 75 73 21 22 51 SELF PROPELLED HARVESTING VEHICLE INCLUDING A THERMOCHEMICAL REACTOR FOR CARBONIZING HARVESTED CROP MATERIAL Inventors John S MORRISON Crownsville MD US Kyle J Roach Hanover MD US Assignee LOCKHEED MARTIN CORPORATION Bethesda MD US Appl No 13 300 020 Filed Nov 18 2011 Publication Classification Int Cl HOA4L 29 06 2006 01 GO06F 11 00 2006 01 43 Pub Date May 23 2013 52 U S CL USPC ainn 726 5 726 25 726 2 57 ABSTRACT A system and method are provided for employing a hand held wireless device to assess a vulnerability of a wirelessly ac cessible target network to intrusion and or cyber attack The system and method are directed at providing discrete covert and fully automated wireless access to the target network via one or more wireless access points and to assessing charac teristic of the one or more wireless access points and the target network in support of a vulnerability assessment The hand held wireless device is configured to collect appropriate data regarding the wirelessly accessible network including net work and portal scans and higher level programmed data collection The hand held wireless device is further config ured to analyze the collected data and to produce at least a first level vulnerab
10. bed above without alerting users or administrators of the target network to the ongoing collection or assessment effort 0072 Embodiments according to this disclosure may also be practiced in distributed computing environments where tasks are performed by local and remote processing devices that are linked to each other by hardwired links wireless links or a combination of both through a communication network In a distributed computing environment program modules may be located in both local and remote memory storage devices This may be particularly applicable for embodiments according to this disclosure where the collec tion effort is undertaken locally through use of the user s own local hand held wireless device and the analysis depending on a detail required of that analysis may occur in a remote server in communication with the user s own local hand held wireless device 0073 As indicated above embodiments within the scope of this disclosure may also include computer readable media having stored computer executable instructions or data struc tures that can be accessed read and executed by the user s own local hand held wireless device using a compatible wired or wireless data reader Such computer readable media can be any available media that can be accessed by a proces sor general purpose or special purpose computer in or in communication with the user s own local hand held wireless device By way of example and
11. d collection criterion 0026 Invarious exemplary embodiments the systems and methods according to this disclosure may also provide an ability to basically analyze the gathered data or to otherwise generate a detailed assessment report for export in a form that is usable by the user or usable by an agency or entity to which the user may communicate such a report US 2013 0133044 Al 0027 These and other features and advantages of the disclosed systems and methods are described in or apparent from the following detailed description of various exemplary embodiments BRIEF DESCRIPTION OF THE DRAWINGS 0028 Various exemplary embodiments of the disclosed systems and methods for discretely and automatically assess ing a network vulnerability using a user s own local hand held wireless device accessing the network via one or more wireless access points will be described in detail with refer ence to the following drawings in which 0029 FIG 1 illustrates a schematic diagram of an exem plary wirelessly accessible local computer networked envi ronment with which the systems and methods according to this disclosure may operate 0030 FIG 2 illustrates a block diagram of an exemplary system for discretely and automatically assessing a wire lessly accessible network according to this disclosure and 0031 FIG 3 illustrates a flowchart of an exemplary method for discretely and automatically assessing a wire lessly access
12. d list 17 The hand held device of claim 11 further comprising a user interface by which the user provides a manual signal to the device to initiate the process 18 The hand held device of claim 17 wherein the proces sor is further configured to automatically terminate the pro cess for the automatically scanning based on at least one of a predetermined elapsed time from initiation of the process by the user and a predetermined data collection criterion being achieved 19 The hand held device of claim 1 wherein the output device outputs the stored data via a wired or wireless connection to a remote server and the remote server includes at least an analyzing device that analyzes the output stored data to produce an assessment of a vulnerability of the target network to intrusion US 2013 0133044 Al 20 The hand held device of claim 11 wherein the col lected data includes at least one of signal strengths and secu rity implementations for the one or more wireless access points 21 The hand held device of claim 20 wherein the col lected data further includes at least one of packet collection and Wired Equivalent Privacy cracking 22 The hand held wireless device of claim 11 wherein the hand held wireless device is a stand alone device for autono mously performing all steps of data collection and analysis supporting the vulnerability assessment of the target network 23 A non transitory computer readable medium storing in
13. dapted according to the specific capabilities discussed in this disclosure is contemplated as being covered by the following description 0034 Individual features and advantages of the disclosed systems and methods will be set forth in the detailed descrip tion that follows and will be in part obvious from the detailed description or may be learned by practice of the features described in this disclosure The features and advan tages of the systems and methods according to this disclosure may be realized and obtained by means of the individual elements and combinations of those elements as particularly pointed out in the appended claims While specific implemen tations are discussed it should be understood that this is done for illustration purposes only A person of ordinary skill in the relevant art may recognize that other components and con May 23 2013 figurations may be used without departing from the spirit and scope of the subject matter of this disclosure 0035 Various aspects of the disclosed embodiments relate to a system and a method for discretely and automatically assessing characteristics of a target network particularly those characteristics that may indicate vulnerabilities of the target network and the devices connected thereto to unautho rized intrusion up to and including cyber attack using a user s own local hand held wireless device for accessing the target network via one or more wireless access point
14. he exemplary analysis depth level assessment device 274 functions such as for example determining whether a wireless access point is secured or otherwise unse cured may be undertaken In instances where a wireless access point is unsecured the analysis depth level assessment device 274 may execute functions required to connect to the network via the wireless access point and perform network and or portal scans Again depending on the details of the functions provided by the analysis depth level assessment device 274 in instances where a wireless access point is determined to be secured the analysis depth level assessment device 274 may attempt to execute connection with the net work using common authentication passwords These com mon authentication passwords may for example be stored in one or more data storage devices 250 Further and again depending on the program functionality the analysis depth level assessment device 274 may execute functions to per form for example data packet collection and or WEP crack ing As indicated above is intended that once initiated the data collection and at least first level analysis may be provided locally by the system 210 covertly carried by a user in the targeted wirelessly accessible local computing network envi ronment see FIG 1 0052 The system 210 may include at least one data out put display device 280 which may be configured as one or more conventional mechanisms that output i
15. ible network according to this disclosure DETAILED DESCRIPTION OF THE DISCLOSED EMBODIMENTS 0032 The systems and methods for discretely and auto matically assessing a wirelessly accessible network accord ing to this disclosure will generally refer to this specific utility for those systems and methods Exemplary embodiments described and depicted in this disclosure should not be inter preted as being specifically limited to any particular configu ration or directed to any particular intended use In fact any discrete detection access and assessment tasks using for example a user s own local hand held wireless device for accessing a target network via one or more wireless access points that may benefit from a part or all of the systems and methods according to this disclosure are contemplated 0033 Specific reference to for example any particular wireless device including any particular hand held wireless device should be understood as being exemplary only and not limited in any manner to any particular class of devices The systems and methods according to this disclosure will be described as being particularly adaptable to being hosted on common commercial off the shelf hand held wireless devices such as smartphones tablets PDAs and the like but should not be considered as being limited to only these devices Any common wireless computing device that may be particularly discretely concealed by a user and which may be a
16. ice automatically scanning the target network to collect data on the target network with the hand held wireless device storing the collected data in the hand held wireless device analyzing the stored data to produce an assessment of a vulnerability of the target network to intrusion and outputting the results of the analysis is a usable format for a user 2 The method of claim 1 wherein all of the accessing automatically scanning storing analyzing and outputting are accomplished autonomously by the hand held wireless device 3 The method of claim 1 wherein the hand held wireless device automatically determines whether the one or more wireless access points are secure and when the hand held wireless device determines that the one or more wireless access points is secure the hand held wireless device automatically attempts connection via the secure one or more wireless access points using common authentication protocols 4 The method of claim 3 wherein the common authenti cation protocols include a list of common authentication passwords 5 The method of claim 1 wherein the method is initiated on a manual signal from the user via a user interface in the hand held wireless device 6 The method of claim 5 further comprising automatically terminating the automatically scanning the target network and the storing the collected data based on at least one of a predetermined elapsed time from initiation of the method by
17. ili ties in a given target network without alerting users of the network to the ongoing assessment process As such users of the network will likely be completely unaware that any vul nerability assessment is being undertaken Another advantage of the systems and methods according to this disclosure is that they are capable of being implemented on most off the shelf wireless hand held devices including but not limited to smartphones tablets and PDAs having a wireless Wi Fi receiver 0021 Invarious exemplary embodiments the systems and methods according to this disclosure do not require signifi cant computing power or otherwise specific training for an assessor The simplicity of the systems and methods accord ing to this disclosure is their ability to be implemented on virtually any commercially available hand held device that includes at least a Wi Fi receiver and to perform at least the data collection without interaction with the assessor 0022 In various exemplary embodiments systems and methods according to this disclosure may also provide higher level settings to perform additional assessment options under aconcept of Analysis Depth Level ADL Depending on the ADL the process may be specifically automated to perform connection to individual access points determinations of potential passwords for the individual access points wireless packet capture and Wired Equivalent Privacy WEP crack ing 0023 Invarious exem
18. ility assessment of the target network without interaction by the user 53000 53100 Obtain Signal To Commence Wireless Access To Target Network For Assessment 53200 z z Collect And Record Target Wireless Access Point Characteristics At Predetermined Intervals 53300 YES 3400 Point Using Common Authentication Passwords 535009 S3606 Is Target Wireless Access Point Secured Attempt Connection Via Target Wireless Access Connect To Target Network Via Target Wireless Access Point And Perform Scan Of Target Network And Portals NO Perform Additional Collection Functions Via Target Wireless Access Point As Appropriate S3 700 Assessment Completion Criterion Satisfied Soeet Analyze CoHected Data Regarding Target Network and Portais YES P3200 Display And Or Export Data And Assessment Results As Appropriate a D Patent Application Publication May 23 2013 Sheet 1 of 3 US 2013 0133044 A1 Networked Computing Environment 140A 110 Patent Application Publication May 23 2013 Sheet 2 of 3 US 2013 0133044 A1 270 Data Extraction and Analysis Unit User aan Interface Basic Data Extraction Device Position 230 Reference Device 240 Processor Analysis Depth Level Assessment Bata Device 250 Storage Device External Data 260 CcCommunication Interface 290 Data Output Display 280 Device FIG 2 Patent Application Publication May
19. ing some common authentication password will be collected to aid in the later assessment of the vulner ability of the particular network to intrusion and or attack Operation of the method proceeds to Step 3500 0062 In Step S3500 once access is gained to a target network via the one or more target wireless access points connections made to the target network and a scan of the target network associated portals and even connected devices may be commenced Basic level information regard ing characteristics of the wireless access points the network the portals connected devices and the like may be collected Operation of the method proceeds to Step 3600 0063 In Step S3600 depending on the computing power of user s own local hand held wireless device and a sophis tication of an analysis depth level of the stored process the method may undertake more sophisticated or detailed data collection Such additional data collection may include per forming WEP cracking or other like data collection from the target network associated portals associated devices and the like Operation of the method proceeds to Step 3700 0064 Step 3700 is a determination step In Step 3700 a determination is made regarding whether the data collection portion of method is complete This determination may be made by the user who may in turn provide manual input to the user s own local hand held wireless device to terminate the data collection effor
20. k to support a vulnerability assessment and 3 store the collected data in the storage devices and an output device that outputs the stored data to a user of the hand held wireless device 12 The hand held wireless device of claim 11 further comprising an analyzing device that analyzes the stored col lected data to produce an assessment of a vulnerability of the target network to intrusion 13 The hand held wireless device of claim 13 wherein the output device further comprises a display device for locally displaying a result of the produced vulnerability assessment 14 The hand held wireless device of claim 11 wherein the hand held device is one of a smartphone a tablet or a PDA 15 The hand held wireless device of claim 11 wherein the processor is further configured to determine whether the one or more wireless access points are secure and when the processor determines that the one or more wire less access points is secure the processor further directs automatic attempts to connect via the secure one or more wireless access points using common authentication protocols 16 The hand held wireless device of claim 15 wherein the common authentication protocols include a list of com mon authentication passwords stored in the storage device and the processor directs the automatic attempts to connect via the secure one or more wireless networks by sequen tially applying the common authentication passwords from the store
21. m 210 while analysis functions may occur at a remote location where data collected from a specifically targeted network by the system 210 may be computer analyzed in more detail manner As indicated above a specific objective of the sys tems and methods according to this disclosure remains how ever to house all of the required components for vulnerability assessment and analysis of a wirelessly accessible network within the user s own local hand held wireless device 110 see FIG 1 which can be inconspicuously carried and oper ated to perform the data acquisition and analysis discussed in this disclosure 0050 The basic data extraction device 272 may be pro vided to perform rudimentary signal acquisition tasks includ ing 1 basic signal strength assessment and 2 basic secu rity implementations interrogation of a target wireless access point or a target network The basic data extraction device 272 may therefore provide a first level of data for assessment of May 23 2013 the vulnerability of the accessed network and or devices connected to the accessed network 0051 An analysis depth level assessment device 274 may be provided to perform higher level interrogations For example the analysis depth level assessment device 274 may cause or control the system 210 to attempt connections to wireless access points which may or may not be secured i e password protected Depending on a robustness in the pro gramming of t
22. n ment agencies and law enforcement entities with a capability to discretely collect data regarding a particular target network and or wireless access point associated with the target net work and to determine the target network s potential for sus ceptibility to cyber attack 0016 Invarious exemplary embodiments the systems and methods according to this disclosure may provide a capability using a wireless Wi Fi receiver in a user s own local hand held wireless device such as a smartphone tablet or PDA to automatically perform at least a basic vulnerability assess ment in a manner that will not be skewed by individual system participants modification in their behavior based on a con spicuous presence of a particular assessor and associated assessment equipment while conducting the vulnerability assessment 0017 The systems and methods according to this disclo sure may provide a level of automation to the assessment that would alleviate virtually all interaction between the assessor and the assessing device in completing the assessment Such automation would have the benefit of affording the assessor an opportunity to simply begin the assessment by activating a wholly automated process via a hand held device placing the hand held device in for example a pocket or bag and walk ing through a target area in which the vulnerability assess ment is to be undertaken Data would be collected autono mously by the hand held de
23. n or attack Operation of the method proceeds to Step 3900 0068 InStep S3900 the method may display or otherwise export raw data as well as the results of the analysis regarding the susceptibility of the target network to intrusion or attack for the beneficial use of the user of the user s own local hand held wireless device or to such other user as may ben efit from details of the raw data and the analysis of that data undertaken by the method Such other user may include for example the company that controls the target network and is intent on determining a vulnerability of its network Such a user may also include groups such as law enforcement entities and government agencies that may beneficially use the col lected data and assessment to determine a particular target network s ability to avoid intrusion or otherwise ward off cyber attack Operation of the method proceeds to Step S4000 where operation of the method ceases 0069 The disclosed embodiments may include a non transitory computer readable medium storing instructions which when executed by a processor may cause the proces sor to execute all or at least some of the steps of the method outlined in paragraph 0053 and otherwise described in detail in paragraphs 0054 0066 above 0070 The above described exemplary systems and meth ods reference certain conventional components to provide a brief general description of suitable communication and pro cessing
24. nformation to the user including a display screen on the user s own local hand held wireless device The data output display device 280 may separately be an output port for connection to a printer a copier a scanner a multi function device or a remote storage medium such as a memory in the form for example of a magnetic or optical disk with a corresponding disk drive or otherwise a remote server as discussed above In instances where only the data collection functions are undertaken locally with the system 210 at least one data output display device 280 may be specifically used to facilitate download of collected data regarding the one or more wirelessly acces sible targeted networks in order that the analysis of the col lected data to include further analysis depth level assessment or data export to a user may be accomplished on a separate computing platform Any suitable data connection in wired or wireless communication with an external data repository or external data analysis unit is contemplated to be encompassed by the at least one data output display device 280 0053 All of the various components of the system 210 as depicted in FIG 2 may be connected by one or more data control busses 290 These data control busses 290 may pro vide wired or wireless communication between the various components of the system 210 whether all of those compo nents are housed integrally in or are otherwise external and connected to the
25. omputing environment 100 via one or more wireless access points 120A C whether password pro US 2013 0133044 Al tected or not 2 a strength of a signal received from the one or more wireless access ports 120A C and 3 an own device s ability to scan the local networked computing envi ronment 100 including individual portals and devices con nected thereto and to capture wireless packets as such capa bilities are available in the user s own local hand held wireless device 110 0040 Itshould be noted that each of the wired and wireless data communications lines between the various components shown in FIG 1 are unnumbered because one of ordinary skill in the art will recognize that such internal communications could be displayed and or depicted in a virtually a limitless combination of connections between individual components and devices as displayed in exemplary manner attached to the exemplary local networked computing environment 100 shown in FIG 1 0041 As will be discussed in detail below once the user s own local hand held wireless device 110 gains access to the exemplary local networked computing environment 100 the user s own local hand held wireless device 110 may be manu ally activated by the user to commence a process by which the user s own local hand held wireless device 110 connects to various components whether password protected or not to assess the vulnerability of those individual components to fo
26. on networks of computers One example of such a system was developed by Tenable Network System and is marketed under the trade name Nessus as a proprietary comprehensive vulnerability scanning program These vul nerability assessment systems include capabilities to detect for example potential vulnerabilities on tested network sys tems that may allow an intruder into the network to gain access to and potentially exercise control of sensitive data in a particular targeted network system These vulnerability assessment systems may also detect other areas of exposure including for example weaknesses in password protocol to include existence of common default or missing passwords 0007 Significant drawbacks exist in these conventional vulnerability assessment systems Such conventional vulner ability assessment systems are generally very extensive requiring excessive time and manipulation by a trained operator in order to provide an accurate assessment These conventional vulnerability assessment systems also generally require significant computing power It is for this reason that the conventional vulnerability assessment systems are gener ally hosted on a large and conspicuous specifically config ured desktop and or laptop computer These computer sys tems are rendered more conspicuous when they are introduced into the network workplace environment by a May 23 2013 trained operator whose manipulation of the system is gener all
27. one by which a user may provide oral commands to the system 210 to be translated by a voice recognition program or otherwise or 4 other like device for user activation of and communica tion with the data collection and analysis methodology embodied in the system 210 0044 The system 210 may optionally include one or more position reference devices 230 Such position reference devices 230 may comprise a GPS receiver for receiving glo bal positioning satellite location information to the system 210 and or may include an inertial navigation system or other like device that can localize the position of the system for use Information regarding a position of the system 210 may prove beneficial in providing additional data which may be of use in the assessment of the specific target network system particu larly with regard to the position of any specific wireless access point that is accessed by the system 210 0045 The system 210 may also include one or more local processors 240 for individually operating the system 210 and carrying out data collection processing assessment and con trol functions such as those that will be described in detail below Processor s 240 may include at least one conven tional processor or microprocessor that interprets and executes instructions to direct specific data collection and storage functions with regard to any specific target wireless network Processor s 240 may initiate and control of the da
28. plary embodiments the systems and methods according to disclosure may generally allow a user to manually commence network assessment via a specific wireless access point by activating an automated capability stored within the user s own local hand held wireless device Information regarding one or more wireless access points may be automatically recorded by the user s own local hand held wireless device at specified intervals such as for example each 1 to 2 seconds 0024 Depending on a level of sophistication of the ADL if the wireless access point is unsecured the user s own local hand held wireless device may automatically connect to the network and perform network and or port scans Otherwise if the wireless access point is secured and the level sophistica tion of the ADL supports such a capability the user s own local hand held wireless device may attempt to connect to the network using one or more common authentication pass words Again depending on the level of sophistication of the ADL the user s own local hand held wireless device may perform some level of wireless packet collection and or WEP cracking via the accessed network 0025 In various exemplary embodiments the user may then manually terminate the collection portion of the assess ment process or the entire assessment process Otherwise the collection process may be automatically stopped based on an elapsed time or according to some other predetermine
29. r example cyber attack or other intrusion into the exemplary local networked computing environment 100 In this manner at least a first level vulnerability assessment may be autono mously performed by a user by simply activating the process with the user s own local hand held wireless device 110 and further simply remaining in range of the one or more wireless access points 120A C such as for example by simply walk ing through a physical area covered by the wirelessly acces sible local networked computing environment 100 0042 FIG 2 illustrates a block diagram of an exemplary system for discretely and automatically assessing a wire lessly accessible network according to this disclosure The exemplary system 210 shown in FIG 2 may be embodied in for example the user s own local hand held wireless device 110 such as that discussed above with reference to FIG 1 Otherwise portions of the exemplary system 210 shown in FIG 2 may be housed in a remote location such as remote server not shown with which the user s own local hand held wireless device 110 may be in electronic communication An objective of the systems and methods according to this dis closure however is to house the data acquisition processing and analysis functions locally in the user s own local hand held wireless device 110 This objective supports a goal of providing discrete and autonomous assessment of the wire lessly accessible network by a user s o
30. s The user s own local hand held wireless device may be autono mously employed for signal detection wireless network access and a specific level of network analysis using an adapted program stored in or executed by the user s own local hand held wireless device The systems and methods according to this disclosure may employ a corresponding computer readable medium with a program stored thereon which is accessible to the user s own local hand held wireless device for execution 0036 The disclosed embodiments may be advantageously operated in a local computing environment In this regard a user s own local hand held wireless device may be operated within the local computing environment discretely and auto matically so as to minimize or eliminate an opportunity for a user or even an administrator of the local computing envi ronment to be made aware that an external assessment of any kind including an assessment of a vulnerability of the local computing environment to intrusion is ongoing 0037 FIG 1 illustrates a schematic diagram of an exem plary local networked computing environment 100 with which the systems and methods according this disclosure may operate As shown in FIG 1 and as is commonly under stood the exemplary local networked computing environ ment 100 may include any combination of a plurality of workstations 130A G of various types coupled to or in direct or networked communication with one or more ser
31. sequence of executable instructions or associated data structures represents one example of a corresponding sequence of acts for implement ing the functions described in the steps The exemplary depicted steps may be executed in any reasonable order to affect the objectives of the disclosed embodiments 0076 Although the above description may contain spe cific details they should not be construed as limiting the US 2013 0133044 Al claims in any way Other configurations of the described embodiments of the disclosed systems and methods are part of the scope of this disclosure For example the principles of the disclosure may be applied to each individual user where each user may individually deploy such a system This enables each user to employ the benefits of the disclosure even if any one of the large number of possible applications do not need a specific aspect of the functionality described and depicted in this disclosure In other words there may be multiple instances of the components each processing the content in various possible ways It does not necessarily need to be one system used by all end users Accordingly the appended claims and their legal equivalents should only define the disclosure rather than any specific examples given We claim 1 A method for assessing vulnerabilities in a target net work comprising accessing the target wireless network via one or more wireless access points with a hand held wireless dev
32. ss points to particularly assess at least a signal strength e g Received Signal Strength Indication or RSSI and where appropriate information on security implementations that may later be usable to assess a vulnerability of a particular wirelessly accessible network to intrusion and attack Otherwise the one or more external data communications interfaces 260 may include any mechanism that facilitates direct communication or communication via a network environment for the sharing of results of the processing collection and analysis under taken by the system 210 0049 The system 210 may also include a specific data analysis and extraction unit 270 as a part of a processor 240 coupled to for example one or more storage devices 250 or as a separate component module or circuit in the system 210 The data analysis and extraction unit 270 may include at least a basic data extraction device 272 and an analysis depth level assessment device 274 As with all of the components of the system 210 the data analysis and extraction unit 270 with its basic data extraction device 272 and analysis depth level assessment device 274 is preferably housed locally in a user s own local hand held wireless device but portions of data analysis and extraction unit 270 may be housed on a remote server not shown In this manner specific data col lection may be undertaken locally under control of for example one or more processor s 240 in the syste
33. structions which when executed by a processor cause the processor to execute the method of claim 1 May 23 2013
34. t Otherwise the system may automati cally terminate the data collection effort based on reaching a predetermined elapsed time or some other predetermined data collection criterion It should be recognized as one of the beneficial aspects of the disclosed method that once com menced generally on some signal from a user the operation of the method particularly a data collection portion may pro ceed automatically without requiring further input from the user US 2013 0133044 Al 0065 If in Step S3700 it is determined that the data col lection operation is not complete operation of the method reverts to Step 3500 0066 If in Step S3700 it is determined that the data col lection operation is complete operation of the method pro ceeds to Step S3800 0067 In Step S3800 the method may analyze the col lected data locally in the user s own local hand held wireless device to produce at least a first level assessment regarding a vulnerability of the target wirelessly accessible network to intrusion and or cyber attack It should be understood how ever that such analysis particularly if it is to be more rigor ous may be undertaken by connecting the user s own local hand held wireless device to some other computing station via either a wired or wireless connection in order that the resources of the other computing station may be employed to add more rigor to the analysis of the susceptibility of the target network to intrusio
35. ta collection and analysis efforts of the system 210 once those efforts are initiated by for example manual input by a user via the user interface 220 The data collection and analysis efforts once initiated may be controlled by the processor s 240 to continue for some predetermined period of time or until some other predetermined data collection criterion is met at which point the processor 240 may suspend the data acquisition and or analysis functions It should also be under stood that the processor s 240 may control only the data acquisition process while analysis and assessment may need to be separately undertaken either locally or in communica tion with for example a remote server not shown 0046 The system 210 may include one or more data stor age devices 250 Such data storage device s 250 may be used to store data or operating programs to be used by the system 210 and specifically the processor s 240 Data storage device s 250 may be used to collect information regarding for example signal strengths security implementations and other related information regarding wirelessly accessible networks The data storage device s 250 may facilitate the collection of data in an initial inconspicuous data collection sweep performed by a user and store such data for the user to remove the system 210 to a remote location in order to pro vide some level of detailed analysis of the collected data 0047 Data storage device s 25
36. the user and a predetermined data collection criterion being achieved 7 The method of claim 1 wherein the accessing the automatically scanning and the storing are accomplished autonomously by the hand held wire less device and the analyzing of the stored data and the outputting of the results are accomplished by a remote computing device communicating with the hand held wireless device 8 The method of claim 1 wherein the collected data includes at least one of signal strengths and security imple mentations for the one or more wireless access points May 23 2013 9 The method of claim 8 wherein the collected data fur ther includes at least one of packet collection and Wired Equivalent Privacy cracking 10 The method of claim 1 wherein the hand held wireless device is one of a smartphone a tablet and a PDA and the hand held wireless device is a stand alone device for performing all of the steps of the method 11 A hand held wireless device for assessing vulnerabili ties in a target network comprising an external data communication interface configured as a receiver for receiving wireless signals passively from one or more wireless access points via which the target network can be accessed a storage device a processor that that is configured to 1 direct a process for automatically scanning the target network 2 collect data on at least one of the one or more wireless access points and the target networ
37. thod may then cause the user s own local hand held wireless device to com mence automatically collecting and recording information regarding wireless access points within a range of user s own local hand held wireless device at predetermined intervals Depending on a sophistication of an analysis depth level the method may determine whether a target wireless access point is secured If the method determines that the target wireless access point is secured the method may attempt connection to the secured wireless access point using common authenti cation passwords Once a connection is made with a target wireless access point whether secured or unsecured the method may connect via the target wireless access point and begin performing network and portal scans all the while collecting and storing information based on the scans Again depending on the level sophistication of the analysis depth level the method may attempt to perform packet collection and or WEP cracking and or other appropriate data collection tasks by which ultimately an analysis of a vulnerability or susceptibility to intrusion and attack of the target network may be assessed The method may continue the data collec tion via the target wireless access point until the collection portion of the method is stopped Such a stop in the collection effort may be signaled by user manual input a predetermined elapsed time being reached or some other specified collec tion criterion
38. user s own local hand held wireless device and assesses character istics of the one or more target wireless access points These characteristics include for example a signal strength or RSSI security implementation and other like data for the one or more target wireless access points The data may be col lected from the target wireless access points at predetermined intervals Such predetermined intervals may be for example on an order of each 1 2 seconds or as often as the processing capability of the user s own local hand held wireless device may permit Operation of the method proceeds to Step 3300 0059 Step S3300 is a determination step In Step S3300 a determination is made regarding whether the one or more target wireless access points are secured If in Step 3300 it is determined that the one or more target wireless access point is unsecured operation the method proceeds to Step S3500 0060 Ifin Step S3300 it is determined that the information regarding the one or more target wireless access points is secured operation of the method proceeds to Step S3400 0061 InStep S3400 the method may attempt connection with the one or more target wireless access points using common authentication passwords Such common authenti cation passwords may be stored in one or more data storage devices in the user s own local hand held wireless device Data regarding an ability to access one or more target wireless access points us
39. user s own local hand held wireless device 0054 It should be appreciated that although depicted in FIG 2 as an integral unit the various disclosed elements of the system 210 may be arranged in any combination of sub systems as individual components or combinations of com ponents integral to a single unit or external to and in wired US 2013 0133044 Al or wireless communication with the single unit of the system 210 In other words no specific configuration as an integral unit or as a support unit is to be implied by the depiction in FIG 2 Further although depicted as individual units for ease of understanding of the details provided in this disclosure regarding the system 210 it should be understood that the described functions of any of the individually depicted com ponents may be undertaken for example by one or more processors 240 connected to and in communication with one or more data storage devices 250 0055 The disclosed embodiments may include a method for detecting wireless access points and for quantifying char acteristic of the detected wireless access points to include for example an assessment of signal strengths of the wireless access points or security implementations associated with the wireless access points or with networks and network devices that may be accessed via the wireless access points The method may obtain a signal that indicates the user desires to commence the assessment process The me
40. vers 140A B Individual components of the exemplary local net worked computing environment 100 may be individually connected to each other or otherwise in communication with each other via some sort of central mainframe not shown by combinations of wired and wireless communication between individual elements 0038 A user s own local hand held wireless device 110 may be provided to communicate with the exemplary local networked computing environment 100 via one or more wire less access points 120A C The user s own local hand held wireless device 110 may be configured to randomly search for available wireless access points and to connect with the exem plary local networked computing environment 100 via those wireless access points 120A C It is based on this ability of such an exemplary user s own local hand held wireless device 110 to communicate directly with the exemplary local networked computing environment 100 via any wireless access point that represents the portal by which the local networked computing environment 100 may susceptible to intrusion 0039 The user s own local hand held wireless device 110 may constantly or periodically attempt to access the exem plary local networked computing environment 100 according to apredetermined access scheme The user s own local hand held wireless device 110 may be available according to the details below to assess 1 an ability to connect to the exem plary local networked c
41. vice as the assessor simple passes through the area 0018 In various exemplary embodiments of the systems and methods according to this disclosure the user s own local hand held wireless device may provide an initial first level vulnerability assessment ofa particular network of interest or devices connected to the network in order that a government agency or law enforcement entity may be provided with information appropriate to later run a cyber attack on the particular network of interest 0019 Invarious exemplary embodiments the systems and methods according to this disclosure may provide a capability for a user s own local hand held wireless device to scan wireless access points such as for example Wi Fi access points to gather various details regarding the scanned wire less access points The details may include for example basic levels of security implementation signal strengths or other like data that may be gathered with an appropriately auto mated user s own local hand held wireless device 0020 Invarious exemplary embodiments the systems and methods according to this disclosure may additionally pro vide a simple discrete solution to assessing the vulnerabili ties of a particular network An advantage of the systems and May 23 2013 methods according to this disclosure is that the disclosed discrete vulnerability detection means that the user of the local hand held wireless device can detect such vulnerab
42. wn local hand held wireless device 110 see FIG 1 to determine susceptibility of the wirelessly accessible network to intrusion and cyber at tack In this regard the system 210 may be housed in virtually any commercial off the shelf hand held wireless device such as for example a smartphone a tablet a PDA or other like device 0043 The system 210 may include a user interface 220 by which the user may communicate with the system 210 The user interface 220 may be configured as one or more conven tional mechanisms common to hand held wireless devices such as those listed above The user interface may permit a user to input information to the system 210 in order to for example to activate an assessment methodology according to this disclosure An objective of such activation would be to simply begin an automated assessment process requiring May 23 2013 little if any additional user interaction while the system 210 performs the automated data collection and assessment func tions The user interface 220 may include for example an integral keyboard by which the user may communicate with the system 210 In exemplary embodiments a specific user interface 220 may include simply a hot key for activating the specific assessment methodology according to this dis closure The user interface 220 may alternatively include 1 a touchscreen with soft buttons 2 various components for use with a compatible stylus 3 a microph
43. y required to provide effective assessment and analysis of the results 0008 Adding to the above physical drawback in employ ing such conventional systems and methods is that the use of these clearly visible conventional devices most often intro duced into the network environment by the equally conspicu ous outside assessor can cause disruption in the network workplace environment in which the evaluation device is employed In such instances users and administrators alike have been known to modify systems and or individual behav iors when it is clear from the use of conspicuous methods and systems that some sort of assessment is underway 0009 This modification in behavior by individuals oper ating monitored systems and networks can have adverse effects on the results of any evaluation which can be at least in part attributed to the conspicuously undertaken nature of the assessment The results of any evaluation can be for example improperly skewed thereby lessening the effective ness of the assessment 0010 Additionally use of additional conspicuous evalua tion devices in certain secure environments can cause an individual assessor to be harassed or otherwise bothered by individual system operators and or regular security person nel the latter including being independently detained while access and equipment protocols receive heightened scrutiny 0011 Another conventional manner by which vulnerabil ity assessments are
Download Pdf Manuals
Related Search