Keeping devices in check

Issue 7 2022 Information Security, Asset Management, Infrastructure

Kaspersky’s latest invention is intended for logically linking various electronic devices into a single network around the account of the owner and identifying similarities between device configurations. The technology will help to prevent any user devices from becoming a vector of attack against another device or user data, and will inform them if their configuration is insecure.

According to Deloitte, the number of electronic devices with a network interface belonging to the same household or user has doubled in only the last three years. The similar growth, however, can be also observed in the attacks targeting IoT devices. This situation provokes the need for technologies that will ensure the security of various and mutual Internet-connected devices and their owners.

A single smart home usually consists of a number of devices, including home appliances and wearables with different security integration capabilities, code vulnerabilities and patch timing. So today, to keep a home safe from cyberattacks, an owner of all these devices must dedicate special attention to ensuring regular device patching, or configuring a secure device network that isolates insecure gadgets from others.

The patent ‘System and Method for Analysing Relationships Between Clusters of Electronic Devices to Counter Cyberattacks’, issued by the US Patent and Trademark Office, provides a new method of facilitating cybersecurity management of IoT devices. It allows users to detect every gadget belonging to the same network environment and to correlate them with similar networks for further identifying actual or potential cybersecurity gaps. Thus, if any device in the user’s network is insecure and has already been an attack vector, or if a similarly configured network has been compromised, the technology will detect it and warn the user or security solution about the possible danger.

While conventional linking technologies rely on data which can be removed (such as cookies) or on heuristics having inadequate accuracy, the Kaspersky invention offers reliable and long-lasting linkage of devices, relating them to a profile and operatively responding to a change in the user profile.

The patented technology also ensures attribution of an unknown device to a cluster of devices. The method implies the defining of relationships between the gadget and its environment/surroundings, and further applies the discovered patterns for attributing other devices into the same cluster. A relationship between the devices is determined using the computed similarity metric. This technology is intended to help cybersecurity solutions analyse connected devices to further understand if specific devices or their particular configuration pose any risks, and also offers the kind of protection needed and provides it.

“The technologies of linking devices are mostly used in marketing for learning consumer behaviour. But as a cybersecurity company, we saw that this functionality has a large potential in addressing the current challenges of connected device protection,” says Dmitry Ivanov, inventor of the technology and intellectual property specialist at Kaspersky. “Although the patented technology is not yet implemented into Kaspersky solutions, we are exploring possible ways for its application to make sure that it will advance IoT security to a new level.”

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Kaspersky finds 24 vulnerabilities in biometric access systems
Technews Publishing Information Security
Customers urged to update firmware. Kaspersky has identified numerous flaws in the hybrid biometric terminal produced by international manufacturer ZKTeco, allowing a nefarious actor to bypass the verification process and gain unauthorised access.

Responsible AI boosts software security
Information Security
While the prevalence of high-severity security flaws in applications has dropped slightly in recent years, the risks posed by software vulnerabilities remain high, and remediating these vulnerabilities could hinder new application development.

AI and ransomware: cutting through the hype
AI & Data Analytics Information Security
It might be the great paradox of 2024: artificial intelligence (AI). Everyone is bored of hearing it, but we cannot stop talking about it. It is not going away, so we had better get used to it.

NEC XON shares lessons learned from ransomware attacks
NEC XON Editor's Choice Information Security
NEC XON has handled many ransomware attacks. We've distilled key insights and listed them in this article to better equip companies and individuals for scenarios like this, which many will say are an inevitable reality in today’s environment.

iOCO collaboration protection secures Office 365
Information Security Infrastructure
The cloud, in general, and Office 365, in particular, have played a significant role in enabling collaboration, but it has also created a security headache as organisations store valuable information on the platform.

Smart mining operations management
Mining (Industry) Infrastructure IoT & Automation
In his presentation at the recent MESA Africa conference, Neels van der Walt, Business Development Manager at Iritron, revealed the all-encompassing concept of SMOM (Smart Mining Operations Management) and why it is inextricably linked to the future of worldwide mining operations.

Cybercriminals embracing AI
Information Security Security Services & Risk Management
Organisations of all sizes are exploring how artificial intelligence (AI) and generative AI, in particular, can benefit their businesses. While they are still figuring out how best to use AI, cybercriminals have fully embraced it.

Do you need a virtual CIO?
Editor's Choice News & Events Infrastructure
If you have a CIO, rest assured that your competitors have noticed and will come knocking on their door sooner or later. A Virtual CIO service is a compelling solution for businesses navigating tough economic conditions.

The TCO of cloud surveillance
DeepAlert Verifier Technews Publishing Surveillance Infrastructure
SMART Security Solutions asked two successful, home-grown cloud surveillance operators for their take on the benefits of cloud surveillance to the local market. Does cloud do everything, or are there areas where onsite solutions are preferable?

A strong cybersecurity foundation
Milestone Systems Information Security
The data collected by cameras, connected sensors, and video management software can make a VMS an attractive target for malicious actors; therefore, being aware of the risks of an insecure video surveillance system and how to mitigate these are critical skills.