US 11,706,236 B2
Autonomous application of security measures to IoT devices
Deral Heiland, Xenia, OH (US); Dustin Myers, Alexandria, VA (US); and Wah-Kwan Lin, Melrose, MA (US)
Assigned to Rapid7, Inc., Boston, MA (US)
Filed by Rapid7, Inc., Boston, MA (US)
Filed on Aug. 2, 2021, as Appl. No. 17/391,134.
Application 17/391,134 is a continuation of application No. 16/398,766, filed on Apr. 30, 2019, granted, now 11,115,823.
Prior Publication US 2021/0360406 A1, Nov. 18, 2021
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); H04L 41/28 (2022.01); H04L 41/16 (2022.01); H04W 4/70 (2018.01); G06N 20/00 (2019.01); H04W 12/122 (2021.01); G06F 18/24 (2023.01)
CPC H04L 63/1425 (2013.01) [G06F 18/24 (2023.01); G06N 20/00 (2019.01); H04L 41/16 (2013.01); H04L 41/28 (2013.01); H04W 4/70 (2018.02); H04W 12/122 (2021.01)] 20 Claims
OG exemplary drawing
 
1. A method comprising:
performing, by one or more computing devices:
receiving network activity data associated with a plurality of devices in a network, including a first device labeled as an Internet-of-Things (IoT) device and a second device labeled as a non-IoT device;
extracting one or more features from the network activity data, wherein the one or more features are included in a training data set;
providing the training data set including the one or more features as input to a machine learning model;
training the machine learning model using the training data set to classify unlabeled devices as IoT or non-IoT devices;
after the training, using the machine learning model to identify another device in the network as another IoT device; and
in response to the identifying of the other IoT device;
labeling the other IoT device with an IoT label, and
autonomously applying one or more security measures to the other IoT device including banning the other IoT device from the network, isolating the other IoT device, or limiting data sent by the other IoT device.