| CPC H04L 63/1425 (2013.01) [H04L 41/069 (2013.01); H04L 43/00 (2013.01); H04L 43/12 (2013.01); H04L 67/12 (2013.01); H04L 67/303 (2013.01)] | 22 Claims |
|
1. An IoT device management system, comprising:
a processor configured to:
obtain a set of data packets comprising at least one of: data packets transmitted to an IoT device, or data packets transmitted from an IoT device;
analyze at least one packet included in the set of data packets to identify transaction data from a payload of the at least one packet;
generate an event log for the IoT device from the transaction data;
update the event log, in real-time, to indicate current operation of the IoT device, wherein the event log includes a pattern of events corresponding to at least one of: a specific way in which the IoT device is being interacted with, or is otherwise functioning; and
provide a historical record for the IoT device, generated at least in part from the event log, to a device profiler configured to terminate flow of data associated with the IoT device if it is determined, at least in part, from a deviation from the historical record, that the IoT device is vulnerable to attack, including in response to a determination that either malware is being pushed to the IoT device, or a user interacting with the IoT device is behaving abnormally; and
a memory coupled to the processor and configured to provide the processor with instructions.
|