US 12,074,914 B2
Systems and methods for internet of things security environment
Igor Faynberg, East Brunswick, NJ (US); Darshak Thakore, Broomfield, CO (US); Donald E. A. Clarke, Louisville, CO (US); and Steven J. Goeringer, Westminster, CO (US)
Assigned to Cable Television Laboratories, Inc., Louisville, CO (US)
Filed by CABLE TELEVISION LABORATORIES, INC, Louisville, CO (US)
Filed on Oct. 26, 2022, as Appl. No. 18/049,946.
Application 18/049,946 is a continuation of application No. 16/176,865, filed on Oct. 31, 2018, granted, now 11,516,252.
Claims priority of provisional application 62/579,592, filed on Oct. 31, 2017.
Prior Publication US 2023/0080894 A1, Mar. 16, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); G06F 21/57 (2013.01); H04L 12/28 (2006.01); H04W 4/70 (2018.01); H04W 12/08 (2021.01)
CPC H04L 63/20 (2013.01) [G06F 21/572 (2013.01); H04L 12/2838 (2013.01); H04L 63/0281 (2013.01); H04W 4/70 (2018.02); H04W 12/08 (2013.01)] 22 Claims
OG exemplary drawing
 
1. A system for monitoring the security of at least one Internet of Things (IoT) device attempting to connect with an associated service provider computer device separate and distinct from the at least one IoT device, comprising:
a network doppelgänger (ND) computer device comprising at least one processor in communication with at least one memory device,
wherein the ND computer device is (i) in communication with the at least one IoT device and the service provider computer device, (ii) separate and distinct from the at least one IoT device and the service provider computer device, and (iii) configured to provide an intervening physical midbox between the at least one IoT device and the service provider computer device preventing direct communication between the at least one IoT device and the service provider computer device, and
wherein the at least one memory device stores a plurality of instructions, which when executed by the at least one processor cause the at least one processor to:
store a plurality of policies associated with the service provider computer device;
intercept a first communication to the at least one IoT device;
analyze the first communication in view of the plurality of policies to determine whether the first communication is approved;
based on the analysis of the first communication, approve the first communication and route the first communication to the at least one IoT device;
intercept a second communication to the at least one IoT device;
analyze the second communication in view of the plurality of policies;
based on the analysis of the second communication, modify the second communication to comply with the plurality of policies;
route the modified second communication to the at least one IoT device;
monitor individual additional communications to the at least one IoT device for malicious activity determined by analyzing the individual additional communications in view of the plurality of policies; and
disapprove particular ones of the individual additional communications for routing to the at least one IoT device upon determination of malicious activity.