Lookout has filed a patent for a method to protect network connections on a computing device from compromise, including man-in-the-middle attacks. The method involves intercepting and inspecting communications before they are sent to the intended recipient, determining the appropriate connection to use, and performing an action to indicate if the connection is compromised. Additional security responses can be implemented based on this indication. GlobalData’s report on Lookout gives a 360-degree view of the company including its patenting strategy. Buy the report here.
According to GlobalData’s company profile on Lookout, M2M network optimization was a key innovation area identified from patents. Lookout's grant share as of September 2023 was 73%. Grant share is based on the ratio of number of grants to total number of patents.
The patent is filed for a method to detect compromised network connections
A recently filed patent (Publication Number: US20230308477A1) describes a method for detecting a compromise of a connection and taking appropriate actions to mitigate the compromise. The method involves the use of a client-side proxy on a computing device to intercept and inspect communications before they are sent to the intended recipient.
The client-side proxy receives the communication from an application executing on the computing device and inspects it. Based on the inspection, the client-side proxy determines whether the communication is to be sent using the compromised connection. If the connection is compromised, the client-side proxy performs an action that results in an indication of the compromise.
The patent claims also describe additional actions that can be taken based on the indication of compromise. These actions include performing a probe of the compromised connection, modifying or breaking the connection, implementing destination and content filtering, and modifying the communication itself by deleting data or content, modifying the destination, or routing the communication through a different connection.
The client-side proxy can also compare data associated with the compromised connection to data associated with known compromised connections to further validate the compromise.
The patent claims also mention the use of certificates and policies to verify the authenticity and integrity of the communication. The client-side proxy can create and use certificates related to the communication to decrypt encrypted communications. The expected certificates, addresses, and identifiers can be specified in a policy set by an administrator or a user.
In summary, the filed patent describes a method for detecting and mitigating the compromise of a connection by using a client-side proxy to intercept and inspect communications. The method allows for various actions to be taken based on the indication of compromise, including probing the connection, modifying or breaking the connection, implementing filtering mechanisms, and modifying the communication itself. Certificates and policies are used to ensure the authenticity and integrity of the communication.