Search

US-12621262-B2 - Customized filtering of transmissions from a device

US12621262B2US 12621262 B2US12621262 B2US 12621262B2US-12621262-B2

Abstract

A method including receiving, by a security device from a user device that is in a private network, a transmission packet for communication to a destination device over an open network; determining, by the security device based on receiving the transmission packet, whether the user device is permitted to transmit the transmission packet to the destination device over the open network; determining, by the security device based on determining that the user device is permitted to transmit the transmission packet to the destination device, whether the user device is permitted to utilize a protocol utilized by the user device to transmit the transmission packet; and determining, by the security device based on determining that the user device is permitted to utilize the protocol, whether the user device is permitted to utilize a transmission web application utilized by the user device to transmit the transmission packet is disclosed.

Inventors

  • Juta Gurinaviciute
  • Carlos Eliseo Salas Lumbreras

Assignees

  • UAB 360 IT

Dates

Publication Date
20260505
Application Date
20231005

Claims (20)

  1. 1 . A security device, comprising: a processor; and a memory communicatively coupled to the processor, the processor and the memory being configured to: receive, from a user device that is in a private network, a transmission packet for communication to a destination device over an open network; determine, based at least in part on receiving the transmission packet, whether the user device is permitted to transmit the transmission packet to the destination device over the open network; determine, based at least in part on determining that the user device is permitted to transmit the transmission packet to the destination device, whether the user device is permitted to utilize a protocol utilized by the user device to transmit the transmission packet; and determine, based at least in part on determining that the user device is permitted to utilize the protocol, whether the user device is permitted to utilize a transmission web application utilized by the user device to transmit the transmission packet by utilizing a signature that is included in a payload of the transmission packet and indicates that the user device is susceptible to a cybercrime when the transmission web application is utilized to transmit the transmission packet.
  2. 2 . The security device of claim 1 , wherein, to determine whether the user device is permitted to transmit the transmission packet to the destination device, the memory and the processor are configured to determine whether an IP address associated with the destination device is within a range of IP addresses to which the user device is permitted to transmit.
  3. 3 . The security device of claim 1 , wherein, to determine whether the user device is permitted to transmit the transmission packet to the destination device, the memory and the processor are configured to determine whether a port associated with the destination device is within a range of ports to which the user device is permitted to transmit.
  4. 4 . The security device of claim 1 , wherein, to determine whether the user device is permitted to utilize the protocol to transmit the transmission packet, the memory and the processor are configured to determine whether the protocol matches a stored protocol that the user device is permitted to utilize to transmit.
  5. 5 . The security device of claim 1 , wherein the signature includes alphanumeric characters encoded in hexadecimal or binary form.
  6. 6 . The security device of claim 1 , wherein the memory and the processor are configured to: transmit, based at least in part on determining that the user device is permitted to utilize the transmission web application, the transmission packet to the destination device over the open network.
  7. 7 . The security device of claim 1 , wherein the memory and the processor are configured to: determine an IP address associated with the destination device based at least in part on domain information indicated in the transmission packet.
  8. 8 . A method in a private network, comprising: receiving, by a security device from a user device that is in the private network, a transmission packet for communication to a destination device over an open network; determining, by the security device based at least in part on receiving the transmission packet, whether the user device is permitted to transmit the transmission packet to the destination device over the open network; determining, by the security device based at least in part on determining that the user device is permitted to transmit the transmission packet to the destination device, whether the user device is permitted to utilize a protocol utilized by the user device to transmit the transmission packet; and determining, by the security device based at least in part on determining that the user device is permitted to utilize the protocol, whether the user device is permitted to utilize a transmission web application utilized by the user device to transmit the transmission packet by utilizing a signature that is included in a payload of the transmission packet and indicates that the user device is susceptible to a cybercrime when the transmission web application is utilized to transmit the transmission packet.
  9. 9 . The method of claim 8 , wherein determining whether the user device is permitted to transmit the transmission packet to the destination device includes the security device determining whether an IP address associated with the destination device is within a range of IP addresses to which the user device is permitted to transmit.
  10. 10 . The method of claim 8 , determining whether the user device is permitted to transmit the transmission packet to the destination device includes the security device determining whether a port associated with the destination device is within a range of ports to which the user device is permitted to transmit.
  11. 11 . The method of claim 8 , wherein determining whether the user device is permitted to utilize the protocol to transmit the transmission packet includes the security device determining whether the protocol matches a stored protocol that the user device is permitted to utilize to transmit.
  12. 12 . The method of claim 8 , wherein the signature includes alphanumeric characters encoded in hexadecimal or binary form.
  13. 13 . The method of claim 8 , further comprising: transmitting, by the security device based at least in part on determining that the user device is permitted to utilize the transmission web application, the transmission packet to the destination device over the open network.
  14. 14 . The method of claim 8 , further comprising: determining, by the security device, an IP address associated with the destination device based at least in part on domain information indicated in the transmission packet.
  15. 15 . A non-transitory computer-readable medium configured to store instructions, which when executed by a processor associated with a security device, configure the processor to: receive, from a user device that is in a private network, a transmission packet for communication to a destination device over an open network; determine, based at least in part on receiving the transmission packet, whether the user device is permitted to transmit the transmission packet to the destination device over the open network; determine, based at least in part on determining that the user device is permitted to transmit the transmission packet to the destination device, whether the user device is permitted to utilize a protocol utilized by the user device to transmit the transmission packet; and determine, based at least in part on determining that the user device is permitted to utilize the protocol, whether the user device is permitted to utilize a transmission web application utilized by the user device to transmit the transmission packet by utilizing a signature that is included in a payload of the transmission packet and indicates that the user device is susceptible to a cybercrime when the transmission web application is utilized to transmit the transmission packet.
  16. 16 . The non-transitory computer-readable medium of claim 15 , wherein, to determine whether the user device is permitted to transmit the transmission packet to the destination device, the processor is configured to determine whether an IP address associated with the destination device is within a range of IP addresses to which the user device is permitted to transmit.
  17. 17 . The non-transitory computer-readable medium of claim 15 , wherein, to determine whether the user device is permitted to transmit the transmission packet to the destination device, the processor is configured to determine whether a port associated with the destination device is within a range of ports to which the user device is permitted to transmit.
  18. 18 . The non-transitory computer-readable medium of claim 15 , wherein, to determine whether the user device is permitted to utilize the protocol to transmit the transmission packet, the processor is configured to determine whether the protocol matches a stored protocol that the user device is permitted to utilize to transmit.
  19. 19 . The non-transitory computer-readable medium of claim 15 , wherein the signature includes alphanumeric characters encoded in hexadecimal or binary form.
  20. 20 . The non-transitory computer-readable medium of claim 15 , wherein the processor is configured to: transmit, based at least in part on determining that the user device is permitted to utilize the transmission web application, the transmission packet to the destination device over the open network.

Description

CROSS REFERENCE This application is a continuation of U.S. Non-Provisional patent application Ser. No. 17/954,305, filed on Sep. 27, 2022, and titled “Customized Filtering Of Transmissions From A Device,” which is a continuation of U.S. Non-Provisional patent application Ser. No. 17/952,295, filed on Sep. 25, 2022, and titled “Customized Filtering Of Transmissions From A Device,” the entire contents of which applications are incorporated herein by reference. FIELD OF DISCLOSURE Aspects of the present disclosure generally relate to network services, and more particularly to customized filtering of transmissions from a device. BACKGROUND A user device may rely on a network to communicate information and/or to communicate messages with another user device. Such information and/or messages may include private information and/or sensitive data associated with the user device. The communication over the network may be vulnerable as being susceptible to a cybercrime, through which a malicious entity may attempt to steal, alter, disable, expose, or destroy the information through unauthorized access to the communicating user devices. A cybercrime may include, for example, a malware attack, a phishing attack, a ransomware attack, a virus attack, etc. As a result, cyber security measures may be used to prevent occurrence of the cybercrime and/or to mitigate risks associated with the cybercrime. SUMMARY In one aspect, the present disclosure contemplates a method including receiving, by a security device from a user device that is in a private network, a transmission packet for communication to a destination device over the open internet; determining, by the security device based at least in part on an internet protocol (IP) address associated with the destination device, whether the user device is permitted to transmit the transmission packet to the IP address over the open internet; determining, by the security device based at least in part on determining that the user device is permitted to transmit the transmission packet to the IP address, whether the user device is permitted to transmit the transmission packet to a port associated with the IP address; determining, by the security device based at least in part on determining that the user device is permitted to transmit the transmission packet to the port, whether the user device is permitted to utilize a protocol utilized by the user device to transmit the transmission packet; and determining, by the security device based at least in part on determining that the user device is permitted to utilize the protocol, whether the user device is permitted to utilize a web application utilized by the user device to transmit the transmission packet. In another aspect, the present disclosure contemplates a device comprising a memory and a processor communicatively coupled to the memory, the memory and the processor configured to: receive, from a user device that is in a private network, a transmission packet for communication to a destination device over the open internet; determine, based at least in part on an internet protocol (IP) address associated with the destination device, whether the user device is permitted to transmit the transmission packet to the IP address over the open internet; determine, based at least in part on determining that the user device is permitted to transmit the transmission packet to the IP address, whether the user device is permitted to transmit the transmission packet to a port associated with the IP address; determine, based at least in part on determining that the user device is permitted to transmit the transmission packet to the port, whether the user device is permitted to utilize a protocol utilized by the user device to transmit the transmission packet; and determine, based at least in part on determining that the user device is permitted to utilize the protocol, whether the user device is permitted to utilize a web application utilized by the user device to transmit the transmission packet. In another aspect, the present disclosure contemplates a non-transitory computer readable medium storing instructions, which when executed by a processor configures the processor to: receive, from a user device that is in a private network, a transmission packet for communication to a destination device over the open internet; determine, based at least in part on an internet protocol (IP) address associated with the destination device, whether the user device is permitted to transmit the transmission packet to the IP address over the open internet; determine, based at least in part on determining that the user device is permitted to transmit the transmission packet to the IP address, whether the user device is permitted to transmit the transmission packet to a port associated with the IP address; determine, based at least in part on determining that the user device is permitted to transmit the transmission packet to the port, whether the user dev