公开(公告)号：US11916957B1

公开(公告)日：2024-02-27

申请号：US18064177

申请日：2022-12-09

Applicant: Airgap Networks Inc.

Inventor： Raymond Wing Chon Cheh ,  Chia Chi Cheng ,  Satish M. Mohan ,  Ritesh R. Agrawal ,  Vinay Adavi

IPC: H04L9/40 ,  H04L12/46

CPC classification number: H04L63/1466 ,  H04L12/4641 ,  H04L63/1416

Abstract: A technique to stop lateral movement of ransomware between endpoints in a VLAN is disclosed. A security appliance is set as the default gateway for intra-LAN communication by overwriting the DHCP responses. Message traffic from compromised endpoints is detected. Attributes of ransomware may be detected in the message traffic, as well as attempts to circumvent the security appliance. Compromised devices may be quarantined. Additionally, the DHCP address assignment may be policed to ensure accuracy and correctness to provide an additional layer of security.