IP devices and IP networks have infiltrated every sector of civilian and commercial use. For example, airports, college campuses, and corporations have installed IP cameras for video surveillance. Hospitals are using IP-connected ECG monitors and other critical healthcare devices. However, while increasing security and improving quality of life, the proliferation of these IP devices has opened a new security vulnerability.
For example, “according to the U.S. Federal Aviation Administration, the new Boeing 787 Dreamliner aeroplane may have a serious security vulnerability in its on-board computer networks that could allow passengers to access the plane's control systems.” (Dean Pullen, The Inquirer, “New Boeing 787 vulnerable to hacking,” Jan. 6, 2008.)
In another example, “ . . . a greater focus on airport security . . . [has led to] growing deployment of advanced IP-based video surveillance systems . . . . However, when handled with insufficient attention and prudence, technology can become a double-edged sword. Despite their undisputed advantages, IP-based surveillance systems also entail grave risks that are not relevant in analog systems . . . . The fact is, IP cameras function as guards, but are often not sufficiently guarded themselves. The critical question then becomes who guards the guards?” (Lior Frenkel, Security Products, “Unidirectional connectivity protects airport networks using IP cameras,” Sep. 1, 2008.)
In yet another example, in the New York Times, a survey found that “Despite industry efforts to Lock down DNS servers, one in four remain vulnerable to cache poisoning due to the well-documented Kaminsky flaw identified earlier this year and another 40% could be considered a danger to themselves and others, recent research shows.” (Denise Dubie, The New York Times, “1 in 4 DNS Servers Still Vulnerable to Kaminsky Flaw,” Nov. 10, 2008)
Therefore, as recognized by the present inventors, what are needed are a method, apparatus, and system of detecting and alerting on security breaches and potential security vulnerabilities in IP networks.
It is against this background that various embodiments of the present invention were developed.