KR20040046006A - Method for connecting with Wireless Local Area Network - Google Patents

Abstract

PURPOSE: A wireless LAN connecting method is provided to prevent leakage of communication information of a user to others by connecting a terminal to a wireless node intended by the user. CONSTITUTION: When a user generates a wireless LAN connection event by using a terminal(S410), the user terminal detects SSIDs(Service Set IDentifier) of each AP by reading received transmission signals(S420). The user terminal detects which APs are the same and how many same APs exist by comparing the SSIDs of each AP with its own SSID(S430). The user terminal determines whether there are two or more APs(S440). If there are two or more APs, the user terminal performs a filtering by using a MAC(Media Access Control) address allowable range(S450). The mobile terminal displays communication information values of the filtered APs for user's checking(S460). The user checks the communication information values and selects a normally allowed AP(S470). The user terminal determines the selected AP and is connected to a corresponding AP(S480).

Description

Wireless LAN access method {Method for connecting with Wireless Local Area Network}

The present invention relates to a method of accessing a wireless local area network (WLAN), and more particularly, a situation in which a plurality of wireless LAN nodes having the same SSID name exist in a connection method between wireless LAN nodes based on a service set identifier (SSID). The present invention relates to a wireless LAN access method that allows a user to access a desired node.

According to the network configuration method, the ad-hoc method for accessing a wireless LAN through 1: 1 communication between terminals, and the infrastructure for allowing all terminals to access the wireless LAN through an access point Wireless LANs, which are classified into the 3rd handset), use the same wireless LAN access method regardless of the ad hoc or infrastructure method.

In the conventional WLAN access method, a different SSID is set for each node (terminal or access point), and SSID is also set for a user terminal, so that communication is performed between a user terminal having the same SSID and a WLAN node.

Therefore, the user terminal U1 according to the conventional wireless LAN access method uses the same SSID as that of the plurality of access points AP1, AP2, AP3, AP4, ... in the infrastructure environment shown in FIG. In the ad hoc environment shown in b of FIG. 1, the wireless LAN node AP2 is connected to the notebook computer A having the same SSID as that of the plurality of notebook computers A, B, ....

At this time, when the user terminal U1 accesses the WLAN, when the UE access attempt event occurs, the user terminal U1 searches for neighboring WLAN nodes to identify each SSID, and then the same as itself. The WLAN node with the SSID is found and connected.

However, the conventional WLAN access method checks only the identity of the SSID so as to be connected to a WLAN node having the same SSID, so that there are multiple WLAN nodes having the same SSID as the user terminal as shown in FIG. 2. In this case, the user terminal may be connected to a wireless LAN node irrelevant to the intention of the user.

FIG. 2 illustrates an example of a WLAN access method of a user terminal in a WLAN environment in which a plurality of WLAN nodes having the same SSID exist, which is an example of an infrastructure WLAN environment. In the environment shown in FIG. 2, the user terminal U1 searches the surroundings to identify AP1, AP3, and AP5, which are nodes having the same SSID as the node. If the signal strength of AP5) is large, it connects to the node AP5 having the largest signal strength and provides WLAN communication to the user.

Accordingly, a user terminal according to a conventional WLAN access method may provide WLAN communication to a user even when the WLAN node AP5 is unintentionally connected. It is not known that the LAN node AP5 is connected.

After all, according to the conventional WLAN access method, if a third party having a malicious intention, not a mistake, installs an access point having the same SSID as the user terminal and strengthens the signal strength of the installed access point, There is a problem in that access to a self-installed access point (that is, a wireless LAN node) is leaked to the third party without knowing itself.

In general, the WLAN card installed in the terminal receives a signal from the WLAN nodes located nearby, such as configuration information of the WLAN node, that is, a transmission channel, a MAC (Media Access Control) address, a RSSI (Received Signal Strength Indication), and the like. In addition, since the SSID is detected and then displayed to the user and the user can easily change the configuration information, it is easy to install a WLAN node having the same SSID as described above. In addition, the authentication in the general wireless LAN access method uses IEEE 802.1x EAP-MD5. Since the EAP-MD5 method is a method in which an authentication server authenticates a user's terminal, a third party can easily use a wireless LAN for malicious intention. It is possible to install a node.

Here, the authentication server authenticating the user's terminal means that the wireless LAN connection is determined according to whether the terminal receives the wireless LAN access authentication success signal or not. Therefore, if a malicious third party installs a separate authentication server for providing a wireless LAN access authentication success signal to the terminal regardless of the authentication signal received from the terminal, or an access having the authentication function, information leakage may be performed with malicious intention. can do.

Therefore, there is a need for a WLAN access method that enables a user to access a WLAN node intended by a user, even in an environment where a WLAN node having the same SSID due to a mistake as well as a malicious intention exists.

SUMMARY OF THE INVENTION The present invention has been made to solve the above problems, and an object of the present invention is to connect a terminal to a WLAN node intended by the user so that the communication information of the user is not exposed to others.

1 is an exemplary view showing a conventional WLAN access method.

FIG. 2 is an exemplary view illustrating a WLAN access method of a user terminal in a WLAN environment in which a plurality of WLAN nodes having the same SSID exist.

3 is a flowchart conceptually illustrating a WLAN access method according to an embodiment of the present invention.

4 is a flowchart of a first embodiment using a MAC address in a WLAN access method according to an embodiment of the present invention.

4 is a flowchart of a first embodiment using a MAC address in a WLAN access method according to an embodiment of the present invention.

The WLAN access method according to the present invention for achieving the above technical problem, in addition to checking whether the SSID equality, filtering the communication information values for a plurality of WLAN nodes having the same SSID by the filtering value of the WLAN intended by the user Characterized in that it is connected to the node.

That is, the present invention primarily searches for the surroundings to find the WLAN node having the same SSID, and then determines the number of the secondly found WLAN nodes and filters the communication information if the number of WLAN nodes is large. Extracts only the WLAN nodes that match the desired configuration information.

Here, the communication information value may be a channel, a signal strength (RSSI), a physical address MAC address, etc. However, since the remaining configuration information values except the MAC address vary from time to time, it is preferable to use the MAC address set for each node as a filtering value. Do.

Accordingly, the present invention provides a WLAN access method for connecting a user terminal to a WLAN node. When a WLAN access event occurs, a WLAN node having the same SSID as the user terminal is searched for among the WLAN nodes in which a signal is received. In the first step and when there are two or more WLAN nodes searched in the first step, at least one of the communication information values for the allowable WLAN node set as a filtering value is filtered to search the two or more WLAN nodes. And a third step of connecting to one of the WLAN nodes extracted by the filtering.

Hereinafter, a WLAN access method according to an embodiment of the present invention will be described with reference to FIGS. 3 to 5.

The following description describes the infrastructure method, and the description based on the ad hoc method will not be described since it can be easily understood from the following description based on the infrastructure method.

3 is a conceptual diagram of a WLAN access method according to an embodiment of the present invention. As shown in FIG. 3, when a user manipulates his terminal to generate a wireless LAN access event (S310), the user terminal may have an AP having the same SSID as the user terminal for the purpose of information leakage by a third party having a mistake or malice. In order to check whether or not to install the read signal received to determine the information of the APs located in the vicinity of them (S320).

At this time, the grasped information includes SSID, channel, signal strength, and MAC address for each AP.

In operation S330, the user terminal determines how many APs have the same SSID as those of the identified APs.

As a result of the process (S330), if there is one AP having the same SSID as the user terminal means that the normal wireless LAN environment, the user terminal accesses the AP of the same SSID as the user terminal to provide a wireless LAN service to the user (S370).

On the other hand, as a result of the process (S330), if the same SSID is more than two (S340) means that the third party has created an abnormal WLAN environment for the purpose of information leakage, the user terminal is a third party In order not to access the installed AP, that is, to access the normally allowed AP, the AP installed by the third party must be extracted from the APs identified in step S330.

To this end, the present invention filters APs identified in step S330 by using unique information of the normally allowed AP, that is, communication information as a filtering value (S350).

Therefore, normally allowed APs are extracted through the process S350. Here, normally allowed APs are APs of a subscribed WLAN service provider or a survey. In the present invention, a wireless LAN service is provided to a user by arbitrarily selecting and accessing one of the APs extracted in the process (S350) (S360).

According to the concept of the present invention, the present invention is to search for whether there is an AP with the same SSID in the vicinity of the WLAN access, and to filter to extract only the desired WLAN node when the search result is two or more It can be seen that there is a feature.

Here, the method of searching for APs having the same SSID in the vicinity of the WLAN can be easily achieved from a function provided by the WLAN card installed in the terminal. The WLAN card receives and reads signals from neighboring APs when accessing the WLAN to determine the SSID, channel, signal strength, and MAC address of each AP. Therefore, the user terminal can easily identify the AP of the same SSID by comparing the SSID with its SSID in the communication information for each AP.

The filtering method may filter only a desired AP by setting one or more of the communication information values as a filtering value, and comparing the set filtering value with the corresponding communication information value of each AP.

However, as described above, since the remaining communication information values except for the MAC address are changed from time to time, it is preferable to use the MAC address as a filtering value.

If it is desired to use the remaining communication information values except the MAC address as the filtering value, it is preferable to set the range that can be changed as the filtering value, and then filter the MAC address again.

Therefore, hereinafter, the present invention will be described with reference to an embodiment in which the MAC address is a filtering value. However, those skilled in the art will be able to easily use the communication information values other than the MAC address through the following description.

Hereinafter, a first embodiment of a WLAN access method using a MAC address will be described with reference to FIG. 4.

4 is a flowchart of a first embodiment using a MAC address in a WLAN access method according to an embodiment of the present invention. As shown in Fig. 4, the first embodiment of the present invention relates to a case where the filtering value is within the allowable range of the MAC address.

When the user generates a wireless LAN access event by operating the terminal (S410), the user terminal reads the transmission signal of the AP received from the surroundings to determine the SSID for each AP (S420).

Then, the user terminal compares the identified SSID for each AP with its SSID to determine what and how many are the same AP (S430). In addition, the user terminal determines whether there are two or more APs identified in the process (S430) (S440), if one is connected to one AP conventionally identified (S490), and if two or more allow MAC addresses set Filter using the range (S450).

In more detail, the MAC address is usually composed of 6 bytes. The MAC addresses of normally allowed APs are the same except for the 1 byte or 2 bytes later. In other words, MAC addresses of normally allowed APs have their values within a certain range.

Accordingly, the present invention sets a predetermined range including the MAC address of the normally allowed AP, that is, the allowable range as a filtering value, and compares each of the plurality of APs identified in the step S430 with the allowable range to be within the allowable range. Extract only the AP.

The present invention may allow a user terminal to be connected to one of the APs extracted as a result of the filtering process (S450).

However, APs extracted in the filtering process S450 may be APs normally allowed, but may not occur. Therefore, in order to prevent this, the present invention displays the result of the process (S450), that is, the communication information values of the filtered APs so that the user can check it (S460).

Then, the user will check the communication information value of the AP displayed on the user terminal, and selects the normally allowed AP (S470). Accordingly, the user terminal determines the AP selected by the user and accesses the AP (S480). .

Hereinafter, a second embodiment of a WLAN access method using a MAC address will be described with reference to FIG. 5.

5 is a flowchart of a second embodiment using a MAC address in a WLAN access method according to an embodiment of the present invention. As shown in Fig. 5, the second embodiment of the present invention relates to a case where a filtering value is set to each of MAC addresses allowed to access.

When the user generates a wireless LAN access event by operating the terminal (S510), the user terminal reads the transmission signal of the AP received from the surroundings to determine the SSID for each AP (S511). The user terminal compares the identified SSID for each AP with its SSID to determine what and how many are the same AP (S512).

The user terminal determines whether there are two or more APs identified in the process (S512) (S513), if one is connected to one known AP as in the prior art (S522), and if the two or more filter the allowed MAC addresses The AP is filtered as the value (S512) (S514).

The filtering using the allowed MAC address will be described in more detail. The allowed MAC address is a MAC address of an AP installed by an operator providing a WLAN service and MAC addresses of APs installed by a partner of the operator. Therefore, more than one MAC address is allowed.

Here, the user terminal stores the allowed MAC address.

Therefore, if the user terminal has two or more APs having the same SSID as the user terminal identified in step S512, the stored MAC addresses are sequentially read (S514), and the filter values are set one by one (S515). It compares with the MAC addresses of the APs identified in S512 (S516).

The user terminal extracts only the AP that is the same as the MAC address of the filtering value through the comparison (S516) (S517 and S518), and excludes the AP that is not the same (S519). The user terminal repeats the processes (S516-S519) as many as the number of MAC addresses stored (S520).

As a result, only APs normally allowed by the above filtering are extracted.

The user terminal accesses one of the APs extracted by the filtering.

On the other hand, the WLAN access method of the present invention is applied even when roaming (roaming).

That is, when it is determined that the signal received from the AP is weakened below the set value, the user terminal connected to one AP causes roaming to the AP having a strong signal strength. At this time, for roaming, the user terminal searches for a neighbor and finds a new AP. The user terminal primarily identifies an AP having the same SSID, and firstly, as described with reference to FIGS. 3, 4, and 5. After filtering the APs, one of the APs corresponding to one of the APs obtained as a result of the filtering, that is, the APs obtained by the filtering, is determined as the AP for roaming.

The technical spirit of the present invention has been described above with reference to the accompanying drawings, but this is by way of example only and not intended to limit the present invention. In addition, it is obvious that any person skilled in the art can make various modifications and imitations without departing from the scope of the technical idea of the present invention.

The present invention enables a user to access a specific node desired even in a situation where a plurality of WLAN nodes having the same SSID exist. In addition, the present invention has the effect of enhancing the communication security by defeating the intention of information leakage by a malicious third party.

Claims (7)

In a WLAN access method for connecting a user terminal to a WLAN node, A first step of searching for a WLAN node having the same SSID as the user terminal among the WLAN nodes to which a signal is received when a WLAN access event occurs; A second step of filtering the searched two or more WLAN nodes by setting at least one of the communication information values for the set allowable WLAN nodes as a filtering value when two or more WLAN nodes are found in the first step; And And connecting to one of the WLAN nodes extracted by the filtering. The method according to claim 1, After performing the second step, displaying the communication information values of the WLAN nodes filtered by the second step so that the user can check the user; and selecting one of the displayed WLAN nodes by the user. And determining the selected WLAN node. The method according to claim 1, The communication information value in the second step, Wireless access method, characterized in that the channel, the strength of the received signal, the MAC (Media Access Control) address. The method according to claim 1 or 2, The second step, Setting an allowable range of an allowable MAC address as a filtering value, determining whether the MAC address of the WLAN node found in the first step is within an allowable range of the allowable MAC address, and And extracting only WLAN nodes within an allowable range. The method according to claim 1 or 2, The second step, Sequentially selecting stored allowable MAC addresses, comparing each of the selected MAC addresses with the MAC address of the WLAN node retrieved in the first step, and matching the stored allowable MAC addresses through the comparing step. WLAN access method comprising the step of extracting only the WLAN node. The method according to claim 1, The WLAN access event may be one of an initial access request event when a user requests a WLAN connection by operating a user terminal and a roaming event when a reception signal of a currently connected WLAN node becomes weaker than a set value. WLAN connection method. On your computer, A first step of searching for a WLAN node having the same SSID as the user terminal among the WLAN nodes to which a signal is received when a WLAN access event occurs; A second step of filtering the searched two or more WLAN nodes by setting at least one of the communication information values for the set allowable WLAN nodes as a filtering value when two or more WLAN nodes are found in the first step; And And a computer-readable recording medium having recorded thereon a program capable of executing a third step of accessing one of the wireless LAN nodes extracted by the filtering.