CN102075934A - AP (Access Point) monitor and method and system for monitoring illegal APs - Google Patents
AP (Access Point) monitor and method and system for monitoring illegal APs Download PDFInfo
- Publication number
- CN102075934A CN102075934A CN2009102384077A CN200910238407A CN102075934A CN 102075934 A CN102075934 A CN 102075934A CN 2009102384077 A CN2009102384077 A CN 2009102384077A CN 200910238407 A CN200910238407 A CN 200910238407A CN 102075934 A CN102075934 A CN 102075934A
- Authority
- CN
- China
- Prior art keywords
- information
- identity information
- legal
- monitoring
- rogue
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses an AP (Access Point) monitor which comprises an identity information acquisition module, a legal AP identity information storage module and an identity information processing module, wherein the identity information acquisition module is used for receiving monitoring identity information transmitted by an external AP and transmitting the monitoring identity information to the identity information processing module; the legal AP identity information storage module is used for storing legal AP identity information; and the identity information processing module is used for receiving the monitoring identity information and determining an AP corresponding to the monitoring identity information as an illegal AP if the legal AP identity information stored in the legal AP identity information storage module does not contain the monitoring identity information. The invention also discloses a method and system for monitoring illegal APs. By the application of the AP monitor, the radio resource waste can be avoided; the commonality for monitoring the illegal APs is strong; the operation complexity is low; and the security of user access to wireless networks is improved.
Description
Technical field
The present invention relates to WLAN (wireless local area network) (WLAN, Wireless Local Area Network) wireless security technology, the method and system of particularly a kind of access point (AP, Access Point) watch-dog, monitoring illegal access point.
Background technology
Along with communication network technology, especially WLAN The Application of Technology, people can need not the wireless network connectivity scenario that cable connects by what the WLAN technology provided, under the situation that does not adopt conventional wire cable, quickly and easily in meeting room, Medical Treatment Room, classroom, cafeteria, laboratory, office and carry out mobile office in the open air.
Fig. 1 is the system configuration schematic diagram of existing WLAN wireless network, and referring to Fig. 1, this system comprises: user terminal, AP and network equipment, wherein,
AP is also referred to as wireless signal transceiver, stores the service identifier (SSID, Service Set Identifier) that carrier server sends in advance, and each AP has unique SSID;
User terminal, has radio function, behind power-up initializing, the SSID of AP around the search region, according to the SSID that searches, from the SSID that searches, select a SSID to connect AP according to predefined strategy, go up the login of input the user name and password at network equipment (portal interface of operator) then, obtain required information by this network equipment of internet access.
Existing WLAN wireless network, main still replenishing as cable network, concentrate on the relative stronger applied environment of isolation on this physical space of enterprise or home-ranges, the fail safe that the user inserts the WLAN wireless network mainly is user terminal to be carried out modes such as access authentication, data encryption by network equipment to realize.
By as seen above-mentioned, for the WLAN wireless network of the carrier-class of network side, because the operating frequency section of its wide coverage and WLAN wireless network is open, all organizations and individuals can use this frequency band, thereby the potential safety hazard of network side is also bigger.For example, if the lawless person is by being provided with a rogue AP, and the SSID that this rogue AP is set is identical with the SSID that operator is issued to legal AP, by technological means a login interface is set again, can inveigle the user who is in this rogue AP coverage to connect this rogue AP, because the user is by the normal access of radio network of this rogue AP, thereby can't to perceive this AP be rogue AP, thereby intercept and capture the user name and password of wireless network login thereby make the lawless person can illegally simulate the online environment, cause great threat for user's safety in utilization; Further, the lawless person can also be by grasping privacy informations such as the Internet bank that the wireless communication data flow obtains the user, shopping online, browsing page.For instance, 2004, account and password that illegal simulation online environment is inveigled the bank card holder are all passed through in the website of the personation Industrial and Commercial Bank of China that the Bank of China website of a personation occurs on the internet and occurs in the near future, have caused tremendous loss for the bank card holder.
Potential safety hazard at above-mentioned WLAN wireless network side existence, prior art has proposed a kind of method that detects rogue AP in the WLAN wireless network, a plurality of police AP are set in WLAN (wireless local area network), each police AP is responsible for the AP in self coverage is carried out safety certification, adopt particular communication mechanism (police AP arranges one group of identity ciphering sign indicating number with legal AP in advance), send the identity request message that carries the identity ciphering sign indicating number of making an appointment by the AP of police AP in self coverage, if this AP is a legal AP, then respond the identity validation message that carries the identity ciphering sign indicating number of making an appointment to police AP, if this AP is a rogue AP, owing to do not know this particular communication mechanism, the identity validation message of then not responding or responding is undesirable, and the undesirable rogue AP of identity validation message that police AP notice webmaster is not responded this or responded removes.
But detect the method for rogue AP in the above-mentioned WLAN wireless network, need to increase police AP to monitor the AP identity in self coverage, police AP only and between the AP in self coverage carries out two-way detection information interaction, need be the police AP distributing radio resource that links to each other with each AP, but this assigned radio resource only is used to detect rogue AP, and not responsible Service Access point, there is certain wasting of resources; Further, the communication mechanism between police AP and the legal AP is private, only can only use the equipment of particular vendors, and versatility is relatively poor; And, needing police AP to carry out the identity ciphering sign indicating number with legal AP in advance consults, when newly adding AP in this scope, need at police AP and the new AP of adding the identity ciphering sign indicating number to be set respectively, and when in this zone, deleting legal AP or legal AP moved to other sub-district, need to upgrade the identity ciphering sign indicating number of this legal AP again, make complex operation, use very inconvenient.
Summary of the invention
In view of this, main purpose of the present invention is to propose a kind of AP watch-dog, avoids the wasting of resources, improves the versatility of monitoring rogue AP, the complexity that reduces operation.
Another object of the present invention is to propose a kind of method of monitoring rogue AP, avoid the wasting of resources, improve the versatility of monitoring rogue AP, the complexity that reduces operation.
A further object of the present invention is to propose a kind of system that monitors rogue AP, avoids the wasting of resources, improves the versatility of monitoring rogue AP, the complexity that reduces operation.
For achieving the above object, the invention provides a kind of AP watch-dog, this AP watch-dog comprises: identity information collection module, legal AP identity information memory module and identity information processing module, wherein,
The identity information collection module is used to receive the monitoring identity information that outside AP sends, and is sent to the identity information processing module;
Legal AP identity information memory module is used to store the legal AP identity information;
The identity information processing module is used for receiving the monitoring identity information, if do not comprise described monitoring identity information in the legal AP identity information of legal AP identity information memory module storage, the AP that judges described monitoring identity information correspondence is a rogue AP.
Described legal AP identity information comprises: the SSID information and the mac address information of legal AP.
Described legal AP identity information further comprises: the legal AP working frequency information and/or, legal AP coverage information.
Described monitoring identity information comprises: the service identifier SSID information of AP and media access control layer mac address information on every side;
Do not comprise described service identifier SSID information and the media access control layer mac address information of AP on every side in the SSID information of described identity information processing module judgement legal AP and the mac address information, the described service identifier SSID information of AP on every side and the AP of media access control layer mac address information correspondence are rogue AP.
Described monitoring identity information further comprises: on every side the working frequency information of AP and/or, signal strength information;
Described identity information processing module is after the AP that judges described monitoring identity information correspondence is rogue AP, be further used for according to the signal strength information of AP around receiving and the legal AP coverage information of storing in advance, calculating has the distance of the rogue AP of this signal strength signal intensity apart from legal AP, and/or, be further used for according to the working frequency information of AP around receiving and the legal AP working frequency information of storing in advance, if the operating frequency of this rogue AP is inequality with the operating frequency of all legal AP of storing in advance, with the working frequency information notice webmaster personnel of this rogue AP.
A kind of system of monitor illegal interface point AP, this system comprises: AP watch-dog and a plurality of AP, wherein,
The AP watch-dog is used to receive the monitoring identity information that AP sends, if do not comprise this monitoring identity information in Cun Chu the legal AP identity information in advance, the AP that judges this monitoring identity information correspondence is a rogue AP;
AP is used for triggering AP in monitoring self overlay area according to time cycle of setting in advance, and obtains the identity information of AP in self overlay area, forms and monitors identity information, sends to the AP watch-dog.
Described legal AP identity information comprises: the SSID information of legal AP, mac address information and legal AP coverage information;
Described monitoring identity information comprises: service identifier SSID information, media access control layer mac address information and the signal strength information of AP on every side;
Service identifier SSID information and the media access control layer mac address information of AP on every side that do not comprise corresponding reception in the SSID information of the legal AP that described AP watch-dog judgement is stored in advance and the mac address information, then the service identifier SSID information of AP and the AP of media access control layer mac address information correspondence are rogue AP on every side, and according to the signal strength information of AP around receiving and the legal AP coverage information of storing in advance, calculating has the distance of the rogue AP of this signal strength signal intensity apart from legal AP.
A kind of method of monitor illegal interface point AP comprises AP watch-dog and a plurality of AP, and this method comprises:
AP triggers AP in monitoring self overlay area according to time cycle of setting in advance, and obtains the identity information of AP in self overlay area, forms and monitors identity information, sends to the AP watch-dog;
The AP watch-dog receives the monitoring identity information that AP sends, if do not comprise this monitoring identity information in Cun Chu the legal AP identity information in advance, the AP that judges this monitoring identity information correspondence is a rogue AP.
Described legal AP identity information comprises: the SSID information of legal AP, mac address information and legal AP coverage information; Described monitoring identity information comprises: service identifier SSID information, media access control layer mac address information and the signal strength information of AP on every side;
Described AP watch-dog receives the monitoring identity information that AP sends, if do not comprise this monitoring identity information in Cun Chu the legal AP identity information in advance, the AP that judges this monitoring identity information correspondence is that the step of rogue AP comprises:
Service identifier SSID information and the media access control layer mac address information of AP on every side that do not comprise corresponding reception in the SSID information of the legal AP that described AP watch-dog judgement is stored in advance and the mac address information, then the service identifier SSID information of AP and the AP of media access control layer mac address information correspondence are rogue AP on every side, and according to the signal strength information of AP around receiving and the legal AP coverage information of storing in advance, calculating has the distance of the rogue AP of this signal strength signal intensity apart from legal AP.
As seen from the above technical solutions, the method and system of a kind of access point watch-dog provided by the invention, monitoring illegal access point,
Description of drawings
Fig. 1 is the system configuration schematic diagram of existing WLAN wireless network.
Fig. 2 is the structural representation of embodiment of the invention AP watch-dog.
Fig. 3 is the system configuration schematic diagram of embodiment of the invention monitoring rogue AP.
Fig. 4 is the method flow schematic diagram of embodiment of the invention monitoring rogue AP.
Fig. 5 is the method idiographic flow schematic diagram of embodiment of the invention monitoring rogue AP.
Embodiment
For making the purpose, technical solutions and advantages of the present invention clearer, the present invention is described in further detail below in conjunction with the accompanying drawings and the specific embodiments.
In the prior art, all be provided with special-purpose monitoring unit, realize detecting by the special communication mechanism between AP and the monitoring unit, and this communication mechanism be privately owned private.Therefore, the selectivity of equipment is restricted.
Thereby, in the embodiment of the invention, on wlan standard, expand, utilize existing legal AP to have to the monitoring function of WLAN wireless network environment on every side, behind the monitoring function that activates legal AP, AP periodically scans the AP in self overlay area, obtains the identity information of AP in self overlay area and reports the AP watch-dog, the AP watch-dog mates AP identity information that receives and the legal AP identity information of storing in advance, thereby obtains the rogue AP identity information.
Fig. 2 is the structural representation of embodiment of the invention AP watch-dog, and referring to Fig. 2, this AP watch-dog comprises: identity information collection module, legal AP identity information memory module and identity information processing module, wherein,
The identity information collection module is used to receive the monitoring identity information that outside AP sends, and is sent to the identity information processing module;
In the present embodiment, the monitoring identity information comprises: the SSID information of AP and media access control layer (MAC, Medium Access Control) address information on every side.
In the practical application, the monitoring identity information can also comprise: on every side the working frequency information of AP and/or, signal strength information etc.
Legal AP identity information memory module is used to store the legal AP identity information;
In the present embodiment, the AP watch-dog stores the relevant identity information of all AP of the whole network operator construction in advance.That is to say that the AP watch-dog is the database of all AP of the whole network.
In the present embodiment, the legal AP identity information comprises: the SSID information and the mac address information of legal AP.
In the practical application, the legal AP identity information can also comprise the legal AP working frequency information and/or, information such as legal AP coverage information.
The identity information processing module is used for receiving the monitoring identity information, if do not comprise this monitoring identity information in the legal AP identity information of legal AP identity information memory module storage, the AP that judges this monitoring identity information correspondence is a rogue AP.
Preferably, the AP watch-dog is arranged on wireless network side, is arranged on the AP watch-dog of wireless network side, can be physical equipment independently, also can be arranged on (the existing base station that links to each other by wireless network with AP) in the base station.
In the present embodiment, by monitoring identity information and the legal AP identity information compares coupling, like this, be set to be issued to the identical rogue AP of SSID of legal AP with operator for the SSID of AP, though its SSID is identical with the SSID of legal AP, but because the mac address information of this rogue AP and the mac address information of legal AP be not complementary, then can not be through safety certification.
In the practical application, the identity information processing module is after determining rogue AP, can also be further according to the signal strength information of AP around receiving and the legal AP coverage information of storing in advance, calculating has the distance of the rogue AP of this signal strength signal intensity apart from legal AP, thereby can locate the position of this rogue AP rapidly so that the webmaster personnel in time take measures.
In addition, the identity information processing module is after determining rogue AP, also can be according to the working frequency information of AP around receiving and the legal AP working frequency information of storing in advance, if the operating frequency of this rogue AP is inequality with the operating frequency of all legal AP of storing in advance, then the webmaster personnel also can be directly take appropriate measures at the operating frequency of this rogue AP, the description of the relevant measure of taking can not repeat them here referring to relevant technical literature.
Fig. 3 is the system configuration schematic diagram of embodiment of the invention monitoring rogue AP, and referring to Fig. 3, this system comprises: AP watch-dog and a plurality of AP, wherein,
The AP watch-dog is used to receive the monitoring identity information that AP returns, if do not comprise this monitoring identity information in Cun Chu the legal AP identity information in advance, the AP that judges this monitoring identity information correspondence is a rogue AP;
AP is used for triggering AP in monitoring self overlay area according to time cycle of setting in advance, and obtains the identity information of AP in self overlay area, forms and monitors identity information, sends to the AP watch-dog.
In the present embodiment, the time cycle that sets in advance is provided with according to actual needs by operator, and AP is according to the time cycle that sets in advance, and periodically scans the AP in self overlay area, obtains the AP identity information.The monitoring identity information comprises the identity information of each AP in self overlay area; The identity information that certainly, also can comprise self AP.
In the present embodiment, the legal AP identity information comprises: the SSID information of legal AP, mac address information and legal AP coverage information; The monitoring identity information comprises: service identifier SSID information, media access control layer mac address information and the signal strength information of AP on every side; Then
Service identifier SSID information and the media access control layer mac address information of AP on every side that do not comprise corresponding reception in the SSID information of the legal AP that the judgement of AP watch-dog is stored in advance and the mac address information, then the service identifier SSID information of AP and the AP of media access control layer mac address information correspondence are rogue AP on every side, and according to the signal strength information of AP around receiving and the legal AP coverage information of storing in advance, calculating has the distance of the rogue AP of this signal strength signal intensity apart from legal AP.
As seen from the above-described embodiment, the system of the AP watch-dog of the embodiment of the invention and monitoring rogue AP, AP is according to the AP in the time cycle triggering monitoring that sets in advance self overlay area, utilization have to the monitoring function of WLAN wireless network environment on every side, monitor the AP in self overlay area, and obtain the identity information of AP in self overlay area, form the monitoring identity information, send to the AP watch-dog, if do not comprise the monitoring identity information of reception in the legal AP identity information that the AP watch-dog is determined to store in advance, then the AP of this monitoring identity information correspondence is a rogue AP.Like this, owing to carry out unidirectional information interaction between AP watch-dog and the AP, AP can utilize original Radio Resource to send to AP watch-dog transmitting supervisory identity information, does not need to be AP watch-dog distributing radio resource, save Radio Resource, improved the utilance of system wireless resource; Further, AP is disclosed to the communication mechanism of AP watch-dog transmitting supervisory identity information, the highly versatile of AP watch-dog; And the process of monitoring rogue AP is monitoring automatically, obtains rogue AP information automatically, and is workable; In addition, in system, there is rogue AP, even this rogue AP does not periodically report relevant information to the AP watch-dog, the AP watch-dog also can be found the identical AP of SSID that all and operator are provided with from the monitoring identity information that other legal AP report, sieves is selected rogue AP, obtain rogue AP information and also in time handle to the scene targetedly, ensured user's legitimate rights and interests, avoid user profile to divulge a secret, promote user's perception, improved the fail safe of user's access of radio network.
Again the method for monitoring rogue AP is described below.
Fig. 4 is the method flow schematic diagram of embodiment of the invention monitoring rogue AP, and referring to Fig. 4, this flow process comprises:
In the present embodiment, the legal AP identity information comprises: the SSID information of legal AP, mac address information and legal AP coverage information, and the monitoring identity information comprises: service identifier SSID information, media access control layer mac address information and the signal strength information of AP on every side; Then step 402 comprises:
Service identifier SSID information and the media access control layer mac address information of AP on every side that do not comprise corresponding reception in the SSID information of the legal AP that the judgement of AP watch-dog is stored in advance and the mac address information, then the service identifier SSID information of AP and the AP of media access control layer mac address information correspondence are rogue AP on every side, and according to the signal strength information of AP around receiving and the legal AP coverage information of storing in advance, calculating has the distance of the rogue AP of this signal strength signal intensity apart from legal AP.
Fig. 5 is the method idiographic flow schematic diagram of embodiment of the invention monitoring rogue AP, and referring to Fig. 5, this flow process comprises:
In this step, the AP identity information comprises information such as the SSID of title, AP coverage, AP operating frequency, AP of AP and MAC Address.
Step 502, AP triggers AP in monitoring self overlay area according to time cycle of setting in advance, and obtains the identity information of AP in self overlay area, forms and monitors identity information, sends to the AP watch-dog;
In this step, the AP watch-dog is every the time cycle that sets in advance, receive the monitoring identity information (data of each AP wireless network environment) that each AP collection reports in the self zone, the monitoring identity information comprises: information such as the SSID of the AP (AP on every side) in the AP watch-dog self zone in each AP overlay area, MAC Address, operating frequency, signal strength signal intensity.
In this step, from the wireless environment topological diagram of all AP of the whole network, sort out the SSID of AP and the identity information of corresponding to all AP of SSID that operator is provided with, for example, identity information comprises that this AP is the adjacent AP of which AP, information such as the SSID of this AP, MAC Address, operating frequency obtain one the one AP inventory.
In this step, an AP inventory has been formed the set of an AP, is defined as set A.From the AP identity information built of the whole network operator of storage in advance, put out the identity information of all legal AP of the whole network in order,, be defined as set B as physical address etc.
Step 505 is obtained the rogue AP inventory.
In this step, set A and set B are carried out safe judgement, then all AP in set B in set A but not are exactly rogue AP.
In the practical application, it is around which legal AP and apart from the distance of legal AP that the AP watch-dog also can be put out rogue AP in order.
The rogue AP obtained is formed a rogue AP inventory, comprise the MAC Address of each rogue AP, around which legal AP, information such as operating frequency and signal strength signal intensity.Like this, filter out the information of SSID all APs consistent, compare, put out the rogue AP that unauthorized uses the SSID of operator in order with legal AP set with operator by no line sweep.
The above is preferred embodiment of the present invention only, is not to be used to limit protection scope of the present invention.Within the spirit and principles in the present invention all, any modification of being done, be equal to and replace and improvement etc., all should be included within protection scope of the present invention.
Claims (9)
1. an access point AP watch-dog is characterized in that, this AP watch-dog comprises: identity information collection module, legal AP identity information memory module and identity information processing module, wherein,
The identity information collection module is used to receive the monitoring identity information that outside AP sends, and is sent to the identity information processing module;
Legal AP identity information memory module is used to store the legal AP identity information;
The identity information processing module is used for receiving the monitoring identity information, if do not comprise described monitoring identity information in the legal AP identity information of legal AP identity information memory module storage, the AP that judges described monitoring identity information correspondence is a rogue AP.
2. AP watch-dog as claimed in claim 1 is characterized in that, described legal AP identity information comprises: the SSID information and the mac address information of legal AP.
3. AP watch-dog as claimed in claim 2 is characterized in that, described legal AP identity information further comprises: the legal AP working frequency information and/or, legal AP coverage information.
4. as each described AP watch-dog of claim 1 to 3, it is characterized in that described monitoring identity information comprises: the service identifier SSID information of AP and media access control layer mac address information on every side;
Do not comprise described service identifier SSID information and the media access control layer mac address information of AP on every side in the SSID information of described identity information processing module judgement legal AP and the mac address information, the described service identifier SSID information of AP on every side and the AP of media access control layer mac address information correspondence are rogue AP.
5. AP watch-dog as claimed in claim 4 is characterized in that, described monitoring identity information further comprises: on every side the working frequency information of AP and/or, signal strength information;
Described identity information processing module is after the AP that judges described monitoring identity information correspondence is rogue AP, be further used for according to the signal strength information of AP around receiving and the legal AP coverage information of storing in advance, calculating has the distance of the rogue AP of this signal strength signal intensity apart from legal AP, and/or, be further used for according to the working frequency information of AP around receiving and the legal AP working frequency information of storing in advance, if the operating frequency of this rogue AP is inequality with the operating frequency of all legal AP of storing in advance, with the working frequency information notice webmaster personnel of this rogue AP.
6. the system of a monitor illegal interface point AP is characterized in that, this system comprises: AP watch-dog and a plurality of AP, wherein,
The AP watch-dog is used to receive the monitoring identity information that AP sends, if do not comprise this monitoring identity information in Cun Chu the legal AP identity information in advance, the AP that judges this monitoring identity information correspondence is a rogue AP;
AP is used for triggering AP in monitoring self overlay area according to time cycle of setting in advance, and obtains the identity information of AP in self overlay area, forms and monitors identity information, sends to the AP watch-dog.
7. system as claimed in claim 6 is characterized in that,
Described legal AP identity information comprises: the SSID information of legal AP, mac address information and legal AP coverage information;
Described monitoring identity information comprises: service identifier SSID information, media access control layer mac address information and the signal strength information of AP on every side;
Service identifier SSID information and the media access control layer mac address information of AP on every side that do not comprise corresponding reception in the SSID information of the legal AP that described AP watch-dog judgement is stored in advance and the mac address information, then the service identifier SSID information of AP and the AP of media access control layer mac address information correspondence are rogue AP on every side, and according to the signal strength information of AP around receiving and the legal AP coverage information of storing in advance, calculating has the distance of the rogue AP of this signal strength signal intensity apart from legal AP.
8. the method for a monitor illegal interface point AP is characterized in that, comprises AP watch-dog and a plurality of AP, and this method comprises:
AP triggers AP in monitoring self overlay area according to time cycle of setting in advance, and obtains the identity information of AP in self overlay area, forms and monitors identity information, sends to the AP watch-dog;
The AP watch-dog receives the monitoring identity information that AP sends, if do not comprise this monitoring identity information in Cun Chu the legal AP identity information in advance, the AP that judges this monitoring identity information correspondence is a rogue AP.
9. method as claimed in claim 8 is characterized in that, described legal AP identity information comprises: the SSID information of legal AP, mac address information and legal AP coverage information; Described monitoring identity information comprises: service identifier SSID information, media access control layer mac address information and the signal strength information of AP on every side;
Described AP watch-dog receives the monitoring identity information that AP sends, if do not comprise this monitoring identity information in Cun Chu the legal AP identity information in advance, the AP that judges this monitoring identity information correspondence is that the step of rogue AP comprises:
Service identifier SSID information and the media access control layer mac address information of AP on every side that do not comprise corresponding reception in the SSID information of the legal AP that described AP watch-dog judgement is stored in advance and the mac address information, then the service identifier SSID information of AP and the AP of media access control layer mac address information correspondence are rogue AP on every side, and according to the signal strength information of AP around receiving and the legal AP coverage information of storing in advance, calculating has the distance of the rogue AP of this signal strength signal intensity apart from legal AP.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009102384077A CN102075934A (en) | 2009-11-19 | 2009-11-19 | AP (Access Point) monitor and method and system for monitoring illegal APs |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009102384077A CN102075934A (en) | 2009-11-19 | 2009-11-19 | AP (Access Point) monitor and method and system for monitoring illegal APs |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102075934A true CN102075934A (en) | 2011-05-25 |
Family
ID=44034246
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2009102384077A Pending CN102075934A (en) | 2009-11-19 | 2009-11-19 | AP (Access Point) monitor and method and system for monitoring illegal APs |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102075934A (en) |
Cited By (20)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102316457A (en) * | 2011-09-21 | 2012-01-11 | 中国联合网络通信集团有限公司 | Method for monitoring illegal access device and apparatus thereof |
| CN102438238A (en) * | 2011-12-28 | 2012-05-02 | 武汉虹旭信息技术有限责任公司 | Method for detecting illegal AP (Assembly Program) under centralized WLAN (Wireless Local Area Network) environment |
| CN102724188A (en) * | 2012-06-08 | 2012-10-10 | 成都欣点科技有限公司 | System and method for identifying identity of client in service field |
| CN102843684A (en) * | 2011-06-21 | 2012-12-26 | 航天信息股份有限公司 | Method and system for detecting rogue wireless access point in local area network |
| CN103139778A (en) * | 2013-03-25 | 2013-06-05 | 北京奇虎科技有限公司 | Wireless local area network access system and method |
| CN103856957A (en) * | 2012-12-04 | 2014-06-11 | 航天信息股份有限公司 | Method and device for detecting counterfeit AP in wireless local area network |
| CN103888949A (en) * | 2012-12-19 | 2014-06-25 | 杭州华三通信技术有限公司 | Illegal AP prevention method and device |
| CN104023336A (en) * | 2014-06-13 | 2014-09-03 | 张力军 | Mobile terminal and wireless access method thereof |
| CN104113842A (en) * | 2014-07-31 | 2014-10-22 | 北京金山安全软件有限公司 | Method, device, server and mobile terminal for identifying pseudo wireless network access point |
| CN104349325A (en) * | 2014-11-07 | 2015-02-11 | 工业和信息化部通信计量中心 | Method and device for monitoring pseudo wireless APs (access points) |
| CN104580155A (en) * | 2014-12-11 | 2015-04-29 | 深圳市金立通信设备有限公司 | Safety protection method |
| CN104683984A (en) * | 2015-03-11 | 2015-06-03 | 无锡北邮感知技术产业研究院有限公司 | Wireless communication signal real-time monitoring and processing method and system |
| CN105792205A (en) * | 2016-03-03 | 2016-07-20 | 广东顺德中卡云网络科技有限公司 | Method for client to initiate verification of access point validity |
| WO2016169142A1 (en) * | 2015-04-20 | 2016-10-27 | 中兴通讯股份有限公司 | Method, terminal and system for identifying legitimacy of wireless access point and storage medium |
| CN106102068A (en) * | 2016-08-23 | 2016-11-09 | 大连网月科技股份有限公司 | A kind of illegal wireless access point detection and attack method and device |
| CN103368941B (en) * | 2013-04-22 | 2017-04-05 | 北京奇虎科技有限公司 | A kind of method and apparatus of the protection based on subscriber network access scene |
| CN107241724A (en) * | 2017-06-23 | 2017-10-10 | 上海斐讯数据通信技术有限公司 | The detection method and system of a kind of access point |
| CN109309657A (en) * | 2017-07-28 | 2019-02-05 | 株式会社喜得建 | Unauthorized access point detection system and method, user terminal and computer program for it |
| CN112105028A (en) * | 2019-06-17 | 2020-12-18 | 南宁富桂精密工业有限公司 | Apparatus, method and computer readable storage medium for suppressing detection of illegal AP |
| CN113709744A (en) * | 2021-10-28 | 2021-11-26 | 连连(杭州)信息技术有限公司 | Wi-Fi control method and device, electronic equipment and storage medium |
-
2009
- 2009-11-19 CN CN2009102384077A patent/CN102075934A/en active Pending
Cited By (29)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102843684A (en) * | 2011-06-21 | 2012-12-26 | 航天信息股份有限公司 | Method and system for detecting rogue wireless access point in local area network |
| CN102316457A (en) * | 2011-09-21 | 2012-01-11 | 中国联合网络通信集团有限公司 | Method for monitoring illegal access device and apparatus thereof |
| CN102438238A (en) * | 2011-12-28 | 2012-05-02 | 武汉虹旭信息技术有限责任公司 | Method for detecting illegal AP (Assembly Program) under centralized WLAN (Wireless Local Area Network) environment |
| CN102724188A (en) * | 2012-06-08 | 2012-10-10 | 成都欣点科技有限公司 | System and method for identifying identity of client in service field |
| CN103856957A (en) * | 2012-12-04 | 2014-06-11 | 航天信息股份有限公司 | Method and device for detecting counterfeit AP in wireless local area network |
| CN103856957B (en) * | 2012-12-04 | 2018-01-12 | 航天信息股份有限公司 | Counterfeit AP method and apparatus in detection wireless LAN |
| CN103888949A (en) * | 2012-12-19 | 2014-06-25 | 杭州华三通信技术有限公司 | Illegal AP prevention method and device |
| CN103139778A (en) * | 2013-03-25 | 2013-06-05 | 北京奇虎科技有限公司 | Wireless local area network access system and method |
| CN103139778B (en) * | 2013-03-25 | 2017-02-08 | 北京奇虎科技有限公司 | wireless local area network access system and method |
| CN103368941B (en) * | 2013-04-22 | 2017-04-05 | 北京奇虎科技有限公司 | A kind of method and apparatus of the protection based on subscriber network access scene |
| CN104023336A (en) * | 2014-06-13 | 2014-09-03 | 张力军 | Mobile terminal and wireless access method thereof |
| CN104023336B (en) * | 2014-06-13 | 2018-12-21 | 张力军 | The radio switch-in method and mobile terminal of mobile terminal |
| CN104113842A (en) * | 2014-07-31 | 2014-10-22 | 北京金山安全软件有限公司 | Method, device, server and mobile terminal for identifying pseudo wireless network access point |
| CN104113842B (en) * | 2014-07-31 | 2017-10-24 | 北京金山安全软件有限公司 | Method, device, server and mobile terminal for identifying pseudo wireless network access point |
| CN104349325B (en) * | 2014-11-07 | 2018-09-28 | 工业和信息化部通信计量中心 | Method and device for monitoring pseudo- wireless access point AP |
| CN104349325A (en) * | 2014-11-07 | 2015-02-11 | 工业和信息化部通信计量中心 | Method and device for monitoring pseudo wireless APs (access points) |
| CN104580155A (en) * | 2014-12-11 | 2015-04-29 | 深圳市金立通信设备有限公司 | Safety protection method |
| CN104683984B (en) * | 2015-03-11 | 2018-05-08 | 无锡北邮感知技术产业研究院有限公司 | The real-time monitoring process method of wireless communication signals and system |
| CN104683984A (en) * | 2015-03-11 | 2015-06-03 | 无锡北邮感知技术产业研究院有限公司 | Wireless communication signal real-time monitoring and processing method and system |
| CN106162649A (en) * | 2015-04-20 | 2016-11-23 | 中兴通讯股份有限公司 | A kind of identify the method for WAP legitimacy, terminal and system |
| WO2016169142A1 (en) * | 2015-04-20 | 2016-10-27 | 中兴通讯股份有限公司 | Method, terminal and system for identifying legitimacy of wireless access point and storage medium |
| CN105792205A (en) * | 2016-03-03 | 2016-07-20 | 广东顺德中卡云网络科技有限公司 | Method for client to initiate verification of access point validity |
| CN106102068A (en) * | 2016-08-23 | 2016-11-09 | 大连网月科技股份有限公司 | A kind of illegal wireless access point detection and attack method and device |
| CN107241724A (en) * | 2017-06-23 | 2017-10-10 | 上海斐讯数据通信技术有限公司 | The detection method and system of a kind of access point |
| CN109309657A (en) * | 2017-07-28 | 2019-02-05 | 株式会社喜得建 | Unauthorized access point detection system and method, user terminal and computer program for it |
| CN112105028A (en) * | 2019-06-17 | 2020-12-18 | 南宁富桂精密工业有限公司 | Apparatus, method and computer readable storage medium for suppressing detection of illegal AP |
| CN112105028B (en) * | 2019-06-17 | 2022-12-06 | 南宁富联富桂精密工业有限公司 | Illegal AP detection suppression device, method and computer readable storage medium |
| CN113709744A (en) * | 2021-10-28 | 2021-11-26 | 连连(杭州)信息技术有限公司 | Wi-Fi control method and device, electronic equipment and storage medium |
| CN113709744B (en) * | 2021-10-28 | 2022-03-11 | 连连(杭州)信息技术有限公司 | Wi-Fi control method and device, electronic equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102075934A (en) | AP (Access Point) monitor and method and system for monitoring illegal APs | |
| CN104486835B (en) | A kind of positioner based on WAP and video monitoring | |
| CN107005442B (en) | Method and apparatus for remote access | |
| US20030200455A1 (en) | Method applicable to wireless lan for security control and attack detection | |
| CN103119974B (en) | For safeguarding the system and method for the privacy in wireless network | |
| CN1783810B (en) | Method used for determining | |
| EP3014842B1 (en) | Validating presence of a communication device using a wireless local area network | |
| CN101277231B (en) | Method and system for detecting wireless access points, switch and client terminal | |
| US20070186276A1 (en) | Auto-detection and notification of access point identity theft | |
| CN102111766B (en) | Network accessing method, device and system | |
| CN102202298B (en) | The method of network is added in conjunction with network and Wireless Sensor Network Terminal | |
| KR100749720B1 (en) | Access point device and method for supporting multiple authentication policies | |
| CN104540134B (en) | Wireless access node detection method, wireless network detecting system and server | |
| CN106851632A (en) | A kind of smart machine accesses the method and device of WLAN | |
| CN104221414A (en) | Secure and automatic connection to wireless network | |
| JP4504970B2 (en) | Virtual wireless local area network | |
| CN104837136B (en) | Wireless access authentication method and device | |
| CN102843684A (en) | Method and system for detecting rogue wireless access point in local area network | |
| TWI462604B (en) | Wireless network client-authentication system and wireless network connection method thereof | |
| CN102143492B (en) | Method for establishing virtual private network (VPN) connection, mobile terminal and server | |
| CN107027121A (en) | A kind of WiFi network safety access method and device | |
| CN103856957A (en) | Method and device for detecting counterfeit AP in wireless local area network | |
| CN106412901A (en) | Network-loitering prevention wireless routing method and system | |
| CN100502300C (en) | Method for detecting illegally cut-in point in radio local network | |
| CN104580116A (en) | Management method and equipment of security policy |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20110525 |