CN104486765A - Wireless intrusion detecting system and detecting method - Google Patents
Wireless intrusion detecting system and detecting method Download PDFInfo
- Publication number
- CN104486765A CN104486765A CN201410801051.4A CN201410801051A CN104486765A CN 104486765 A CN104486765 A CN 104486765A CN 201410801051 A CN201410801051 A CN 201410801051A CN 104486765 A CN104486765 A CN 104486765A
- Authority
- CN
- China
- Prior art keywords
- control unit
- sta
- wireless
- exist
- reception device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a wireless intrusion detecting system. The wireless intrusion detecting system comprises an acquisition unit, a control unit and an executing unit, wherein the acquisition unit is used for scanning and acquiring the data information of APs (Access Point) and STAs (Station) in a wireless network within a certain range at the periphery of the acquisition unit; the control unit is connected with the acquisition unit and used for checking the validity of the data information reported by the acquisition unit according to a previously configured detecting strategy; the executing unit is connected with the control unit and used for processing unknown wireless access equipment according to validity check results obtained by the control unit. The invention further discloses a wireless intrusion detecting method. The method can detect and defend potential threatens in the wireless network, make response, detect illegal network behavior through monitoring and analyzing the activity of a user, make alarm on abnormal network flow, and enhance network safety, so that the existing security system is perfected, the system condition can be better grasped, the attack line of an attacker can be traced, and a wrecker can be arrested.
Description
Technical field
The present invention relates to wireless data security technology area, be specifically related to a kind of wireless invasive detection system and detection method thereof.
Background technology
Now along with the raising of hacking technique, WLAN (wireless local area network) is subject to increasing threat.The error of configuration wireless base station causes Session Hijack and Denial of Service attack all the safety of WLAN (wireless local area network) as pestilence General Influence.Wireless network not only because under attack based on conventional wired networks TCP/IP framework, is also likely subject to issuing the safety problem of 802.11 standards itself based on International Electrical and Electronic Engineering Association and being on the hazard.
Due to now wireless opening, make wirelessly to be easy to be monitored and the various threat such as attack, the encryption method of 802.11 standards and Wired Equivalent Privacy are all very fragile.Even if Wired Equivalent Privacy is used in WLAN (wireless local area network), hacker also obtains critical data by the means of deciphering or deception.Along with low cost causes the popular of present WLAN (wireless local area network) with being easy to configure, many users also can in the conventional local area erection wireless base station of oneself, the backdoor programs that some users of the thing followed install on network, also result in the adverse environment open to hacker.Perhaps the conventional local area user setting up wireless base station is faced with the threat of the monitoring suffering hacker too.
Network based on 802.11 standards also likely goes whistle the threat of service attack, thus makes WLAN (wireless local area network) be difficult to work.Wireless telecommunications can cause signal attenuation owing to being subject to some threats physically, and these threats comprise: tree, building, and the object of wireless telecommunications is destroyed on thunderstorm and mountain peak etc.Picture microwave oven, radio telephone also may threaten the wireless network based on 802.11 standards.The Denial of Service attack of the malice that hacker is initiated by wireless base station can cause system to restart.
Add firewall functionality in present router, some simple packets can be done and detect and prevent the data of large discharge and make system crash.This security protection system imperfection, fail safe is inadequate.
Summary of the invention
The object of the present invention is to provide a kind of wireless invasive detection system and detection method thereof, can detect and defend threat potential in wireless network, and react, by monitoring the activity analyzing user, judge the type of intrusion event, detect illegal network behavior, the network traffics of exception are reported to the police, enhance the fail safe of network, make existing security protection system more perfect, the situation of system can be grasped better, can the attack circuit of pursuit attack person, friendly interface, is convenient to set up security protection system, can catches troublemaker.
In order to achieve the above object, the present invention is achieved through the following technical solutions: a kind of wireless invasive detection system, is characterized in, comprises:
Acquiring unit, for scanning around acquiring unit the data message of AP and STA in wireless network in certain limit;
Control unit, is connected with described acquiring unit, for carrying out validity checking according to pre-configured inspection policies to the data message that acquiring unit reports.
Described wireless invasive detection system also comprises a performance element, be connected with described control unit, validity checking result for drawing according to control unit processes unknown radio reception device, if unknown radio reception device is invasion equipment, then this unknown radio reception device is joined in blacklist, and take counterattacking measure; If unknown radio reception device is not invasion equipment, then this unknown radio reception device is joined in white list.
A kind of wireless invasive detection method, is characterized in, comprises following steps:
The data message of AP and STA in S1, acquiring unit scanning wireless network, and these data messages are reported to control unit;
S2, control unit carry out validity checking according to pre-configured inspection policies to the data message that acquiring unit reports;
S3, control unit judge whether unknown radio reception device is invasion equipment.
Also comprise a step S4 after described step S3, performance element processes unknown radio reception device; ;
If the unknown radio reception device of S4.1 is invasion equipment, then this unknown radio reception device joins in blacklist by performance element, and takes counterattacking measure;
If the unknown radio reception device of S4.2 is not invasion equipment, then this unknown radio reception device joins in white list by performance element.
The counterattacking measure that described step S4 takes is, carries out physical address location to invasion equipment, and forges the data message of invasion equipment, sends remove message to wireless network, refusal invasion device access wireless network.
In described step S1, when control unit does not receive the data message that acquiring unit reports, control unit continues to monitor the data message that acquiring unit reports.
Inspection policies pre-configured in described step S2 is that first control unit carries out legitimacy detection to AP, if AP is legal AP, continues to carry out legitimacy detection to STA, specifically comprises following steps:
S2.1, control unit judge whether AP is rogue AP;
S2.2, if so, then this AP joins in static attack list by performance element, and disconnects the connection of this AP and wireless network;
If not, then step S2.3 is performed;
S2.3, control unit judge whether STA is illegality equipment;
S2.4, if so, then this STA joins in blacklist by performance element;
S2.5, if not, then this STA joins in white list by performance element.
Described step S2.1 specifically comprises:
S2.1.1, control unit search this AP in static attack list;
If exist, then this AP is regarded as rogue AP;
If do not exist, then perform step S2.1.2;
S2.1.2, control unit search this AP in the list of permission MAC Address;
If exist, then this AP is regarded as legal AP;
If do not exist, then perform step S2.1.3;
S2.1.3, control unit search this AP in permission ssid list;
If do not exist, then this AP is regarded as rogue AP;
If exist, then perform step S2.1.4;
S2.1.4, control unit search this AP in the list of permission manufacturer;
If do not exist, then this AP is regarded as rogue AP;
If exist, then this AP is regarded as legal AP.
Described step S2.3 specifically comprises:
S2.3.1, control unit search this STA in blacklist;
If exist, then this STA is regarded as invasion equipment;
If do not exist, then perform step S2.3.2;
S2.3.2, control unit search this STA in the list of permission MAC Address;
If exist, then this STA is regarded as legal STA;
If do not exist, then perform step S2.3.3;
S2.3.3 control unit checks the BSSID that this STA associates;
If BSSID is illegal MAC Address, then this STA is regarded as invasion equipment;
If BSSID is legal MAC Address, then this STA is regarded as legitimate device.
A kind of wireless invasive detection system of the present invention and detection method thereof compared with prior art have the following advantages: the present invention judges destruction system and intrusion event by the transmission data analyzed in network, monitor analysis of user activities, judge the type of intrusion event, detect illegal network behavior, the network traffics of exception are reported to the police, and the invasion equipment of the system of destruction is reacted; In order to the malice in Timeliness coverage wireless network or attack unintentionally, by adding assailant to the mode informing network manager of black transmission daily record, realizing the protection to wireless network secure, enhancing the fail safe of wireless network; Traditional fire compartment wall mainly prevents the attack of external hackers, and list or recorded information, the present invention can detect the known and unknown attack from network internal, and makes a response to attack.
Accompanying drawing explanation
Fig. 1 is the overall structure schematic diagram of a kind of wireless invasive detection system of the present invention;
Fig. 2 is the flow chart of a kind of wireless invasive detection method of the present invention;
Fig. 3 is inspection policies flow chart;
Fig. 4 is rogue AP decision flow chart;
Fig. 5 is invasion equipment decision flow chart.
Embodiment
Below in conjunction with accompanying drawing, by describing a preferably specific embodiment in detail, the present invention is further elaborated.
As shown in Figure 1, a kind of wireless invasive detection system, comprises: acquiring unit 1, for scanning the data message of AP and STA in wireless network in acquiring unit 1 surrounding certain limit; Control unit 2, is connected with described acquiring unit 1, for carrying out validity checking according to pre-configured inspection policies to the data message that acquiring unit 1 reports; Performance element 3, be connected with described control unit 2, for the validity checking result drawn according to control unit 2, unknown radio reception device processed, if unknown radio reception device is invasion equipment, then this unknown radio reception device is joined in blacklist, and take counterattacking measure; If unknown radio reception device is not invasion equipment, then this unknown radio reception device is joined in white list.
As shown in Figure 2, in order to the application of better descriptive system, the invention also discloses a kind of wireless invasive detection method, comprise following steps:
S1, acquiring unit 1 scan the data message of AP and STA in wireless network, and these data messages are reported to control unit 2;
S2, control unit 2 carry out validity checking according to pre-configured inspection policies to the data message that acquiring unit 1 reports;
S3, control unit 2 judge whether unknown radio reception device is invasion equipment;
S4, performance element 3 process unknown radio reception device;
If the unknown radio reception device of S4.1 is invasion equipment, then this unknown radio reception device joins in blacklist by performance element 3, and takes counterattacking measure;
If the unknown radio reception device of S4.2 is not invasion equipment, then this unknown radio reception device joins in white list by performance element 3.
The counterattacking measure that described step S4 takes is, carries out physical address location to invasion equipment, and forges the data message of invasion equipment, sends remove message to wireless network, refusal invasion device access wireless network.
In described step S1, when control unit 2 does not receive the data message that acquiring unit 1 reports, control unit 2 continues to monitor the data message that acquiring unit 1 reports.
Inspection policies pre-configured in described step S2 is that first control unit 2 carries out legitimacy detection to AP, if AP is legal AP, continues to carry out legitimacy detection to STA, as shown in Figure 3, specifically comprises following steps:
S2.1, control unit 2 judge whether AP is rogue AP;
S2.2, if so, then this AP joins in static attack list by performance element 3, and disconnects the connection of this AP and wireless network;
If not, then step S2.3 is performed;
S2.3, control unit 2 judge whether STA is illegality equipment;
S2.4, if so, then this STA joins in blacklist by performance element 3;
S2.5, if not, then this STA joins in white list by performance element 3.
As shown in Figure 4, described step S2.1 specifically comprises:
S2.1.1, control unit 2 search this AP in static attack list;
If exist, then this AP is regarded as rogue AP;
If do not exist, then perform step S2.1.2;
S2.1.2, control unit 2 search this AP in the list of permission MAC Address;
If exist, then this AP is regarded as legal AP;
If do not exist, then perform step S2.1.3;
S2.1.3, control unit 2 search this AP in permission ssid list;
If do not exist, then this AP is regarded as rogue AP;
If exist, then perform step S2.1.4;
S2.1.4, control unit 2 search this AP in the list of permission manufacturer;
If do not exist, then this AP is regarded as rogue AP;
If exist, then this AP is regarded as legal AP.
As shown in Figure 5, described step S2.3 specifically comprises:
S2.3.1, control unit 2 search this STA in blacklist;
If exist, then this STA is regarded as invasion equipment;
If do not exist, then perform step S2.3.2;
S2.3.2, control unit 2 search this STA in the list of permission MAC Address;
If exist, then this STA is regarded as legal STA;
If do not exist, then perform step S2.3.3;
S2.3.3, control unit 2 check the BSSID that this STA associates;
If BSSID is illegal MAC Address, then this STA is regarded as invasion equipment;
If BSSID is legal MAC Address, then this STA is regarded as legitimate device.
Embody rule: WLAN (wireless local area network) is configured in a relatively large place usually, this situation, in order to better Received signal strength, needs to configure multiple wireless base station, at the position deploy detector of wireless base station, can improve the coverage of signal like this.Due to this physical structure, most hacker's behavior will be detected physics and respond.
Physical positioning is a part and parcel, the attack for 802.11 through be everlasting close under perform soon, therefore the response of attacking just has been inevitable, has adopted and block illegal IP counter and attack.Dispose the IP that invader found out by detector, and, must be timely.Be different from traditional local area network (LAN), the telecommunication network that hacker can attack, the invader of WLAN (wireless local area network), just in this locality, by estimating the physical address of invader, analyzing data and finding out victim, just more easily can locate the address of invader.
The present invention not only can find out invader, and it can also strengthen strategy, by using strong strategy, WLAN (wireless local area network) can be made safer, the behavior of assailant can be detected, the wireless base station of invader can also be detected, identify the data traffic of unencrypted 802.11 standard.
Wireless network secure of the present invention is on the hazard done reaction, and comprise the steps: the customization of detected rule, network sweep, the judgement of illegality equipment, takes counterattacking measure.
First according to the rule formulated, self-defined a series of rule as required, judges that all wireless devices not meeting rule definition will be identified illegal equipment.Such as attack list by configuring static, allow MAC Address list, allow ssid list, allow manufacturer's list to judge rogue AP, by configuration blacklist, allow MAC Address list and carry out inspection to the BSSID of STA association to judge invasion equipment.
By network sweep, 802.11 messages receiving the transmission of other equipment are formed report, searches unwarranted equipment.When illegal wireless access point (Rogue AP) enters wireless network, and make radio reception device (STA) associated, the information that native system is sent to illegal wireless access point (Rogue AP) and radio reception device (STA) by Scanning Detction, and give access controller (AC) i.e. control unit of the present invention these information.AC is according to predefined rule, determine that illegal wireless access point (Rogue AP) is a rogue AP, illegal wireless access point (Rogue AP) is added and attacks list (Attack List), forge radio reception device (STA) by Executive Module and send the message removing certification, make radio reception device (STA) and illegal wireless access point (Rogue AP) disconnect and be accessed by legal access point.
Stop the counter skill that make use of in some agreements of invasion equipment or interrupt the connection (setting up base station blocking technology illegally) setting up base station illegally, its major technique starts to block attack to the network set up illegally.Send out the data message of forgery with some equipment, the frame that these messages may transmit with illegality equipment collides with one another, make work station do not know institute from.
Although content of the present invention has done detailed introduction by above preferred embodiment, will be appreciated that above-mentioned description should not be considered to limitation of the present invention.After those skilled in the art have read foregoing, for multiple amendment of the present invention and substitute will be all apparent.Therefore, protection scope of the present invention should be limited to the appended claims.
Claims (9)
1. a wireless invasive detection system, is characterized in that, comprises:
Acquiring unit (1), for scanning the data message of AP and STA in wireless network in acquiring unit (1) surrounding certain limit;
Control unit (2), is connected with described acquiring unit (1), for carrying out validity checking according to pre-configured inspection policies to the data message that acquiring unit (1) reports.
2. wireless invasive detection system as claimed in claim 1, it is characterized in that, described wireless invasive detection system also comprises a performance element (3), be connected with described control unit (2), validity checking result for drawing according to control unit (2) processes unknown radio reception device, if unknown radio reception device is invasion equipment, then this unknown radio reception device is joined in blacklist, and take counterattacking measure; If unknown radio reception device is not invasion equipment, then this unknown radio reception device is joined in white list.
3. a wireless invasive detection method, is characterized in that, comprises following steps:
The data message of AP and STA in S1, acquiring unit (1) scanning wireless network, and these data messages are reported to control unit (2);
S2, control unit (2) carry out validity checking according to pre-configured inspection policies to the data message that acquiring unit (1) reports;
S3, control unit (2) judge whether unknown radio reception device is invasion equipment.
4. wireless invasive detection method as claimed in claim 3, it is characterized in that, also comprise a step S4 after described step S3, performance element (3) processes unknown radio reception device; ;
If the unknown radio reception device of S4.1 is invasion equipment, then this unknown radio reception device joins in blacklist by performance element (3), and takes counterattacking measure;
If the unknown radio reception device of S4.2 is not invasion equipment, then this unknown radio reception device joins in white list by performance element (3).
5. wireless invasive detection method as claimed in claim 4, it is characterized in that, the counterattacking measure that described step S4 takes is, physical address location is carried out to invasion equipment, and forge the data message of invasion equipment, send to wireless network and remove message, refusal invasion device access wireless network.
6. wireless invasive detection method as claimed in claim 3, it is characterized in that, in described step S1, when control unit (2) does not receive the data message that acquiring unit (1) reports, control unit (2) continues to monitor the data message that acquiring unit (1) reports.
7. wireless invasive detection method as claimed in claim 3, it is characterized in that, inspection policies pre-configured in described step S2 is that control unit (2) first carries out legitimacy detection to AP, if AP is legal AP, continues to carry out legitimacy detection to STA, specifically comprises following steps:
S2.1, control unit (2) judge whether AP is rogue AP;
S2.2, if so, then this AP joins in static attack list by performance element (3), and disconnects the connection of this AP and wireless network;
If not, then step S2.3 is performed;
S2.3, control unit (2) judge whether STA is illegality equipment;
S2.4, if so, then this STA joins in blacklist by performance element (3);
S2.5, if not, then this STA joins in white list by performance element (3).
8. wireless invasive detection method as claimed in claim 7, it is characterized in that, described step S2.1 specifically comprises:
S2.1.1, control unit (2) search this AP in static attack list;
If exist, then this AP is regarded as rogue AP;
If do not exist, then perform step S2.1.2;
S2.1.2, control unit (2) search this AP in the list of permission MAC Address;
If exist, then this AP is regarded as legal AP;
If do not exist, then perform step S2.1.3;
S2.1.3, control unit (2) search this AP in permission ssid list;
If do not exist, then this AP is regarded as rogue AP;
If exist, then perform step S2.1.4;
S2.1.4, control unit (2) search this AP in the list of permission manufacturer;
If do not exist, then this AP is regarded as rogue AP;
If exist, then this AP is regarded as legal AP.
9. wireless invasive detection method as claimed in claim 7, it is characterized in that, described step S2.3 specifically comprises:
S2.3.1, control unit (2) search this STA in blacklist;
If exist, then this STA is regarded as invasion equipment;
If do not exist, then perform step S2.3.2;
S2.3.2, control unit (2) search this STA in the list of permission MAC Address;
If exist, then this STA is regarded as legal STA;
If do not exist, then perform step S2.3.3;
S2.3.3, control unit (2) check the BSSID that this STA associates;
If BSSID is illegal MAC Address, then this STA is regarded as invasion equipment;
If BSSID is legal MAC Address, then this STA is regarded as legitimate device.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410801051.4A CN104486765A (en) | 2014-12-22 | 2014-12-22 | Wireless intrusion detecting system and detecting method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410801051.4A CN104486765A (en) | 2014-12-22 | 2014-12-22 | Wireless intrusion detecting system and detecting method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104486765A true CN104486765A (en) | 2015-04-01 |
Family
ID=52761255
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410801051.4A Pending CN104486765A (en) | 2014-12-22 | 2014-12-22 | Wireless intrusion detecting system and detecting method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104486765A (en) |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106211161A (en) * | 2016-06-23 | 2016-12-07 | 杭州华三通信技术有限公司 | A kind of equipment counter method and device |
| CN106899978A (en) * | 2017-03-16 | 2017-06-27 | 杭州安恒信息技术有限公司 | A kind of wireless network attack localization method |
| CN107040544A (en) * | 2017-05-15 | 2017-08-11 | 上海斐讯数据通信技术有限公司 | A kind of intrusion detection method based on flow, apparatus and system |
| CN107465702A (en) * | 2017-09-30 | 2017-12-12 | 北京奇虎科技有限公司 | Method for early warning and device based on wireless network invasion |
| CN107484173A (en) * | 2017-09-30 | 2017-12-15 | 北京奇虎科技有限公司 | Wireless network intrusion detection method and device |
| CN107548066A (en) * | 2017-08-18 | 2018-01-05 | 新华三技术有限公司 | A kind of equipment localization method and device |
| CN107579997A (en) * | 2017-09-30 | 2018-01-12 | 北京奇虎科技有限公司 | Wireless network intrusion detection system |
| CN107612924A (en) * | 2017-09-30 | 2018-01-19 | 北京奇虎科技有限公司 | Attacker's localization method and device based on wireless network invasion |
| CN107995626A (en) * | 2017-12-04 | 2018-05-04 | 锐捷网络股份有限公司 | A kind of method and apparatus for identifying WIFI signal security class in WLAN |
| CN108235322A (en) * | 2017-12-28 | 2018-06-29 | 新华三技术有限公司 | A kind of counter method and device of wireless device |
| CN111741473A (en) * | 2020-05-15 | 2020-10-02 | 深圳市华成峰科技有限公司 | Method and device for controlling wireless coverage and network security |
| CN111970256A (en) * | 2020-07-31 | 2020-11-20 | 深圳市研锐智能科技有限公司 | Intelligent isolation and information exchange network brake system |
| CN112073391A (en) * | 2020-08-25 | 2020-12-11 | 深圳市安络科技有限公司 | Method and device for monitoring network traffic |
| CN112558628A (en) * | 2020-11-23 | 2021-03-26 | 深圳市中博科创信息技术有限公司 | Ad-hoc network unmanned aerial vehicle-based control method and computer-readable storage medium |
| CN114245382A (en) * | 2021-11-19 | 2022-03-25 | 深圳市伟文无线通讯技术有限公司 | Method and system for safely accessing strange wifi through mobile router |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101286948A (en) * | 2008-05-30 | 2008-10-15 | 杭州华三通信技术有限公司 | Access authority control method and wireless access equipment |
| CN102843684A (en) * | 2011-06-21 | 2012-12-26 | 航天信息股份有限公司 | Method and system for detecting rogue wireless access point in local area network |
| CN103401691A (en) * | 2013-07-18 | 2013-11-20 | 山东省计算中心 | Portable WiFi equipment invasion precautionary method |
-
2014
- 2014-12-22 CN CN201410801051.4A patent/CN104486765A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101286948A (en) * | 2008-05-30 | 2008-10-15 | 杭州华三通信技术有限公司 | Access authority control method and wireless access equipment |
| CN102843684A (en) * | 2011-06-21 | 2012-12-26 | 航天信息股份有限公司 | Method and system for detecting rogue wireless access point in local area network |
| CN103401691A (en) * | 2013-07-18 | 2013-11-20 | 山东省计算中心 | Portable WiFi equipment invasion precautionary method |
Cited By (21)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106211161A (en) * | 2016-06-23 | 2016-12-07 | 杭州华三通信技术有限公司 | A kind of equipment counter method and device |
| CN106899978A (en) * | 2017-03-16 | 2017-06-27 | 杭州安恒信息技术有限公司 | A kind of wireless network attack localization method |
| CN107040544A (en) * | 2017-05-15 | 2017-08-11 | 上海斐讯数据通信技术有限公司 | A kind of intrusion detection method based on flow, apparatus and system |
| CN107040544B (en) * | 2017-05-15 | 2020-10-16 | 北京国科环宇科技股份有限公司 | Intrusion detection method, device and system based on flow |
| CN107548066A (en) * | 2017-08-18 | 2018-01-05 | 新华三技术有限公司 | A kind of equipment localization method and device |
| CN107612924B (en) * | 2017-09-30 | 2021-02-23 | 北京奇虎科技有限公司 | Attacker positioning method and device based on wireless network intrusion |
| CN107465702A (en) * | 2017-09-30 | 2017-12-12 | 北京奇虎科技有限公司 | Method for early warning and device based on wireless network invasion |
| CN107612924A (en) * | 2017-09-30 | 2018-01-19 | 北京奇虎科技有限公司 | Attacker's localization method and device based on wireless network invasion |
| CN107579997A (en) * | 2017-09-30 | 2018-01-12 | 北京奇虎科技有限公司 | Wireless network intrusion detection system |
| CN107465702B (en) * | 2017-09-30 | 2020-11-13 | 北京奇虎科技有限公司 | Early warning method and device based on wireless network intrusion |
| CN107484173A (en) * | 2017-09-30 | 2017-12-15 | 北京奇虎科技有限公司 | Wireless network intrusion detection method and device |
| CN107995626A (en) * | 2017-12-04 | 2018-05-04 | 锐捷网络股份有限公司 | A kind of method and apparatus for identifying WIFI signal security class in WLAN |
| CN107995626B (en) * | 2017-12-04 | 2022-01-11 | 锐捷网络股份有限公司 | Method and device for identifying WIFI signal security category in wireless local area network |
| CN108235322A (en) * | 2017-12-28 | 2018-06-29 | 新华三技术有限公司 | A kind of counter method and device of wireless device |
| CN108235322B (en) * | 2017-12-28 | 2021-06-29 | 新华三技术有限公司 | Reverse control method and device for wireless equipment |
| CN111741473A (en) * | 2020-05-15 | 2020-10-02 | 深圳市华成峰科技有限公司 | Method and device for controlling wireless coverage and network security |
| CN111741473B (en) * | 2020-05-15 | 2023-04-18 | 深圳市华成峰科技有限公司 | Method and device for controlling wireless coverage and network security |
| CN111970256A (en) * | 2020-07-31 | 2020-11-20 | 深圳市研锐智能科技有限公司 | Intelligent isolation and information exchange network brake system |
| CN112073391A (en) * | 2020-08-25 | 2020-12-11 | 深圳市安络科技有限公司 | Method and device for monitoring network traffic |
| CN112558628A (en) * | 2020-11-23 | 2021-03-26 | 深圳市中博科创信息技术有限公司 | Ad-hoc network unmanned aerial vehicle-based control method and computer-readable storage medium |
| CN114245382A (en) * | 2021-11-19 | 2022-03-25 | 深圳市伟文无线通讯技术有限公司 | Method and system for safely accessing strange wifi through mobile router |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104486765A (en) | Wireless intrusion detecting system and detecting method | |
| KR102329493B1 (en) | Method and apparatus for preventing connection in wireless intrusion prevention system | |
| US7216365B2 (en) | Automated sniffer apparatus and method for wireless local area network security | |
| Lim et al. | Wireless intrusion detection and response | |
| KR100628325B1 (en) | Intrusion detection sensor detecting attacks against wireless network and system and method for detecting wireless network intrusion | |
| US9003527B2 (en) | Automated method and system for monitoring local area computer networks for unauthorized wireless access | |
| US9781137B2 (en) | Fake base station detection with core network support | |
| US20150040194A1 (en) | Monitoring of smart mobile devices in the wireless access networks | |
| CN104540134B (en) | Wireless access node detection method, wireless network detecting system and server | |
| CN105681272A (en) | Method for detecting and defensing fishing WiFi of mobile terminal | |
| Boob et al. | Wireless intrusion detection system | |
| Chen et al. | An intelligent WLAN intrusion prevention system based on signature detection and plan recognition | |
| Sriram et al. | Detecting and eliminating Rogue Access Points in IEEE-802.11 WLAN-a multi-agent sourcing Methodology | |
| CN106878992B (en) | Wireless network security detection method and system | |
| Baharudin et al. | Wireless intruder detection system (WIDS) in detecting de-authentication and disassociation attacks in IEEE 802.11 | |
| Lovinger et al. | Detection of wireless fake access points | |
| VanSickle et al. | Effectiveness of tools in identifying rogue access points on a wireless network | |
| US9100429B2 (en) | Apparatus for analyzing vulnerability of wireless local area network | |
| KR101186873B1 (en) | Wireless intrusion protecting system based on signature | |
| CN104410971A (en) | Security operation method of wireless local area network | |
| KR101083727B1 (en) | Apparatus and method of wireless network security | |
| Timofte | Wireless intrusion prevention systems | |
| Shourbaji et al. | Wireless intrusion detection systems (WIDS) | |
| CN104363595A (en) | Wireless local area network safety assessment system | |
| KR20240030918A (en) | Location-based Wi-Fi firewall building system and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20150401 |
|
| WD01 | Invention patent application deemed withdrawn after publication |