CN105119908B - Wireless network secure control method, device and wireless router - Google Patents

Wireless network secure control method, device and wireless router Download PDF

Info

Publication number
CN105119908B
CN105119908B CN201510434506.8A CN201510434506A CN105119908B CN 105119908 B CN105119908 B CN 105119908B CN 201510434506 A CN201510434506 A CN 201510434506A CN 105119908 B CN105119908 B CN 105119908B
Authority
CN
China
Prior art keywords
radiofrequency signal
waveform
connecting pin
wireless network
power
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201510434506.8A
Other languages
Chinese (zh)
Other versions
CN105119908A (en
Inventor
唐仲春
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SHANGHAI WIWIDE NETWORK TECHNOLOGY Co Ltd
Original Assignee
SHANGHAI WIWIDE NETWORK TECHNOLOGY Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SHANGHAI WIWIDE NETWORK TECHNOLOGY Co Ltd filed Critical SHANGHAI WIWIDE NETWORK TECHNOLOGY Co Ltd
Priority to CN201510434506.8A priority Critical patent/CN105119908B/en
Publication of CN105119908A publication Critical patent/CN105119908A/en
Application granted granted Critical
Publication of CN105119908B publication Critical patent/CN105119908B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic

Abstract

A kind of wireless network secure control method, device and wireless router, wherein the network safety control method includes:Receive the radiofrequency signal that connecting pin is sent;Detect the waveform of the radiofrequency signal;When the waveform of the radiofrequency signal and preset flood attack waveform match, judge the connecting pin for attack source.By the wireless network secure control method, device and wireless router, the Denial of Service attack for WLAN can be effectively differentiated.

Description

Wireless network secure control method, device and wireless router
Technical field
The present invention relates to wireless technical field more particularly to a kind of wireless network secure control method, device and without circuit By device.
Background technology
In many Computer Networkings, WLAN because its without wiring, it is low-cost, safeguard it is simple etc. excellent Point plays other networking technology irreplaceable roles in many application scenarios.As WLAN application gradually increases, It will extend cable LAN, and perhaps can replace in some cases.It is expected that Future Information without no Epoch, WLAN will obtain wider by its incomparable flexibility, mobility and extremely strong extendible capacity General application, make people really enjoy it is simple, easily and efficiently connect.
With the extensive use of WLAN, safety issue also increasingly highlights importance.Currently, for wireless In the attack of LAN, Denial of Service attack, if ARP is attacked, ICMP attack etc. is a kind of common and be easy to cause serious The attack of destruction.For example, ARP attacks are to carry out ARP deceptions by forging IP address and MAC Address by attacker, and hold It is continuous constantly to send out respond request, to generate a large amount of ARP traffics, serious consumption of network resources and equipment money in a network Source.For another example, ICMP orders can be used for detect network it is whether unobstructed, by constantly sending ICMP data packets, to WLAN into Row bombs, and causes network slow or even equipment paralysis.
The transmission-receiving function and data forwarding capability of wireless signal may be implemented in existing wireless router, however can not have Effect takes precautions against above-mentioned Denial of Service attack, to which the network security to LAN causes a hidden trouble.
Invention content
The embodiment of the present invention solves the problems, such as it is the Denial of Service attack how effectively differentiated for WLAN.
To solve the above problems, the embodiment of the present invention provides a kind of wireless network secure control method, including:
Receive the radiofrequency signal that connecting pin is sent;
Detect the waveform of the radiofrequency signal;
When the waveform of the radiofrequency signal and preset flood attack waveform match, judge the connecting pin for attack Source.
Optionally, the wireless network secure control method further includes:When judge the connecting pin for attack source after, will The connecting pin is added in accesses control list.
Optionally, described the connecting pin is added to accesses control list to include:
The MAC Address of the connecting pin is read, and the MAC Address is added in the accesses control list.
Optionally, the waveform of the detection radiofrequency signal includes:Detect the power of the radiofrequency signal;
It is described when the waveform of the radiofrequency signal and when preset flood attack Waveform Matching, judge that the connecting pin is to attack Source is hit, including:When the power of the wireless data signal is more than predetermined power, and the duration is more than preset time, judgement The connecting pin is attack source.
Optionally, the power of the detection radiofrequency signal includes:
Electric current is generated after reading the radiofrequency signal detection;
Using performance number corresponding with the current value of the electric current as the power of the radiofrequency signal.
In order to solve the above technical problems, the embodiment of the invention also discloses a kind of wireless network secure control device, Including:
Receiving unit is suitable for receiving the radiofrequency signal that connecting pin is sent;
Detection unit is adapted to detect for the waveform of the radiofrequency signal;
Matching unit, suitable for matching the waveform of the radiofrequency signal with preset flood attack waveform;
Judging unit, suitable for when the waveform of the radiofrequency signal matches with preset flood attack waveform, judging institute It is attack source to state connecting pin.
Optionally, wireless network secure control device further includes:Control unit is suitable for when the judgement connecting pin being attack Behind source, the connecting pin is added in accesses control list.
Optionally, described control unit, is suitable for reading the MAC Address of the connecting pin, and the MAC Address is added to In the accesses control list.
Optionally, the detection unit is adapted to detect for the power of the radiofrequency signal;
The matching unit is suitable for being more than predetermined power when the power of the wireless data signal, and the duration is more than When preset time, judge the connecting pin for attack source.
Optionally, the detection unit, suitable for generating electric current after reading the radiofrequency signal detection;By with the electric current Power of the corresponding performance number of current value as the radiofrequency signal.
In order to solve the above technical problems, the embodiment of the invention also discloses a kind of wireless router, including it is above-mentioned Wireless network secure control device.
Compared with prior art, the technical solution of the embodiment of the present invention has the following advantages:
Monitor the radiofrequency signal that opposite end is sent, by detecting the waveform of the radiofrequency signal, and with attacking when flood attack Waveform is hit to be matched.If matching degree is high, the connecting pin is judged for attack source, due to need not be to the radio frequency that receives Signal is decoded processing, but directly reads waveform signal by physical layer equipment, therefore the speed detected is faster, to flooding Aggressive reaction is also more sensitive, so as to effectively guard against this flood attack.
Description of the drawings
Fig. 1 is a kind of flow chart of wireless network secure control method in the embodiment of the present invention;
Fig. 2 is a kind of structural schematic diagram of wireless network secure control device in the embodiment of the present invention.
Specific implementation mode
Currently, in the attack of WLAN, Denial of Service attack is a kind of common and be easy to cause serious The attack of destruction.For example, ARP attacks are to carry out ARP deceptions by forging IP address and MAC Address by attacker, and hold It is continuous constantly to send out respond request, to generate a large amount of ARP traffics, serious consumption of network resources and equipment money in a network Source.For another example, ICMP orders can be used for detect network it is whether unobstructed, by constantly sending ICMP data packets, to WLAN into Row bombs, and causes network slow or even equipment paralysis.Existing wireless router may be implemented wireless signal transmission-receiving function and Data forwarding function, however above-mentioned Denial of Service attack can not be effectively taken precautions against, to which the network security to LAN causes Hidden danger.
The radiofrequency signal that the embodiment of the present invention is sent by monitoring opposite end, detects the waveform of the radiofrequency signal, and with flood Attack waveform when general attack is matched.If matching degree is high, the connecting pin is judged for attack source, due to not needing pair The radiofrequency signal received is decoded processing, but reads waveform signal by physical layer equipment, therefore the speed detected is more Soon, also more sensitive is reacted to flood attack, so as to effectively guard against this flood attack.
To make the above purposes, features and advantages of the invention more obvious and understandable, below in conjunction with the accompanying drawings to the present invention Specific embodiment be described in detail.
The embodiment of the invention discloses a kind of wireless network secure control methods.The wireless network secure control method can With suitable for various WLAN devices, such as wireless router, wireless AC etc., to be supervised in real time to network condition Control, takes precautions against possible network flood attack.
As shown in Figure 1, the wireless network secure control method may include steps of:
Step S101 receives the radiofrequency signal that connecting pin is sent.
The connecting pin is to have established the access point (Access being wirelessly connected with above-mentioned WLAN devices Point, AP) or other WLANs accessible equipment.
It in specific implementation, can be by being arranged in WLAN devices interface, such as universal serial bus Radio-frequency antenna in the bus interface such as (Universal Serial Bus, USB) interface receives the radio frequency that the connecting pin is sent Signal.
Step S102 detects the waveform of the radiofrequency signal.
In specific implementation, its waveform can be detected by measuring the power of the radiofrequency signal.
In above-mentioned specific implementation, the power measurement method of the radio-frequency power can also be by measuring corresponding generate Current value detect its power, i.e., by generating electric current after reading the radiofrequency signal detection, obtain the corresponding size of current Radio-frequency power.
Step S103, judges whether the waveform of the radiofrequency signal matches with preset flood attack waveform.
It in specific implementation, can be by detecting the magnitude relationship between the radio-frequency power and predetermined power, to judge Whether the waveform of the radiofrequency signal matches with preset flood attack waveform.Specifically, when the wireless data signal Power be more than predetermined power, and the duration be more than preset time when, judgement both matching.
When judging the waveform of the radiofrequency signal with preset flood attack Waveform Matching, step S104 is executed, otherwise Return to step S101 is persistently monitored the connection end equipment.
Step S104 judges the connecting pin for attack source.
In the transmission of wireless signal, the bit data actually sent is modulated onto on the radio carrier of certain waveform Come what is be transmitted.When flood attack is initiated in the connecting pin of WLAN devices, respective stream of data feature can be in its carrier wave It is shown on waveform.For example, continuously for a long time, radio signal is sent with the carrier format of higher-wattage.So if There is this situation, i.e., when the waveform of the described radiofrequency signal matches with preset flood attack waveform, it is possible to determine that the company It connects end and initiates flood attack, be network attack end.
The connecting pin is added in accesses control list by step S105.
In specific implementation, the described connecting pin is added in accesses control list may include:Read the company The source MAC in the data frame that end is sent is connect, and the MAC Address is added in the accesses control list, rejects institute The data information for stating connecting pin transmission plays the role of taking precautions against flood attack to realize the shielding to the connecting pin.
The embodiment of the present invention by monitor network access equipment physical layer state, such as its wireless network card signal transmitted Waveform and power detect Network Abnormal, to judge whether the network access equipment is to continuously transmit flood message, protect The safety of wireless network is demonstrate,proved.Due to the embodiment of the present invention radiofrequency signal received need not be decoded or other operation It can be monitored and differentiate, therefore is fast for the reaction speed of flood attack.
The embodiment of the invention also discloses a kind of wireless network secure control devices corresponding with embodiment illustrated in fig. 1. Likewise, the wireless network secure control device can be set in various WLAN devices, such as wireless router, nothing Line AC etc..As shown in Fig. 2, the wireless network secure control device 20 may include:
Receiving unit 201 is suitable for receiving the radiofrequency signal that connecting pin is sent.
Detection unit 202 is adapted to detect for the waveform of the radiofrequency signal.
Matching unit 203, suitable for matching the waveform of the radiofrequency signal with preset flood attack waveform.
Judging unit 204, suitable for when the waveform of the radiofrequency signal matches with preset flood attack waveform, judging The connecting pin is attack source.
The connecting pin is to have established the access point (Access being wirelessly connected with above-mentioned WLAN devices Point, AP) or other WLANs accessible equipment.In specific implementation, the receiving unit 201 can pass through control It sets up and sets the radio frequency letter that the radio-frequency antenna on WLAN devices USB interface or PCIE interfaces receives the connecting pin transmission Number.
In specific implementation, the detection unit 202 can detect its wave by measuring the power of the radiofrequency signal Shape.
In above-mentioned specific implementation, the power measurement method of the radio-frequency power can also be the detection unit 202 Its power is detected by measuring the corresponding current value generated, i.e., by generating electric current after reading the radiofrequency signal detection, is obtained The radio-frequency power of the corresponding size of current.
The detection unit 202 is suitable for the power of the radiofrequency signal being converted to thermal energy;Measure the thermal energy, and by institute State power of the corresponding performance number of thermal energy as the radiofrequency signal.
In specific implementation, the matching unit 203 can be by detecting between the radio-frequency power and predetermined power Magnitude relationship, to judge whether the waveform of the radiofrequency signal matches with preset flood attack waveform.Specifically, when described The power of wireless data signal be more than predetermined power, and the duration be more than preset time when, judgement both matching.
In specific implementation, the wireless network secure control device can also include:Control unit 204 is sentenced suitable for working as The connecting pin is determined for behind attack source, the connecting pin is added in accesses control list.Specifically, described control unit It can be the source MAC read in the data frame that the connecting pin is sent, and the MAC Address is added to the access and is controlled In list processed, the data information that the connecting pin is sent is rejected, to realize the shielding to the connecting pin, plays strick precaution flooding The effect of attack.
Based on above-mentioned wireless network secure control device, the embodiment of the invention also discloses a kind of wireless routers.Its In, including above-mentioned wireless network secure control device.
One of ordinary skill in the art will appreciate that all or part of step in the various methods of above-described embodiment is can It is completed with instructing relevant hardware by program, which can be stored in a computer readable storage medium, storage Medium may include:ROM, RAM, disk or CD etc..
Although present disclosure is as above, present invention is not limited to this.Any those skilled in the art are not departing from this It in the spirit and scope of invention, can make various changes or modifications, therefore protection scope of the present invention should be with claim institute Subject to the range of restriction.

Claims (12)

1. a kind of wireless network secure control method, which is characterized in that including:
Receive the radiofrequency signal that connecting pin is sent;
Detect the waveform of the radiofrequency signal;
When the waveform of the radiofrequency signal and preset flood attack waveform match, judge the connecting pin for attack source.
2. wireless network secure control method as described in claim 1, which is characterized in that further include:When the judgement connection It holds as behind attack source, the connecting pin is added in accesses control list.
3. wireless network secure control method as claimed in claim 2, which is characterized in that described to be added to the connecting pin Accesses control list includes:
The MAC Address of the connecting pin is read, and the MAC Address is added in the accesses control list.
4. wireless network secure control method as described in claim 1, which is characterized in that
The waveform of the detection radiofrequency signal includes:Detect the power of the radiofrequency signal;
It is described when the waveform of the radiofrequency signal and when preset flood attack Waveform Matching, judge the connecting pin for attack Source, including:When the power of the wireless data signal is more than predetermined power, and the duration is more than preset time, institute is judged It is attack source to state connecting pin.
5. wireless network secure control method as claimed in claim 4, which is characterized in that the detection radiofrequency signal Power includes:
Electric current is generated after reading the radiofrequency signal detection;
Using performance number corresponding with the current value of the electric current as the power of the radiofrequency signal.
6. a kind of wireless network secure control device, which is characterized in that including:
Receiving unit is suitable for receiving the radiofrequency signal that connecting pin is sent;
Detection unit is adapted to detect for the waveform of the radiofrequency signal;
Matching unit, suitable for matching the waveform of the radiofrequency signal with preset flood attack waveform;
Judging unit, suitable for when the waveform of the radiofrequency signal matches with preset flood attack waveform, judging the company It is attack source to connect end.
7. wireless network secure control device as claimed in claim 6, which is characterized in that further include:Control unit, suitable for working as After judging the connecting pin for attack source, the connecting pin is added in accesses control list.
8. wireless network secure control device as claimed in claim 7, which is characterized in that described control unit is suitable for reading The MAC Address of the connecting pin, and the MAC Address is added in the accesses control list.
9. wireless network secure control device as claimed in claim 8, which is characterized in that
The detection unit is adapted to detect for the power of the radiofrequency signal;
The matching unit is suitable for being more than predetermined power when the power of the wireless data signal, and the duration is more than default When the time, judge the connecting pin for attack source.
10. wireless network secure control device as claimed in claim 9, which is characterized in that the detection unit is suitable for institute The power for stating radiofrequency signal is converted to thermal energy;The thermal energy is measured, and using the corresponding performance number of the thermal energy as the radio frequency The power of signal.
11. wireless network secure control device as claimed in claim 9, which is characterized in that the detection unit is suitable for reading Electric current is generated after the radiofrequency signal detection;Using performance number corresponding with the current value of the electric current as the radiofrequency signal Power.
12. a kind of wireless router, which is characterized in that including such as claim 6-11 any one of them wireless network secure control Device processed.
CN201510434506.8A 2015-07-22 2015-07-22 Wireless network secure control method, device and wireless router Active CN105119908B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510434506.8A CN105119908B (en) 2015-07-22 2015-07-22 Wireless network secure control method, device and wireless router

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510434506.8A CN105119908B (en) 2015-07-22 2015-07-22 Wireless network secure control method, device and wireless router

Publications (2)

Publication Number Publication Date
CN105119908A CN105119908A (en) 2015-12-02
CN105119908B true CN105119908B (en) 2018-07-27

Family

ID=54667796

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510434506.8A Active CN105119908B (en) 2015-07-22 2015-07-22 Wireless network secure control method, device and wireless router

Country Status (1)

Country Link
CN (1) CN105119908B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106161241B (en) * 2016-08-25 2019-02-15 北京科技大学 A kind of detection method of wireless sensor network routing layer low speed flood attack
CN112073419B (en) * 2020-09-11 2022-10-04 深圳市吉祥腾达科技有限公司 Network solution attack defense reliability test system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101202742A (en) * 2006-12-13 2008-06-18 中兴通讯股份有限公司 Method and system for preventing refusal service attack
CN101621425A (en) * 2009-05-21 2010-01-06 北京邮电大学 Method and device for detecting low-speed denial of service attack
CN102036248A (en) * 2010-12-23 2011-04-27 北京星网锐捷网络技术有限公司 Method and system for defending denial of service attack, wireless access point and wireless controller

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8018883B2 (en) * 2007-03-26 2011-09-13 Cisco Technology, Inc. Wireless transmitter identity validation in a wireless network

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101202742A (en) * 2006-12-13 2008-06-18 中兴通讯股份有限公司 Method and system for preventing refusal service attack
CN101621425A (en) * 2009-05-21 2010-01-06 北京邮电大学 Method and device for detecting low-speed denial of service attack
CN102036248A (en) * 2010-12-23 2011-04-27 北京星网锐捷网络技术有限公司 Method and system for defending denial of service attack, wireless access point and wireless controller

Also Published As

Publication number Publication date
CN105119908A (en) 2015-12-02

Similar Documents

Publication Publication Date Title
US11102233B2 (en) Detection of vulnerable devices in wireless networks
US7216365B2 (en) Automated sniffer apparatus and method for wireless local area network security
US7339914B2 (en) Automated sniffer apparatus and method for monitoring computer systems for unauthorized access
JP6001689B2 (en) Log analysis apparatus, information processing method, and program
US9398039B2 (en) Apparatus, system and method for suppressing erroneous reporting of attacks on a wireless network
US7971253B1 (en) Method and system for detecting address rotation and related events in communication networks
US9730075B1 (en) Systems and methods for detecting illegitimate devices on wireless networks
WO2016086763A1 (en) Wireless access node detecting method, wireless network detecting system and server
CN104486765A (en) Wireless intrusion detecting system and detecting method
JP6435695B2 (en) Controller and its attacker detection method
CN104424438B (en) A kind of antivirus file detection method, device and the network equipment
EP1542406B1 (en) Mechanism for detection of attacks based on impersonation in a wireless network
US20240154995A1 (en) Detection of vulnerable wireless networks
CN105119908B (en) Wireless network secure control method, device and wireless router
CN106878992B (en) Wireless network security detection method and system
Gvozdenovic et al. Truncate after preamble: PHY-based starvation attacks on IoT networks
Basan et al. Analysis of the impact of denial of service attacks on the group of robots
Feng et al. Snort improvement on profinet RT for industrial control system intrusion detection
Alajlan Multi-Step Detection of Simplex and Duplex Wormhole Attacks over Wireless Sensor Networks.
Alotaibi et al. A passive fingerprint technique to detect fake access points
CN106453343A (en) An IOT safety evaluation method
Kulesza et al. Wireless intrusion detection through preamble manipulation
Vartak et al. An experimental evaluation of over-the-air (ota) wireless intrusion prevention techniques
Kaur Advances in intrusion detection system for WLAN
Aziz et al. IoT Performance and Security Analysis Based on WiFi Systems

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant