CN106131849A - The detection of a kind of rogue AP in wireless network and blocking-up method - Google Patents
The detection of a kind of rogue AP in wireless network and blocking-up method Download PDFInfo
- Publication number
- CN106131849A CN106131849A CN201610463802.5A CN201610463802A CN106131849A CN 106131849 A CN106131849 A CN 106131849A CN 201610463802 A CN201610463802 A CN 201610463802A CN 106131849 A CN106131849 A CN 106131849A
- Authority
- CN
- China
- Prior art keywords
- rogue
- message
- beacon frame
- blocking
- probe response
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
Abstract
The invention discloses detection and the blocking-up method of a kind of rogue AP in wireless network, including such as step: S1, search for and capture beacon frame and the association message of periphery AP by WIFI hot spot equipment;S2, the message after capture is resolved, whether be simultaneously rogue AP according to respective algorithms coupling, after being defined as rogue AP, it sent corresponding message and blocks.The present invention, by capturing message, analyzes message, sends blocking-up message, thus realizes the detection to rogue AP and blocking-up.
Description
Technical field
The present invention relates to the Network Communicate Security technical field of Netcom's equipment, be specifically related to a kind of illegal in wireless network
The detection of AP and blocking-up method.
Background technology
In recent years, along with WiFi popularizing on the equipment such as mobile phone, Pad, PC, to work and the life band of people
Carry out more facility, but wireless network secure problem has occurred the most therewith.Increasing is carry on these mobile terminals
The information of the aspects such as people lives, entertains, work, wherein comprises substantial amounts of individual privacy even trade secret information, these information
Importance self-evident.Connect owing to the information of mobile terminal the most all be unable to do without wireless network alternately, and wireless signal is
Being ubiquitous in air, people naturally can produce such worry: whether my privacy can fly here along with wireless signal
Fly to?Wireless network secure this how to ensure?The privacy leakage that the most wireless illegal fishing is caused is be often mentioned
Individual topic, allows people talk " wireless " complexion changed, and illegal personage, by the way of one rogue AP of structure, intercepts your significant data,
Owing to you are the rogue AP online using illegal personage, illegal personage can control the webpage that you are to be logged in, and entrance is in fact
Being the fishing website of juridical-person scholar forgery, illegal personage can also force you to access fishing website in addition.By this method, non-
Method personage can gain the individual privacy information of user, even Net silver, Alipay account and password by cheating.The most wireless illegal
Hazardness is great.
If it is contemplated that a kind of detection and blocking-up method, providing relevant art for security department, providing the user safety and relaxing
Suitable online environment.But the most also there is no this method.
Summary of the invention
For solving the problems referred to above, the invention provides detection and the blocking-up method of a kind of rogue AP in wireless network, logical
Cross the sniff to periphery air message with resolving, therefrom find the information of illegal AP, thus realize the blocking-up to this rogue AP.
For achieving the above object, the technical scheme that the present invention takes is:
The detection of a kind of rogue AP in wireless network and blocking-up method, including such as step:
S1, search for and capture beacon frame and the association message of periphery AP by WIFI hot spot equipment;
S2, the message after capture is resolved, whether be simultaneously rogue AP according to respective algorithms coupling, be defined as rogue AP
After, it is sent corresponding message and blocks.
Concrete, comprise the following steps:
Step one, by the WIFI hot spot equipment search Beacon frame of periphery AP and Probe Response frame;
Step 2, the Beacon frame received or Probe Response frame being carried out algorithmic match, specific algorithm is:
(1) whether the vendor specific field the 5th in the beacon frame that receives and Probe Response frame is judged
It is 01;
(2) bssid and ssid in the beacon frame that receives and Probe Response frame message, and wireless encryption are judged
Mode whether with as oneself, if vendor specific field the 5th is not 01, and bssid and ssid, Yi Jiwu
Line cipher mode all with as oneself, then be judged to rogue AP.
Step 3, the data communication detected between certain client and rogue AP
Step 4, one this client of forgery are sent to the Deauthentication frame of rogue AP, and issue rogue AP, block visitor
Family end and the connection of rogue AP.
Wherein, the present invention is applicable not only to WLAN hot spot equipment, applies also for particular device.As: net peace audit device, visit
Measurement equipment, attack-prevention-device.
The method have the advantages that
By capturing message, analyze message, send blocking-up message, thus realize the detection to rogue AP and blocking-up.
Accompanying drawing explanation
Fig. 1 is a kind of detection of rogue AP and flow chart of blocking-up method in wireless network of the embodiment of the present invention.
Fig. 2 is a kind of detection of rogue AP and device interior tool in blocking-up method in wireless network of the embodiment of the present invention
Body flow chart.
Fig. 3 is a kind of detection of rogue AP and message mechanism flow chart in blocking-up method in wireless network of the present invention.
Detailed description of the invention
In order to make objects and advantages of the present invention clearer, below in conjunction with embodiment, the present invention is carried out the most in detail
Explanation.Should be appreciated that specific embodiment described herein, only in order to explain the present invention, is not intended to limit the present invention.
As it is shown in figure 1, embodiments provide detection and the blocking-up method of a kind of rogue AP in wireless network, bag
Include such as step:
S1, search for and capture beacon frame and the association message of periphery AP by WIFI hot spot equipment;
S2, the message after capture is resolved, whether be simultaneously rogue AP according to respective algorithms coupling, be defined as rogue AP
After, it is sent corresponding message and blocks.
As described in Fig. 2-Fig. 3, comprise the following steps:
Step one, by the WIFI hot spot equipment search Beacon frame of periphery AP and Probe Response frame;
Step 2, the Beacon frame received or Probe Response frame being carried out algorithmic match, specific algorithm is:
(1) whether the vendor specific field the 5th in the beacon frame that receives and Probe Response frame is judged
It is 01;
(2) bssid and ssid in the beacon frame that receives and Probe Response frame message, and wireless encryption are judged
Mode whether with as oneself, if vendor specific field the 5th is not 01, and bssid and ssid, Yi Jiwu
Line cipher mode all with as oneself, then be judged to rogue AP.
Step 3, the data communication detected between certain client and rogue AP
Step 4, one this client of forgery are sent to the Deauthentication frame of rogue AP, and issue rogue AP, block visitor
Family end and the connection of rogue AP.
Embodiment 1
Step one, the Beacon frame being pacified audit device search periphery AP by net and Probe Response frame;
Step 2, the Beacon frame received or Probe Response frame being carried out algorithmic match, specific algorithm is:
(1) whether the vendor specific field the 5th in the beacon frame that receives and Probe Response frame is judged
It is 01;
(2) bssid and ssid in the beacon frame that receives and Probe Response frame message, and wireless encryption are judged
Mode whether with as oneself, if vendor specific field the 5th is not 01, and bssid and ssid, Yi Jiwu
Line cipher mode all with as oneself, then be judged to rogue AP.
Step 3, the data communication detected between certain client and rogue AP
Step 4, one this client of forgery are sent to the Deauthentication frame of rogue AP, and issue rogue AP, block visitor
Family end and the connection of rogue AP.
Embodiment 2
Step one, by the detecting devices search Beacon frame of periphery AP and Probe Response frame;
Step 2, the Beacon frame received or Probe Response frame being carried out algorithmic match, specific algorithm is:
(1) whether the vendor specific field the 5th in the beacon frame that receives and Probe Response frame is judged
It is 01;
(2) bssid and ssid in the beacon frame that receives and Probe Response frame message, and wireless encryption are judged
Mode whether with as oneself, if vendor specific field the 5th is not 01, and bssid and ssid, Yi Jiwu
Line cipher mode all with as oneself, then be judged to rogue AP.
Step 3, the data communication detected between certain client and rogue AP
Step 4, one this client of forgery are sent to the Deauthentication frame of rogue AP, and issue rogue AP, block visitor
Family end and the connection of rogue AP.
Embodiment 3
Step one, by the attack-prevention-device search Beacon frame of periphery AP and Probe Response frame;
Step 2, the Beacon frame received or Probe Response frame being carried out algorithmic match, specific algorithm is:
(1) whether the vendor specific field the 5th in the beacon frame that receives and Probe Response frame is judged
It is 01;(2) bssid and ssid in the beacon frame that receives and Probe Response frame message, and wireless encryption are judged
Mode whether with as oneself, if vendor specific field the 5th is not 01, and bssid and ssid, Yi Jiwu
Line cipher mode all with as oneself, then be judged to rogue AP.
Step 3, the data communication detected between certain client and rogue AP
Step 4, one this client of forgery are sent to the Deauthentication frame of rogue AP, and issue rogue AP, block visitor
Family end and the connection of rogue AP.
The above is only the preferred embodiment of the present invention, it is noted that for the ordinary skill people of the art
For Yuan, under the premise without departing from the principles of the invention, it is also possible to make some improvements and modifications, these improvements and modifications also should
It is considered as protection scope of the present invention.
Claims (2)
1. the detection being used for rogue AP in wireless network and blocking-up method, it is characterised in that include such as step:
S1, search for and capture beacon frame and the association message of periphery AP by WIFI hot spot equipment;
S2, the message after capture is resolved, whether be simultaneously rogue AP according to respective algorithms coupling, be defined as rogue AP
After, it is sent corresponding message and blocks.
The detection of rogue AP the most according to claim 1 and blocking-up method, it is characterised in that comprise the following steps:
Step one, by the WIFI hot spot equipment search Beacon frame of periphery AP and Probe Response frame;
Step 2, the Beacon frame received or Probe Response frame being carried out algorithmic match, specific algorithm is:
(1) whether the vendor specific field the 5th in the beacon frame that receives and Probe Response frame is judged
It is 01;
(2) bssid and ssid in the beacon frame that receives and Probe Response frame message, and wireless encryption side are judged
Formula whether with as oneself, if vendor specific field the 5th is not 01, and bssid and ssid and wireless
Cipher mode all with as oneself, then be judged to rogue AP.
Step 3, the data communication detected between certain client and rogue AP
Step 4, one this client of forgery are sent to the Deauthentication frame of rogue AP, and issue rogue AP, block visitor
Family end and the connection of rogue AP.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610463802.5A CN106131849A (en) | 2016-06-23 | 2016-06-23 | The detection of a kind of rogue AP in wireless network and blocking-up method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610463802.5A CN106131849A (en) | 2016-06-23 | 2016-06-23 | The detection of a kind of rogue AP in wireless network and blocking-up method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106131849A true CN106131849A (en) | 2016-11-16 |
Family
ID=57268085
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610463802.5A Pending CN106131849A (en) | 2016-06-23 | 2016-06-23 | The detection of a kind of rogue AP in wireless network and blocking-up method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106131849A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106921460A (en) * | 2017-02-23 | 2017-07-04 | 武汉虹旭信息技术有限责任公司 | Signal shielding system and method based on wireless network |
| CN108134996A (en) * | 2017-12-22 | 2018-06-08 | 成都飞鱼星科技股份有限公司 | A kind of detection of illegal wireless access point and blocking-up method |
| CN108173978A (en) * | 2017-11-23 | 2018-06-15 | 浙江大学 | Unmanned plane detection method based on smart machine parsing Wi-Fi MAC Address |
| CN108696482A (en) * | 2017-04-07 | 2018-10-23 | 武汉安天信息技术有限责任公司 | A kind of method and device blocking Wi-Fi malicious attacks |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102014378A (en) * | 2010-11-29 | 2011-04-13 | 北京星网锐捷网络技术有限公司 | Method and system for detecting rogue access point device and access point device |
| CN105430651A (en) * | 2015-11-02 | 2016-03-23 | 上海斐讯数据通信技术有限公司 | Method and system used for detecting illegal wireless access points |
| CN105657713A (en) * | 2016-03-25 | 2016-06-08 | 珠海网博信息科技股份有限公司 | False-AP detecting and blocking method, wireless device and router |
-
2016
- 2016-06-23 CN CN201610463802.5A patent/CN106131849A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102014378A (en) * | 2010-11-29 | 2011-04-13 | 北京星网锐捷网络技术有限公司 | Method and system for detecting rogue access point device and access point device |
| CN105430651A (en) * | 2015-11-02 | 2016-03-23 | 上海斐讯数据通信技术有限公司 | Method and system used for detecting illegal wireless access points |
| CN105657713A (en) * | 2016-03-25 | 2016-06-08 | 珠海网博信息科技股份有限公司 | False-AP detecting and blocking method, wireless device and router |
Non-Patent Citations (1)
| Title |
|---|
| 崔鹏: "简析BYOD时代的wi-fi信息泄露风险", 《保密科学技术》 * |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106921460A (en) * | 2017-02-23 | 2017-07-04 | 武汉虹旭信息技术有限责任公司 | Signal shielding system and method based on wireless network |
| CN108696482A (en) * | 2017-04-07 | 2018-10-23 | 武汉安天信息技术有限责任公司 | A kind of method and device blocking Wi-Fi malicious attacks |
| CN108173978A (en) * | 2017-11-23 | 2018-06-15 | 浙江大学 | Unmanned plane detection method based on smart machine parsing Wi-Fi MAC Address |
| CN108134996A (en) * | 2017-12-22 | 2018-06-08 | 成都飞鱼星科技股份有限公司 | A kind of detection of illegal wireless access point and blocking-up method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP5454574B2 (en) | Communication apparatus and secret information sharing method | |
| CN106131849A (en) | The detection of a kind of rogue AP in wireless network and blocking-up method | |
| CN107197456B (en) | Detection method and detection device for identifying pseudo AP (access point) based on client | |
| WO2014113073A1 (en) | Device-to-device discovery with direct radio signals | |
| JP2016519451A5 (en) | ||
| CN110069229B (en) | Screen sharing method, mobile terminal and computer readable storage medium | |
| CN103763695B (en) | Method for evaluating safety of internet of things | |
| TWM483988U (en) | Integrated bluetooth and NFC with image transmission that access control system | |
| KR20190087206A (en) | An electronic device providing call continuity in a weak signal environment and control method thereof | |
| US10111095B2 (en) | Caching a pairwise master key for dropped wireless local area network (WLAN) connections to prevent re-authentication | |
| CN105915336A (en) | Object cooperative decryption method and device thereof | |
| Abedi et al. | WiFi Says" Hi!" Back to Strangers! | |
| Beyer et al. | Pattern-of-life modeling in smart homes | |
| CN107734528A (en) | Wireless network detection method, device, storage medium and terminal | |
| US20120315886A1 (en) | Method and communication device for assisting mobile data offloading and mobile device | |
| KR101764127B1 (en) | The smart water leakage prevention system processed remote control and the way to make | |
| Tchakounté et al. | Recognizing illegitimate access points based on static features: A case study in a campus WiFi network | |
| CN106937289B (en) | Network access method and electronic equipment | |
| JP7459548B2 (en) | Number of people estimation system, number of people estimation device, number of people estimation method, and number of people estimation program | |
| CN106358182A (en) | Communication method and communication equipment | |
| WO2014030105A3 (en) | Wireless communication system and method | |
| JP6318640B2 (en) | Wireless connection apparatus, method for controlling wireless connection apparatus, and network system | |
| Nazerian et al. | Passive iot device fingerprinting using wifi | |
| Patrikakis et al. | A method for measuring urban space density of people and deliver notification, with respect to privacy | |
| CN109672759A (en) | The MAC Address detection method of WiFi equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20161116 |
|
| RJ01 | Rejection of invention patent application after publication |