CN106376003A - Method and device for detecting wireless local area network connection and wireless local area network data transmission - Google Patents
Method and device for detecting wireless local area network connection and wireless local area network data transmission Download PDFInfo
- Publication number
- CN106376003A CN106376003A CN201510439627.1A CN201510439627A CN106376003A CN 106376003 A CN106376003 A CN 106376003A CN 201510439627 A CN201510439627 A CN 201510439627A CN 106376003 A CN106376003 A CN 106376003A
- Authority
- CN
- China
- Prior art keywords
- data
- address
- terminal
- sent
- mac address
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Abstract
The invention discloses a method and a device for detecting wireless local area network connection and wireless local area network data transmission. The method comprises steps: broadcast information of a wireless access point (AP) is received, wherein the broadcast information comprises an SSID and a BSSID of the AP; building of wireless local area network connection with a first AP is requested; after a terminal builds the wireless local area network connection, a MAC (Medium Access Control) address corresponding to an IP address of the first AP in an ARP (Address Resolution Protocol) cache table of the terminal is acquired, wherein the ARP cache table is generated by the terminal according to a finally-received response message carrying the MAC address; the SSID and the BSSID of the first AP are determined from the broadcast information of the AP; and whether the BSSID of the first AP is consistent with the MAC address corresponding to the IP address is determined, and if not, ARP spoofing is determined to exist in the wireless local area network with which the terminal builds connection currently. The method and the device of the invention are used for detecting whether the network is safe and solving the problem that the user data information is stolen due to the unsafe network.
Description
Technical field
The invention belongs to wireless network secure field is and in particular to detection WLAN connects and wireless local
Network data sending method and its device.
Background technology
In a wireless local area network, the main frame in network can connect outer net by wireless ap, that is, wireless network
Close, the gateway of an acquiescence in a network, can be set under normal circumstances, the main frame in network is sent to local
Whole messages outside net can be sent to default gateway, therefore, main frame in network connect outside network resource it
Front all can first send arp (address resolution protocol, address resolution protocol) request message application
Medium access control (medium access control, the mac) address of default gateway, then default gateway
Beam back the response message carrying itself mac address to main frame, terminal receives ip therein after response message
Address and physical address are stored in the machine arp cache table and retain certain time, directly inquire about during request next time
To economize on resources, normal wireless LAN connects as shown in Figure 1 arp cache table.
It is arp deception that WLAN connects the deception being usually present, and arp deception is the attack that hacker commonly uses
One of means, there is a kind of deception to arp cache table in arp deception, generally this deception can occur in public affairs
Altogether in wireless network environment because this environment flow of the people than larger it is impossible to by binding the other such as arp table
Mode be on the defensive.
When exist in network arp deception viral when, the process that arp virus is cheated is as follows: authorities
When a main frame in the net of domain sends data to outside LAN, a main frame can send broadcast arp request to whole network
Message, to apply for the mac address of gateway.When gateway receives arp request message, an arp can be replied
Response message is to a main frame.The main frame now carrying arp virus also can reply a false arp response
Message is to a main frame, and generally false arp response message can postpone than the arp response message of gateway
For a period of time or multiple several.So, a main frame will learn the mac address to wrong gateway, that is,
Carry the mac address of the main frame of arp virus, the follow-up message sending of a main frame can arrive da virus main frame,
So that the suspension of a main frame or data import viral main frame so that internet security is poor in LAN,
User data information is stolen, and therefore needs a kind of method of attachment of detection WLAN badly and is used for detecting network
Safety and WLAN data transmission method for uplink are used for guaranteeing the data safety in transmit process.
Content of the invention
The embodiment of the present invention provide a kind of detection WLAN to connect and WLAN data transmission method for uplink and
Its device, for detecting whether safety leads to user data information stolen with solution because network is dangerous to network
The problem taking.
The embodiment of the present invention includes a kind of method that detection WLAN connects, and the method includes: receives no
The broadcast message of line access point apparatus ap, described broadcast message include ap service set ssid and
Basic Service Set Identification bssid;Request is set up WLAN with an ap and is connected;Set up wireless in terminal
After LAN connects, obtain the ip address of an ap in the address resolution protocol arp cache table of described terminal
Corresponding medium access control mac address, described arp cache table is that terminal carries according to last received
The response message of mac address generates;Determine from the broadcast of ap a described ap ssid and
bssid;Determine whether the bssid of a described ap is consistent with the corresponding mac address in described ip address,
If inconsistent, determine described terminal currently set up connection WLAN exist arp deception.
Cheat the problem how carrying out Initiative Defense in view of detecting the presence of arp, the embodiment of the present invention also carries
For a kind of data transmission method for uplink of WLAN, the method includes: is sent to after data encryption to be sent
Microsoft Loopback Adapter, described data to be sent is to need to transmit to the webserver through wireless access point device ap
Data;The destination address of the data to be sent after described Microsoft Loopback Adapter encapsulation encryption is the ip ground of security server
Location, by the data is activation after encapsulation to physical network card;Described physical network card by described encapsulation after data is activation
Give terminal set up connect ap so that described ap by described encryption after data is activation to be sent give described
Security server is decrypted and is sent to the described webserver by described security server after decryption
Based on same inventive concept, the embodiment of the present invention also provides the dress that a kind of detection WLAN connects
Put, comprising: receiver module, for receiving the broadcast message of wireless access point device ap, described broadcast message
Include the ssid and Basic Service Set Identification bssid of ap;Link block, for request and an ap
Set up WLAN to connect;Acquisition module, for, after described terminal sets up WLAN connection, obtaining
Take the ip address corresponding medium access control of an ap in the address resolution protocol arp cache table of described terminal
Mac address processed, described arp cache table is terminal according to the last received response carrying mac address
Message generates;First determining module, for determining the ssid of a described ap from the broadcast of ap
And bssid;Second determining module, the bssid for determining a described ap is corresponding with described ip address
Mac address whether consistent, if inconsistent, determine that the current WLAN connecting of setting up has arp
Deception.In addition the embodiment of the present invention also provides a kind of data sending device of WLAN, comprising: encryption
Module, for being sent to Microsoft Loopback Adapter by after data encryption to be sent, described data to be sent be need through
Wireless access point device ap transmits to the data of the webserver;Package module, for treating after encapsulation encryption
The destination address sending data is the ip address of security server, by the data is activation after encapsulation to physical network card.
Sending module, the data is activation after described encapsulation is given terminal and sets up the ap connecting, so that described ap will
Data is activation to be sent after described encryption is decrypted to described security server and after decryption by described peace
Full server is sent to the described webserver.
The embodiment of the present invention plans to build the bssid of an ap and the terminal of vertical WLAN by detection terminal
Whether the mac address setting up the connection website of WLAN unanimously identifies whether current connection website pacifies
Entirely, another embodiment of the present invention pass through by data encryption to be sent, and via Microsoft Loopback Adapter, physical network card,
Connect ap and the escape way of security server sends to the webserver it is ensured that data is in transmitting procedure
Safety.
Brief description
For the technical scheme being illustrated more clearly that in the embodiment of the present invention, below will be to institute in embodiment description
Need the accompanying drawing using to briefly introduce it should be apparent that, drawings in the following description are only the present invention
Some embodiments, for those of ordinary skill in the art, in the premise not paying creative labor
Under, other accompanying drawings can also be obtained according to these accompanying drawings.
Fig. 1 is the interaction figure of terminal and ap in prior art;
Fig. 2 is that detection WLAN provided in an embodiment of the present invention connects schematic flow sheet;
There is interaction figure when arp cheats for provided in an embodiment of the present invention in Fig. 3;
Fig. 4 is the data transmission method for uplink schematic flow sheet of WLAN provided in an embodiment of the present invention;
Fig. 5 is terminal provided in an embodiment of the present invention and ap, the interaction figure of security server;
Fig. 6 is detection wireless local net connecting device provided in an embodiment of the present invention;
Fig. 7 is the data sending device of WLAN provided in an embodiment of the present invention.
Specific embodiment
In order that the object, technical solutions and advantages of the present invention are clearer, below in conjunction with accompanying drawing to this
Bright be described in further detail it is clear that described embodiment is only present invention some embodiments,
Rather than whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art are not doing
The all other embodiment being obtained under the premise of going out creative work, broadly falls into the scope of protection of the invention.
Wireless ap (access point) is one and comprises very wide title, is generally referred to as accessing wirelessly
Node, session point or access bridger, it not only comprises pure WAP, is similarly no circuit
It is the general designation of the kind equipments such as radio network gateway, wireless bridge by device.Wireless ap access point supports 2.4ghz frequency range
Wireless application, sensitivity meets 802.11n standard, and using two-way radio frequency output, each road maximum is defeated
Go out 600 milliwatts, can be large-scale public by wireless distribution system in large-area regional deployment wireless coverage
The indispensable wireless ap equipment of wireless network is developed in place.
Shown in Figure 2, connect schematic flow sheet, this flow process for the detection WLAN that embodiment provides
May include:
Step s101, the broadcast message of reception ap, described broadcast message includes ssid and bssid of ap.
Step s102, request are set up WLAN with an ap and are connected.
Step s103, terminal set up WLAN connect after, obtain described terminal address resolution protocol
The ip address corresponding medium access control mac address of an ap in arp cache table, described arp delays
Depositing table is that terminal generates according to the last received response message carrying mac address.
Step s104, determine ssid and bssid of a described ap from the broadcast of ap.
Step s105, the bssid mac address corresponding with described ip address determining a described ap are
No consistent, if inconsistent, determine that the current WLAN connecting of setting up has arp deception.
In step s101 and step s102, terminal is set up can be to the nothing of surrounding before WLAN connects
Line local area network signal is scanned, that is, obtains the broadcast message that WLAN sends, and such as mobile phone is beaten
Hold after wifi connects and can automatically scanning all enumerate out by the ssid title of the wifi searching signal, so
User searches for itself ssid to be connected from the signal enumerating out afterwards, and then it is corresponding close to input this ssid
Code establishes a connection, and it is to be connected that the ap in this step namely refers to terminal itself in said process
The corresponding wireless router of ssid.
After terminal sets up WLAN connection, generally will form arp cache table, this arp caches
The in store ip address connecting website and mac address in table.During WLAN connection establishment
May there is arp deception, so this mac address is exactly not necessarily the mac address of an ap.
Further, delayed by the arp that the operating system application programming interfaces api of terminal obtains described terminal
Deposit the ip address corresponding mac address of an ap in table.Connect by the operating system application program of terminal
Mouth api acquisition terminal above- mentioned information has the advantages that easy and simple to handle, because this process only needs to terminal operation
Systematic difference layer interface is supported just can be it is no longer necessary to the support of terminal operating system bottom, it is to avoid bottom
The complicated operations such as layer packet capturing.
At step 104, the ssid and corresponding bssid of an ap are determined from broadcast message, because
What bssid represented is the corresponding mac address of an ap, can be used for determining in this bssid and cache table
Mac address whether consistent, when it is inconsistent for determining result, determine that terminal currently sets up the wireless of connection
There is arp deception in LAN.With regard to determining the ssid and corresponding bssid of an ap from broadcast message,
Can be in a step 102, terminal request and an ap set up in WLAN connection procedure, according to step
Broadcast in rapid 101 determines the ssid and corresponding bssid of an ap and records;Can also be
Extract from the broadcast of periodic broadcast after step 103.
Terminal stores corresponding for described ip address mac address to the blacklist list pre-setting, institute
Stating blacklist list is to whether there is for inquiring about the last received response message carrying mac address of terminal
Deception.Why setting up blacklist list is to set up, with wireless access point device, the process being connected in terminal
In find that current wireless Local Area Network connects with the presence or absence of deception, the response report returning when receiving terminal station point as early as possible
After literary composition is therefrom resolved to mac address, inquires about this mac address from blacklist list and whether there is, such as
Fruit presence so can show that current connection has arp deception at once, omits formation cache table and the step of judgement
Suddenly, improve the efficiency of detection.
Citing scene one below, as shown in figure 3, be specifically described to above-mentioned detection method.
Assume the WLAN ring that this scene covers for " library " in a wireless corresponding ssid of ap
In border, in net, there are three main frames, respectively main frame a, main frame b, main frame c.Main frame c is " library "
Corresponding wireless ap, the details of each main frame are described as follows:
The address of main frame a is: ip:192.168.10.1;mac:aa-aa-aa-aa-aa-aa
The address of main frame b is: ip:192.168.10.2;mac:bb-bb-bb-bb-bb-bb
The address of main frame c is: ip:192.168.10.3;mac:cc-cc-cc-cc-cc-cc
Under normal circumstances, main frame a can send broadcast arp request message to whole network, to apply for main frame c's
Mac address.When main frame c receives arp request message, an arp response message can be replied to a master
Machine, sets up between main frame a and main frame c and is communicated after connecting.But now main frame b sends to main frame a
One arp response oneself forged, the ip address that the response message in this response includes main frame c is
192.168.10.3 with the mac address of main frame b is bb-bb-bb-bb-bb-bb.When main frame a is followed by most
The response message receiving is the arp response that main frame b forges, and will update the arp cache table of main frame a,
At this moment main frame b just disguises oneself as main frame c.Meanwhile, main frame b equally sends an arp to main frame c and answers
Answer, in response bag, the ip address of main frame a is that the mac address of 192.168.10.1 and main frame b is
Bb-bb-bb-bb-bb-bb, when main frame c receives the arp response of main frame b forgery, also can update main frame
The arp cache table of c, at this moment b just disguised oneself as a.So main frame a and c is cheated by main frame b, a
The data of communication all have passed through b and c between.The arp deception that main frame b is constituted to main frame a and main frame c.
In order to detect main frame b, main frame a therefrom parses ip address and mac address after obtaining arp response,
And the broadcast that main frame a acquisition is sent by main frame c, contains bssid, main frame a ratio in broadcast
Whether consistent compared with bssid with mac address, if it find that inconsistent, then it may determine that going out main frame b
It is illegal main frame it is believed that being viral main frame.
In view of the problem of data safety transmitting data in a wireless local area network, the embodiment of the present invention also provides one
Plant the data transmission method for uplink schematic flow sheet of WLAN, as shown in figure 4, this flow process mays include:
Step s201, is sent to Microsoft Loopback Adapter by after data encryption to be sent, and described data to be sent is to need
Transmit through ap to the data of the webserver.
Step s202, the destination address of the data to be sent after described Microsoft Loopback Adapter encapsulation encryption is security service
The ip address of device, by the data is activation after encapsulation to physical network card.
Step s203, the data is activation after described encapsulation is given terminal and sets up connection by described physical network card
Ap, so that the data is activation to be sent after described encryption is decrypted by described ap to described security server
And after decryption the described webserver is sent to by described security server.
Wherein, in execution step s201, the mode of data encryption to be sent is typically held by vpn client
OK, specifically, terminal opens this software input destination vpn server after installing vpn client software
Ip address, the information such as port, the data that terminal sends passes through the process of vpn client by vpn client
End completes to encrypt, and the purpose of do so is first data to be encrypted before data not yet reaches physical network card,
Even if network is dangerous there is arp deception, illegitimate site also cannot parse former after receiving encryption data
The data beginning.
Before execution step s201, terminal needs to be pre-created Microsoft Loopback Adapter and arrange route table items, described
Route table items make described data is activation to be sent to described Microsoft Loopback Adapter and this terminal and described security service
Device is set up VPN (virtual private network) and is connected, and so-called security server refers generally to vpn server.
Before terminal sends connection request to vpn server, terminal first carries out above-mentioned detection WLAN
Method of attachment is step s101 to step s105, so, suggests that terminal when terminal finds that network is dangerous
Execution embodiment of the present invention step s201, to step s203, just can directly be led to when terminal finds network security
Cross ap and connect network so that user is selected according to actual needs, more practical, Consumer's Experience is more preferable.
After terminal sends data by above step to network side, the feedback of network side will be received, because
This also includes the process of terminal receiving data, specifically, the institute that described physical network card reception is forwarded by described ap
State the encryption data of the webserver, described encryption data is to receiving described net by described vpn server
The feedback data of network server is encrypted;Described physical network card sends described encryption data to described virtual
Network interface card;Described Microsoft Loopback Adapter forwards encryption data to the corresponding client of security server to complete to add to described
The deciphering of ciphertext data.
In order to be further described through the process of the data transmission method for uplink of above-mentioned WLAN, it is provided below concrete
Terminal and miscellaneous equipment interaction figure, as shown in Figure 5.
When terminal detects WLAN connection presence and cheats dangerous, terminal creates Microsoft Loopback Adapter, and
Setting route table items, as shown by the solid line in the drawings, the process of wherein terminal transmission data is as follows for data transmit-receive process:
Terminal first passes through security server corresponding client when sending data and is encrypted data to be sent, then
The ip address of security server is loaded in the header in encryption data Microsoft Loopback Adapter, then by encapsulation after number
According to being sent to physical network card, the data is activation after described encapsulation is given terminal and sets up the ap connecting by physical network card,
The data that data is activation to be sent after encrypting will be encrypted by this ap to described security server, security server
It is decrypted and then connects outside network resource, on the contrary, the process of terminal receiving data is: external network
Resource feedbacks data to security server, and warp after the data encryption of feedback is sent to end by security server by ap
End, the Data Concurrent that the physical network card of terminal inner receives after encryption delivers to Microsoft Loopback Adapter, virtual forwarding encryption
Data completes the deciphering to described encryption data to the corresponding client of security server, then client.
Do not exist in the case that deception is network security when terminal detects WLAN and connects, the number of terminal
According to just directly outside network resource being connected by ap.
It can be seen that, terminal can according to circumstances select the different implementation of above two one of, so
Terminal and network side just entirely can be realized with secure communication it is ensured that safety in transmit process for the data
Journey only needs to be previously-completed configuration in end side just permissible, without the cooperation of other hardware such as ap etc., the party
Method realize process facilitate feasible, be easy to business application implement.
Based on identical technology design, the embodiment of the present invention additionally provides detection wireless local net connecting device,
This device can implement the detection WLAN method of attachment flow process of above-described embodiment description.
As shown in fig. 6, this device mays include: receiver module 301, link block 302, acquisition module 303,
First determining module 304, the second determining module 305, wherein:
Receiver module 301, for receiving the broadcast message of ap, described broadcast message includes the ssid of ap
With Basic Service Set Identification bssid;
Link block 302, sets up WLAN for request with an ap and is connected;
Acquisition module 303, for, after described terminal sets up WLAN connection, obtaining the ground of described terminal
The ip address corresponding medium access control mac address of an ap in the analysis protocol arp cache table of location,
Described arp cache table is that terminal generates according to the last received response message carrying mac address;
First determining module 304, for determine from the broadcast of ap a described ap ssid and
bssid;
Second determining module 305, the bssid for determining a described ap is corresponding with described ip address
Whether mac address is consistent, if inconsistent, determines that the current WLAN setting up connection has arp and takes advantage of
Deceive.
Further, acquisition module 303 specifically for: by the operating system application programming interfaces api of terminal
Obtain the ip address corresponding mac address of an ap in the arp cache table of described terminal, do so
Effect is to only need to the Applied layer interface of terminal operating system support just can be it is no longer necessary to terminal operating system
The support of bottom, it is to avoid the complicated operation such as bottom packet capturing, more convenient to operate feasible.
Further, the second determining module 305 specifically for: when determine result be inconsistent when, will be described
Ip address corresponding mac address stores to the blacklist list pre-setting, and described blacklist list is used for
The last received response message carrying mac address of inquiry terminal whether there is deception.Why set up black name
Single-row table is to find currently wireless office as early as possible in order to during setting up and be connected in terminal and wireless access point device
Domain net connects with the presence or absence of deception, because the response message that receiving terminal station point returns, terminal can therefrom solve
Analyse mac address, if having inquired this mac address from blacklist list, then can obtain at once
Go out current connection and there is arp deception, as such, it is possible to simplify the process that detection WLAN connects, raising
The efficiency of detection.
It is based on and transfer approach identical technology design in WLAN, the embodiment of the present invention additionally provides no
The data sending device of line LAN, this device can implement the data of the WLAN of above-described embodiment description
Sending method flow process.
As shown in fig. 7, this device mays include: encrypting module 401, package module 402, sending module 403,
Wherein:
Encrypting module 401, for being sent to Microsoft Loopback Adapter by after data encryption to be sent, described data to be sent
For needing the data transmitted to the webserver through wireless access point device ap;
Package module 402, the destination address of the data to be sent after encrypting for encapsulation is the ip of security server
Address, by the data is activation after encapsulation to physical network card.
Sending module 403, the data is activation after described encapsulation is given terminal and sets up the ap connecting, so that institute
State ap to be decrypted and after decryption the data is activation to be sent after described encryption to described security server
The described webserver is sent to by described security server.
Further, also include: setup module 404, for creating Microsoft Loopback Adapter and arranging route table items, institute
State route table items and make described data is activation to be sent to described Microsoft Loopback Adapter;
Set up link block 405, be connected for setting up VPN (virtual private network) with described vpn server.
Detection module 406, detects current wireless Local Area Network for the method using step s101 to step s105
Connect whether safety, if inconsistent, execute and send connection request to VPN (virtual private network) vpn server, this
Sample, when terminal finds that network suggests that terminal execution embodiment of the present invention step s201 to step when dangerous
S203, just directly can connect network so that user is according to reality by ap when terminal finds network security
Needs are selected, more practical, and Consumer's Experience is more preferable.
After terminal sends data by above step to network side, the feedback of network side will be received, because
This also includes the process of terminal receiving data, and therefore described encrypting module is additionally operable to: receives and is forwarded by described ap
The described webserver encryption data, described encryption data is to receiving by described vpn server
The feedback data stating the webserver is encrypted;Sending module is additionally operable to send to described Microsoft Loopback Adapter
Described encryption data is forwarded to the corresponding client of security server to complete the deciphering to described encryption data.
So terminal and network side just can be with secure communication it is ensured that data be in transmit process by apparatus above
In safety, process of entirely realizing only need to be previously-completed configuration in end side just permissible, hard without other
The cooperation of part such as ap etc., the method is realized process and is facilitated feasible, is easy to business application.
In sum, embodiment of the present invention one side is passed through to detect that WLAN method of attachment identification currently connects
Go to the station to meet somebody a little whether safety, on the other hand safe lane is set up by WLAN data transmission method for uplink so that end
End sends or the data that receives is forwarded it is ensured that safety in transmitting procedure for the data by this safe lane
Property, the method is easy to operate feasible, is easy to business application.
The present invention is with reference to method according to embodiments of the present invention, equipment (system) and computer program
Flow chart and/or block diagram describing.It should be understood that can by computer program instructions flowchart and/
Or each flow process in block diagram and/or the flow process in square frame and flow chart and/or block diagram and/or
The combination of square frame.These computer program instructions can be provided to general purpose computer, special-purpose computer, embedded
The processor of datatron or other programmable data processing device is to produce a machine so that passing through computer
Or the instruction of the computing device of other programmable data processing device produces for realizing in one stream of flow chart
The device of the function of specifying in journey or multiple flow process and/or one square frame of block diagram or multiple square frame.
These computer program instructions may be alternatively stored in and can guide computer or other programmable data processing device
So that being stored in this computer-readable memory in the computer-readable memory working in a specific way
Instruction produces the manufacture including command device, and this command device is realized in one flow process of flow chart or multiple stream
The function of specifying in journey and/or one square frame of block diagram or multiple square frame.
These computer program instructions also can be loaded in computer or other programmable data processing device, makes
Obtain and series of operation steps is executed on computer or other programmable devices to produce computer implemented place
Reason, thus the instruction of execution is provided for realizing in flow chart one on computer or other programmable devices
The step of the function of specifying in flow process or multiple flow process and/or one square frame of block diagram or multiple square frame.
Although preferred embodiments of the present invention have been described, but those skilled in the art once know base
This creative concept, then can make other change and modification to these embodiments.So, appended right will
Ask and be intended to be construed to including preferred embodiment and fall into being had altered and changing of the scope of the invention.
Obviously, those skilled in the art can carry out various changes and modification without deviating from this to the present invention
Bright spirit and scope.So, if the present invention these modification and modification belong to the claims in the present invention and
Within the scope of its equivalent technologies, then the present invention is also intended to comprise these changes and modification.
Claims (14)
1. a kind of method that detection WLAN connects is it is characterised in that the method includes:
Receive the broadcast message of wireless access point device ap, described broadcast message includes the services set mark of ap
Know ssid and Basic Service Set Identification bssid;
Request is set up WLAN with an ap and is connected;
After terminal sets up WLAN connection, obtain the address resolution protocol arp cache table of described terminal
In an ap ip address corresponding medium access control mac address, described arp cache table is terminal
Generated according to the last received response message carrying mac address;
Ssid and bssid of a described ap is determined from the broadcast of ap;
Determine whether the bssid of a described ap is consistent with the corresponding mac address in described ip address, if
Inconsistent, determine described terminal currently set up connection WLAN exist arp deception.
2. the method for claim 1 is it is characterised in that obtain the arp cache table of described terminal
In an ap ip address corresponding mac address, comprising:
Obtained by the operating system application programming interfaces api of terminal first in the arp cache table of described terminal
The ip address corresponding mac address of ap.
3. the method as described in claim as arbitrary in claim 1 to 2 is it is characterised in that also include:
When it is inconsistent for determining result, corresponding for described ip address mac address is stored to pre-setting
Blacklist list in, described blacklist list be used for inquire about the last received sound carrying mac address of terminal
Message is answered to whether there is deception.
4. a kind of data transmission method for uplink of WLAN is it is characterised in that the method includes:
It is sent to Microsoft Loopback Adapter by after data encryption to be sent, described data to be sent is to need through wirelessly connecing
Enter point device ap to transmit to the data of the webserver;
The destination address of the data to be sent after described Microsoft Loopback Adapter encapsulation encryption is the ip ground of security server
Location, by the data is activation after encapsulation to physical network card;
Data is activation after described encapsulation is given terminal and sets up the ap connecting by described physical network card, so that described
Data is activation to be sent after described encryption is decrypted and after decryption by institute ap to described security server
State security server and be sent to the described webserver.
5. method as claimed in claim 4 is it is characterised in that described security server is Virtual Private Network
Network vpn server;
Described by data is activation to be sent to Microsoft Loopback Adapter before, also include:
Create Microsoft Loopback Adapter and simultaneously route table items be set, described route table items make described data is activation to be sent to
Described Microsoft Loopback Adapter;
Set up VPN (virtual private network) with described vpn server to be connected.
6. method as claimed in claim 4 is it is characterised in that described will send after data encryption to be sent
Before Microsoft Loopback Adapter, comprising:
Receive the broadcast message of wireless access point device ap, described broadcast message includes the services set mark of ap
Know ssid and Basic Service Set Identification bssid;
Request is set up WLAN with an ap and is connected;
After terminal sets up WLAN connection, obtain the address resolution protocol arp cache table of described terminal
In an ap ip address corresponding medium access control mac address, described arp cache table is terminal
Generated according to the last received response message carrying mac address;
Ssid and bssid of a described ap is determined from the broadcast of ap;
Determine whether the bssid of a described ap is consistent with the corresponding mac address in described ip address, if
Inconsistent, then it is sent to Microsoft Loopback Adapter by after data encryption to be sent.
7. method as claimed in claim 4 is it is characterised in that also include:
The encryption data of the described webserver that described physical network card reception is forwarded by described ap, described encryption
Data is by described security server, the feedback data receiving the described webserver to be encrypted;
Described physical network card sends described encryption data to described Microsoft Loopback Adapter;
Described Microsoft Loopback Adapter forwards encryption data to the corresponding client of security server to complete to described encryption
The deciphering of data.
8. the device that a kind of detection WLAN connects is it is characterised in that include:
Receiver module, for receiving the broadcast message of wireless access point device ap, described broadcast message includes
The ssid of ap and Basic Service Set Identification bssid;
Link block, sets up WLAN for request with an ap and is connected;
Acquisition module, for, after described terminal sets up WLAN connection, obtaining the address of described terminal
The ip address corresponding medium access control mac address of an ap, institute in analysis protocol arp cache table
Stating arp cache table is that terminal generates according to the last received response message carrying mac address;
First determining module, for determine from the broadcast of ap a described ap ssid and
bssid;
Second determining module, the mac corresponding with described ip address of the bssid for determining a described ap
Whether address is consistent, if inconsistent, determines that the current WLAN connecting of setting up has arp deception.
9. device as claimed in claim 8 it is characterised in that described acquisition module specifically for:
Obtained by the operating system application programming interfaces api of terminal first in the arp cache table of described terminal
The ip address corresponding mac address of ap.
10. device as claimed in claim 8 it is characterised in that described second determining module specifically for:
When it is inconsistent for determining result, corresponding for described ip address mac address is stored to pre-setting
Blacklist list in, described blacklist list be used for inquire about the last received sound carrying mac address of terminal
Message is answered to whether there is deception.
A kind of 11. data sending devices of WLAN are it is characterised in that include:
Encrypting module, for being sent to Microsoft Loopback Adapter by after data encryption to be sent, described data to be sent is
Need the data transmitted to the webserver through wireless access point device ap;
Package module, the destination address of the data to be sent after encrypting for encapsulation is the ip ground of security server
Location, by the data is activation after encapsulation to physical network card;
Sending module, the data is activation after described encapsulation is given terminal and sets up the ap connecting, so that described
Data is activation to be sent after described encryption is decrypted and after decryption by institute ap to described security server
State security server and be sent to the described webserver.
12. devices as claimed in claim 11 are it is characterised in that described security server is virtual private
Network vpn server, also includes:
Setup module, for creating Microsoft Loopback Adapter and arranging route table items, described route table items make described in treat
Send data is activation to described Microsoft Loopback Adapter;
Set up link block, be connected for setting up VPN (virtual private network) with described vpn server.
13. devices as claimed in claim 11 are it is characterised in that also include:
Detection module, for receiving the broadcast message of wireless access point device ap, described broadcast message includes
The ssid of ap and Basic Service Set Identification bssid;
Request is set up WLAN with an ap and is connected;
After described terminal sets up WLAN connection, address resolution protocol arp obtaining described terminal is delayed
Deposit the ip address corresponding medium access control mac address of an ap in table, described arp cache table is
Terminal generates according to the last received response message carrying mac address;
Ssid and bssid of a described ap is determined from the broadcast of ap;
Determine whether the bssid of a described ap is consistent with the corresponding mac address in described ip address, if
Inconsistent, send after data encryption to be sent to Microsoft Loopback Adapter.
14. devices as claimed in claim 11 are it is characterised in that described encrypting module is additionally operable to: receive
The encryption data of the described webserver being forwarded by described ap, described encryption data is to be taken by described vpn
Business device is encrypted to the feedback data receiving the described webserver;
Sending module is additionally operable to for the described encryption data sending to described Microsoft Loopback Adapter to be forwarded to security server
Corresponding client is to complete the deciphering to described encryption data.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910952811.4A CN111093198B (en) | 2015-07-23 | 2015-07-23 | Wireless local area network data transmission method and device |
| CN201510439627.1A CN106376003B (en) | 2015-07-23 | 2015-07-23 | Detect WLAN connection and WLAN data transmission method for uplink and its device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510439627.1A CN106376003B (en) | 2015-07-23 | 2015-07-23 | Detect WLAN connection and WLAN data transmission method for uplink and its device |
Related Child Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910952811.4A Division CN111093198B (en) | 2015-07-23 | 2015-07-23 | Wireless local area network data transmission method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106376003A true CN106376003A (en) | 2017-02-01 |
| CN106376003B CN106376003B (en) | 2019-11-19 |
Family
ID=57880246
Family Applications (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510439627.1A Active CN106376003B (en) | 2015-07-23 | 2015-07-23 | Detect WLAN connection and WLAN data transmission method for uplink and its device |
| CN201910952811.4A Active CN111093198B (en) | 2015-07-23 | 2015-07-23 | Wireless local area network data transmission method and device |
Family Applications After (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910952811.4A Active CN111093198B (en) | 2015-07-23 | 2015-07-23 | Wireless local area network data transmission method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (2) | CN106376003B (en) |
Cited By (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106714092A (en) * | 2017-02-13 | 2017-05-24 | 惠州Tcl移动通信有限公司 | Mobile terminal-based WIFI data processing method and system |
| CN107508931A (en) * | 2017-09-29 | 2017-12-22 | 广东欧珀移动通信有限公司 | Wireless network communication method, device, storage medium and computer equipment |
| CN108124301A (en) * | 2017-12-29 | 2018-06-05 | 深圳市智搜信息技术有限公司 | A kind of connection method of wireless aps and its system |
| CN108430063A (en) * | 2018-04-13 | 2018-08-21 | 上海连尚网络科技有限公司 | A kind of method and apparatus for monitoring ARP deceptions in WLAN |
| CN108574672A (en) * | 2017-03-10 | 2018-09-25 | 武汉安天信息技术有限责任公司 | The method and device of ARP attack perception applied to mobile terminal |
| CN108768937A (en) * | 2018-04-13 | 2018-11-06 | 上海连尚网络科技有限公司 | A kind of method and apparatus for detecting ARP deceptions in WLAN |
| CN108989173A (en) * | 2018-07-09 | 2018-12-11 | 新华三技术有限公司 | A kind of method and device of message transmissions |
| CN109041101A (en) * | 2018-08-24 | 2018-12-18 | 北京小米移动软件有限公司 | WIFI cutout processing method, terminal, server and storage medium |
| CN109067751A (en) * | 2018-08-14 | 2018-12-21 | 腾讯科技(深圳)有限公司 | ARP cheat detecting method, device and terminal under a kind of non-Root environment |
| CN109428862A (en) * | 2017-08-29 | 2019-03-05 | 武汉安天信息技术有限责任公司 | A kind of method and apparatus detecting ARP attack in local area network |
| CN109962906A (en) * | 2017-12-22 | 2019-07-02 | 诺防网络科技有限公司 | ARP cheats detection system and its method |
| WO2020043098A1 (en) * | 2018-08-29 | 2020-03-05 | 新华三技术有限公司 | Device entry establishment |
| CN110943984A (en) * | 2019-11-25 | 2020-03-31 | 中国联合网络通信集团有限公司 | Asset safety protection method and device |
| CN111093250A (en) * | 2019-12-26 | 2020-05-01 | Oppo(重庆)智能科技有限公司 | Network scanning method, device, terminal and storage medium |
| CN111194019A (en) * | 2018-11-14 | 2020-05-22 | 杭州海康威视数字技术股份有限公司 | Control method and control device for vehicle-mounted equipment |
| CN111885621A (en) * | 2020-07-10 | 2020-11-03 | 深圳创维数字技术有限公司 | Wireless message capturing method, system, terminal and storage medium |
| CN112823491A (en) * | 2018-12-27 | 2021-05-18 | 松下电器(美国)知识产权公司 | Terminal, communication method, and program |
| CN113194445A (en) * | 2021-04-15 | 2021-07-30 | 厦门亿联网络技术股份有限公司 | Connection method and device |
| CN113411809A (en) * | 2021-07-30 | 2021-09-17 | 浙江大华技术股份有限公司 | Method and device for preventing access pseudo AP and AP hijacking |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101110821A (en) * | 2007-09-06 | 2008-01-23 | 华为技术有限公司 | Method and apparatus for preventing ARP address cheating attack |
| CN101605077A (en) * | 2008-06-10 | 2009-12-16 | 上海贝尔阿尔卡特股份有限公司 | A kind of providing by the WiFi network moved method and the device thereof that inserts |
| CN103561449A (en) * | 2013-11-08 | 2014-02-05 | 福建星网锐捷网络有限公司 | Wireless access method and wireless access point |
| US20140269729A1 (en) * | 2011-11-29 | 2014-09-18 | Huawei Technologies Co., Ltd. | Packet forwarding method, apparatus, and system |
| CN104219339A (en) * | 2014-09-17 | 2014-12-17 | 北京金山安全软件有限公司 | Method and device for detecting address resolution protocol attack in local area network |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1852192A (en) * | 2005-10-21 | 2006-10-25 | 华为技术有限公司 | Network identifying method in wireless local network |
| CN101272246B (en) * | 2008-04-09 | 2011-06-01 | 西安西电捷通无线网络通信股份有限公司 | Data safety transmission method and system of virtual network card and physical network card |
| CN104168173B (en) * | 2010-08-20 | 2018-01-16 | 华为技术有限公司 | The method, apparatus and network system of terminal crosses private network and server communication in IMS core net |
| CN102801695B (en) * | 2011-05-27 | 2015-10-14 | 华耀(中国)科技有限公司 | Virtual private network (VPN) communication equipment and data pack transmission method thereof |
| CN102664896A (en) * | 2012-04-28 | 2012-09-12 | 郑州信大捷安信息技术股份有限公司 | Safety network transmission system and method based on hardware encryption |
| CN103052094B (en) * | 2013-01-30 | 2015-05-13 | 公安部第三研究所 | Method for acquiring service set identifier of wireless mobile terminal |
-
2015
- 2015-07-23 CN CN201510439627.1A patent/CN106376003B/en active Active
- 2015-07-23 CN CN201910952811.4A patent/CN111093198B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101110821A (en) * | 2007-09-06 | 2008-01-23 | 华为技术有限公司 | Method and apparatus for preventing ARP address cheating attack |
| CN101605077A (en) * | 2008-06-10 | 2009-12-16 | 上海贝尔阿尔卡特股份有限公司 | A kind of providing by the WiFi network moved method and the device thereof that inserts |
| US20140269729A1 (en) * | 2011-11-29 | 2014-09-18 | Huawei Technologies Co., Ltd. | Packet forwarding method, apparatus, and system |
| CN103561449A (en) * | 2013-11-08 | 2014-02-05 | 福建星网锐捷网络有限公司 | Wireless access method and wireless access point |
| CN104219339A (en) * | 2014-09-17 | 2014-12-17 | 北京金山安全软件有限公司 | Method and device for detecting address resolution protocol attack in local area network |
Cited By (26)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106714092A (en) * | 2017-02-13 | 2017-05-24 | 惠州Tcl移动通信有限公司 | Mobile terminal-based WIFI data processing method and system |
| CN108574672A (en) * | 2017-03-10 | 2018-09-25 | 武汉安天信息技术有限责任公司 | The method and device of ARP attack perception applied to mobile terminal |
| CN109428862A (en) * | 2017-08-29 | 2019-03-05 | 武汉安天信息技术有限责任公司 | A kind of method and apparatus detecting ARP attack in local area network |
| CN107508931A (en) * | 2017-09-29 | 2017-12-22 | 广东欧珀移动通信有限公司 | Wireless network communication method, device, storage medium and computer equipment |
| CN109962906A (en) * | 2017-12-22 | 2019-07-02 | 诺防网络科技有限公司 | ARP cheats detection system and its method |
| CN108124301A (en) * | 2017-12-29 | 2018-06-05 | 深圳市智搜信息技术有限公司 | A kind of connection method of wireless aps and its system |
| CN108430063A (en) * | 2018-04-13 | 2018-08-21 | 上海连尚网络科技有限公司 | A kind of method and apparatus for monitoring ARP deceptions in WLAN |
| CN108768937A (en) * | 2018-04-13 | 2018-11-06 | 上海连尚网络科技有限公司 | A kind of method and apparatus for detecting ARP deceptions in WLAN |
| CN108430063B (en) * | 2018-04-13 | 2021-11-19 | 上海尚往网络科技有限公司 | Method and equipment for monitoring ARP spoofing in wireless local area network |
| CN108768937B (en) * | 2018-04-13 | 2021-06-25 | 上海尚往网络科技有限公司 | Method and equipment for detecting ARP spoofing in wireless local area network |
| CN108989173A (en) * | 2018-07-09 | 2018-12-11 | 新华三技术有限公司 | A kind of method and device of message transmissions |
| CN108989173B (en) * | 2018-07-09 | 2020-04-28 | 新华三技术有限公司 | Message transmission method and device |
| CN109067751A (en) * | 2018-08-14 | 2018-12-21 | 腾讯科技(深圳)有限公司 | ARP cheat detecting method, device and terminal under a kind of non-Root environment |
| CN109041101B (en) * | 2018-08-24 | 2022-03-18 | 北京小米移动软件有限公司 | WIFI cut-off processing method, terminal, server and storage medium |
| CN109041101A (en) * | 2018-08-24 | 2018-12-18 | 北京小米移动软件有限公司 | WIFI cutout processing method, terminal, server and storage medium |
| WO2020043098A1 (en) * | 2018-08-29 | 2020-03-05 | 新华三技术有限公司 | Device entry establishment |
| CN111194019A (en) * | 2018-11-14 | 2020-05-22 | 杭州海康威视数字技术股份有限公司 | Control method and control device for vehicle-mounted equipment |
| CN112823491A (en) * | 2018-12-27 | 2021-05-18 | 松下电器(美国)知识产权公司 | Terminal, communication method, and program |
| CN110943984B (en) * | 2019-11-25 | 2021-09-28 | 中国联合网络通信集团有限公司 | Asset safety protection method and device |
| CN110943984A (en) * | 2019-11-25 | 2020-03-31 | 中国联合网络通信集团有限公司 | Asset safety protection method and device |
| CN111093250A (en) * | 2019-12-26 | 2020-05-01 | Oppo(重庆)智能科技有限公司 | Network scanning method, device, terminal and storage medium |
| CN111093250B (en) * | 2019-12-26 | 2022-02-25 | Oppo(重庆)智能科技有限公司 | Network scanning method, device, terminal and storage medium |
| CN111885621A (en) * | 2020-07-10 | 2020-11-03 | 深圳创维数字技术有限公司 | Wireless message capturing method, system, terminal and storage medium |
| CN111885621B (en) * | 2020-07-10 | 2023-06-06 | 深圳创维数字技术有限公司 | Wireless message grabbing method, system, terminal and storage medium |
| CN113194445A (en) * | 2021-04-15 | 2021-07-30 | 厦门亿联网络技术股份有限公司 | Connection method and device |
| CN113411809A (en) * | 2021-07-30 | 2021-09-17 | 浙江大华技术股份有限公司 | Method and device for preventing access pseudo AP and AP hijacking |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111093198B (en) | 2023-04-28 |
| CN106376003B (en) | 2019-11-19 |
| CN111093198A (en) | 2020-05-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106376003A (en) | Method and device for detecting wireless local area network connection and wireless local area network data transmission | |
| US9003527B2 (en) | Automated method and system for monitoring local area computer networks for unauthorized wireless access | |
| JP5983785B2 (en) | Security updates for group-based features in M2M | |
| WO2018087696A1 (en) | User plane model for non-3gpp access to fifth generation core network | |
| CN104967595A (en) | Method and apparatus for registering devices on Internet of things platform | |
| CN110087236A (en) | For establishing the agreement of secure communication session by wireless network and anonymous host | |
| CN105100095A (en) | Secure interaction method and apparatus for mobile terminal application program | |
| US10033769B2 (en) | Lawful interception in a WI-FI/packet core network access | |
| CN105981470A (en) | Methods and apparatuses for handling communication in a communication system comprising an access point and a wire line network node connected via wire line to the access point | |
| WO2012070990A1 (en) | Methods and arrangements for enabling data transmission between a mobile device and a static destination address | |
| CN107005430B (en) | Communication method, device and system based on data link layer | |
| CN104619040A (en) | Method and system for quickly connecting WIFI equipment | |
| CN106888184A (en) | Mobile terminal payment class application security method of payment and device | |
| CN108667601A (en) | A kind of method, apparatus and equipment of transmission data | |
| CN106454814A (en) | GTP tunnel communication system and method | |
| CN103475699A (en) | Enterprise network agent device and method for enterprise network to communicate with public network | |
| CN104955036A (en) | Secure networking method and device in public Wi-Fi (wireless fidelity) environment | |
| US8724506B2 (en) | Detecting double attachment between a wired network and at least one wireless network | |
| CN113518475B (en) | Communication method, device and system | |
| CN104113889B (en) | The method and device that a kind of connection based on return path is set up | |
| CN106027387A (en) | Voice service processing method, gateway equipment and system | |
| CN109587204B (en) | Method and device for accessing public network and electronic equipment | |
| CN112688898A (en) | Configuration method and related equipment | |
| CN105898720B (en) | A kind of processing method of short message, apparatus and system | |
| CN104735749B (en) | A kind of method and wireless router, portal platform server accessing network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |