CN106454847A - Method and device for detecting phishing risk of public WiFi - Google Patents
Method and device for detecting phishing risk of public WiFi Download PDFInfo
- Publication number
- CN106454847A CN106454847A CN201611191620.3A CN201611191620A CN106454847A CN 106454847 A CN106454847 A CN 106454847A CN 201611191620 A CN201611191620 A CN 201611191620A CN 106454847 A CN106454847 A CN 106454847A
- Authority
- CN
- China
- Prior art keywords
- mac
- information
- destination
- safe
- mac information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
- H04W12/121—Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
- H04W12/122—Counter-measures against attacks; Protection against rogue devices
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
- H04W12/128—Anti-malware arrangements, e.g. protection against SMS fraud or mobile malware
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W84/00—Network topologies
- H04W84/02—Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
- H04W84/10—Small scale networks; Flat hierarchical networks
- H04W84/12—WLAN [Wireless Local Area Networks]
Abstract
The embodiment of the invention provides a method and a device for detecting a phishing risk of a public WiFi, used for achieving the technical effect of detecting the phishing risk of the public WiFi without depending on additional hardware deployment. The method comprises the steps of acquiring information by detecting a wireless access point (AP) of the public wireless-fidelity (WiFi) by using user equipment, wherein the acquired information comprises a target service set identifier (SSID) of the AP and target media access control (MAC) information of the AP; judging whether the target MAC information is accordant with one piece of security MAC information corresponding to the target SSID recorded by a MAC information reference library based on the pre-stored MAC information reference library, wherein the target SSID corresponds to one or more pieces of security MAC information; and determining that the public WiFi has the phishing risk, when the target MAC information is not accordant with any piece of security MAC information corresponding to the target SSID recorded by the MAC information reference library.
Description
Technical field
The present invention relates to field of computer technology, the detection method of more particularly, to a kind of public WiFi fishing risk and dress
Put.
Background technology
Increase with public WiFi (Wireless Fidelity, WIreless-FIdelity) quantity and popularization, the peace of public WiFi
It is increasingly severeer that full problem also becomes.According to statistics, current 66% public WiFi is not safe.The lawless person WiFi that will go fishing imitates
Cause public WiFi, cause user access fishing WiFi after property and privacy impaired.
In the related, for the fishing risk of public WiFi, a kind of solution is to dispose within the specific limits
WIDS (wireless invasive detects, Wireless Intrusion Detection Systems) testing equipment, using WIDS detection
Equipment is detecting the fishing WiFi in coverage.
However, above-mentioned detection is gone fishing, the mode of risk has to rely on equipment for surfing the net (as user equipment, gateway device, service
Device etc.) beyond hardware deployment (i.e. WIDS testing equipment) just enable.
Content of the invention
Embodiments provide a kind of detection method of public WiFi fishing risk and device, for realizing being independent of
Additional hardware is disposed and public WiFi is carried out with the technique effect of risk supervision of going fishing.
In a first aspect, the invention provides a kind of public WiFi goes fishing the detection method of risk, including:
Obtain the information that user equipment (UE) is detected and obtained to the wireless access point AP of public wireless fidelity WiFi, institute
The information stating acquisition includes destination service set identifier SSID of described AP and the target medium access control MAC letter of described AP
Breath;
Based on the MAC information pattern library prestoring, judge described Destination MAC information whether with described MAC information benchmark
The corresponding safe MAC information of described target SSID of storehouse record is consistent, the corresponding described safe MAC letter of described target SSID
Cease for one or more;
When described Destination MAC information corresponding with described target SSID of described MAC information pattern library record any one
When safe MAC information is all inconsistent, determine that described public WiFi has fishing risk.
Optionally, described Destination MAC information includes destination-mac address, and described safe MAC information includes secure mac address,
Judge the corresponding safe MAC of described target SSID whether with described MAC information pattern library record for the described Destination MAC information
Information is consistent, including:
Judge described target SSID corresponding whether with described MAC information pattern library record for the described destination-mac address
Individual described secure mac address is consistent;
Wherein, when described destination-mac address and any one described secure mac address are all inconsistent, represent described mesh
Mark MAC information any one safe MAC information corresponding with described target SSID of described MAC information reference recording all differs
Cause.
Optionally, described Destination MAC information includes Destination MAC manufacturer, and described safe MAC information includes safe MAC life
Business men, judges whether corresponding with described target SSID of the described MAC information pattern library record peace of described Destination MAC information
Full MAC information is consistent, including:
Judge whether described Destination MAC manufacturer is corresponding with described target SSID of described MAC information pattern library record
One described safe MAC manufacturer is consistent;
Wherein, when described Destination MAC manufacturer and any one described safe MAC manufacturer are all inconsistent, represent institute
State Destination MAC information any one safe MAC information corresponding with described target SSID of described MAC information reference recording all not
Unanimously.
Optionally, described Destination MAC information also includes Destination MAC manufacturer, and described safe MAC information also includes safety
MAC manufacturer, when described destination-mac address and any one described secure mac address are all inconsistent, judges described target
Whether MAC information is consistent with the corresponding safe MAC information of described target SSID of described MAC information pattern library record, also
Including:
Judge whether described Destination MAC manufacturer is corresponding with described target SSID of described MAC information pattern library record
One described safe MAC manufacturer is consistent;
Wherein, when described destination-mac address is all inconsistent with secure mac address any one described, and described target
When MAC manufacturer and any one described safe MAC manufacturer are also all inconsistent, represent described Destination MAC information and described MAC
Described target SSID any one safe MAC information corresponding of information reference recording is all inconsistent.
Optionally, methods described also includes:
When described destination-mac address is all inconsistent with secure mac address any one described, and described Destination MAC produces
When business safe MAC manufacturer described with is consistent, described destination-mac address is recorded as described target SSID corresponding described
Secure mac address.
Second aspect, the detection means of risk the invention provides a kind of public WiFi goes fishing, including:
Obtain module, for obtain user equipment (UE) the wireless access point AP of public wireless fidelity WiFi is detected and
The information obtaining, the information of described acquisition includes destination service set identifier SSID of described AP and the target medium visit of described AP
Ask control MAC information;
Judge module, for based on the MAC information pattern library prestoring, judge described Destination MAC information whether with institute
The corresponding safe MAC information of described target SSID stating MAC information pattern library record is consistent, and described target SSID is corresponding
Described safe MAC information is one or more;
Determining module, for when described target SSID pair of described Destination MAC information and described MAC information pattern library record
When any one the safe MAC information answered is all inconsistent, determine that described public WiFi has fishing risk.
Optionally, described Destination MAC information includes destination-mac address, and described safe MAC information includes secure mac address,
Described judge module is used for judging described target SSID whether with described MAC information pattern library record for the described destination-mac address
A corresponding described secure mac address is consistent;
Wherein, when described destination-mac address and any one described secure mac address are all inconsistent, represent described mesh
Mark MAC information any one safe MAC information corresponding with described target SSID of described MAC information reference recording all differs
Cause.
Optionally, described Destination MAC information includes Destination MAC manufacturer, and described safe MAC information includes safe MAC life
Business men, described judge module is used for judging the described mesh whether with described MAC information pattern library record for the described Destination MAC manufacturer
The corresponding described safe MAC manufacturer of SSID is consistent for mark;
Wherein, when described Destination MAC manufacturer and any one described safe MAC manufacturer are all inconsistent, represent institute
State Destination MAC information any one safe MAC information corresponding with described target SSID of described MAC information reference recording all not
Unanimously.
Optionally, described Destination MAC information also includes Destination MAC manufacturer, and described safe MAC information also includes safety
MAC manufacturer, when described destination-mac address and any one described secure mac address are all inconsistent, described judge module is also
For judging corresponding one of described target SSID whether with described MAC information pattern library record for the described Destination MAC manufacturer
Described safe MAC manufacturer is consistent;
Wherein, when described destination-mac address is all inconsistent with secure mac address any one described, and described target
When MAC manufacturer and any one described safe MAC manufacturer are also all inconsistent, represent described Destination MAC information and described MAC
Described target SSID any one safe MAC information corresponding of information reference recording is all inconsistent.
Optionally, described device also includes:
Logging modle, for when described destination-mac address all inconsistent with secure mac address any one described, and institute
State Destination MAC manufacturer safe MAC manufacturer described with consistent when, described destination-mac address is recorded as described target
The corresponding described secure mac address of SSID.
Said one in the embodiment of the present application or multiple technical scheme, at least have following one or more technology effect
Really:
In the technical scheme of the embodiment of the present invention, obtain user equipment (UE) first and the wireless access point AP of WiFi is carried out
The information detecting and obtaining, the information of described acquisition includes destination service set identifier SSID of described AP and the target of described AP
Media access control MAC information, is then based on the MAC information pattern library prestoring, judge described Destination MAC information whether with
Consistent in the corresponding safe MAC information of described target SSID of described MAC information pattern library record, described target SSID pair
The described safe MAC information answered includes one or more, when described Destination MAC information and described MAC information pattern library record
When the corresponding any safe MAC information of described target SSID is all inconsistent, determine that described public WiFi has fishing risk.Institute
With, in the case of not needing additional hardware deployment, by contrast the described Destination MAC information of described public WiFi whether with institute
The corresponding safe MAC information of described target SSID stating record in MAC information pattern library is consistent, and then the fishing to public WiFi
Risk is detected.Thus solving prior art can only be real by the technical problem of additional hardware deployment detection fishing risk
Show the technique effect being independent of additional hardware deployment and public WiFi being detected, and then reduced to public WiFi safety
The cost safeguarded.
Brief description
By reading the detailed description of hereafter preferred implementation, various other advantages and benefit are common for this area
Technical staff will be clear from understanding.Accompanying drawing is only used for illustrating the purpose of preferred implementation, and is not considered as to the present invention
Restriction.And in whole accompanying drawing, it is denoted by the same reference numerals identical part.In the accompanying drawings:
Fig. 1 is the detection method flow chart of public WiFi fishing risk in the embodiment of the present invention;
Fig. 2 is the structure of the detecting device schematic diagram of public WiFi fishing risk in the embodiment of the present invention.
Specific embodiment
Embodiments provide a kind of detection method of public WiFi fishing risk and device, for realizing being independent of
Additional hardware is disposed and public WiFi is carried out with the technique effect of risk supervision of going fishing.
In order to solve above-mentioned technical problem, the technical scheme thinking that the present invention provides is as follows:
In the technical scheme of the embodiment of the present invention, obtain user equipment (UE) first and the wireless access point AP of WiFi is carried out
The information detecting and obtaining, the information of described acquisition includes destination service set identifier SSID of described AP and the target of described AP
Media access control MAC information, is then based on the MAC information pattern library prestoring, judge described Destination MAC information whether with
Consistent in the corresponding safe MAC information of described target SSID of described MAC information pattern library record, described target SSID pair
The described safe MAC information answered includes one or more, when described Destination MAC information and described MAC information pattern library record
When the corresponding any safe MAC information of described target SSID is all inconsistent, determine that described public WiFi has fishing risk.Institute
With, in the case of not needing additional hardware deployment, by contrast the described Destination MAC information of described public WiFi whether with institute
The corresponding safe MAC information of described target SSID stating record in MAC information pattern library is consistent, and then the fishing to public WiFi
Risk is detected.Thus solving prior art can only be real by the technical problem of additional hardware deployment detection fishing risk
Show the technique effect being independent of additional hardware deployment and public WiFi being detected, and then reduced to public WiFi safety
The cost safeguarded.
Below by accompanying drawing and technical solution of the present invention is described in detail specific embodiment it should be understood that the application
Specific features in embodiment and embodiment are the detailed description to technical scheme, rather than to present techniques
The restriction of scheme, in the case of not conflicting, the technical characteristic in the embodiment of the present application and embodiment can be mutually combined.
The terms "and/or", only a kind of incidence relation of description affiliated partner, represents there may be three kinds of passes
System, for example, A and/or B, can represent:, there are A and B, these three situations of individualism B in individualism A simultaneously.In addition, herein
Middle character "/", typically represent forward-backward correlation to as if a kind of relation of "or".
First aspect present invention provides a kind of detection method of public WiFi fishing risk, refer to Fig. 1, is the present invention
The detection method flow chart of public WiFi fishing risk in embodiment.The method includes:
S101:Obtain the letter that user equipment (UE) is detected and obtained to the wireless access point AP of public wireless fidelity WiFi
Breath, the information of described acquisition includes destination service set identifier SSID of described AP and the target medium access control of described AP
MAC information;
S102:Based on the MAC information pattern library prestoring, judge described Destination MAC information whether with described MAC information
The corresponding safe MAC information of described target SSID of pattern library record is consistent, the corresponding described safety of described target SSID
MAC information is one or more;
S103:When described Destination MAC information is corresponding any with described target SSID of described MAC information pattern library record
When one safe MAC information is all inconsistent, determine that described public WiFi has fishing risk.
Specifically, the public WiFi in the embodiment of the present invention refer to security attribute be OPEN AP (WAP,
Access Point), such as CMCC-WEB, ChinaNet, ChinaUnicom and 16wifi etc..
Detect in S101 to S103 in the embodiment of the present invention that the go fishing executive agent of method of risk of public WiFi can be
UE (user equipment, User Equipment) or the server being connected with UE, the present invention is not particularly limited.
When the fishing risk needing WiFi public to detects, UE is detected to the AP of this public WiFi and is obtained
The information of obtaining, the information obtaining in the embodiment of the present invention specifically includes SSID (service set identifier, the Service Set of this AP
IDentifier), and this AP MAC (media access control, Media Access Control or Medium Access
Control) information.In embodiments of the present invention, target SSID is the SSID of this AP, and Destination MAC information is the MAC of this AP
Information.Wherein, MAC information is, for example, MAC Address and MAC manufacturer etc., and the present invention is not particularly limited.
Wherein, public WiFi is carried out with risk supervision of going fishing, when UE each access public WiFi can be specially, or
When person is specially UE and accesses new public WiFi, that is, access WiFi public from history SSID different public WiFi when.
Those skilled in the art can be selected according to actual, and the present invention is not particularly limited.
It is UE for executive agent, in S101, obtains target SSID and Destination MAC information, specially UE detects to AP
And obtain SSID the and MAC information of the AP of public WiFi to be detected;And be server for executive agent, obtain target in S101
SSID and Destination MAC information, specially receive SSID the and MAC information that UE reports after AP is detected.
After obtaining target SSID and Destination MAC information, execute S102, based on the MAC information pattern library prestoring, judge
Destination MAC information whether with the corresponding one or more safe MAC information of target SSID of record in MAC information pattern library
One safe MAC information is consistent.
Specifically, the MAC information pattern library record in the embodiment of the present invention has the SSID of multiple public WiFi, and often
The corresponding safe MAC information of individual SSID.As an example it is assumed that have recorded in MAC information pattern library CMCC-WEB,
Tetra- SSID of ChinaNet, ChinaUnicom and 16wifi, and the corresponding safe MAC information of each SSID.
In embodiments of the present invention, MAC information pattern library can voluntarily be set up by UE and safeguard it is also possible to be built by server
Stand and safeguard.Preferably, in order to obtain more comprehensive and more accurate MAC information pattern library, big data is based on by server
Set up and safeguard that MAC information pattern library is preferable selection.Certainly, if the executive agent in the embodiment of the present invention is UE, UE
Also need to send the acquisition request representing acquisition request MAC information pattern library to server, and then the reception server is based on and obtains
The MAC information pattern library asked and issue, then MAC information pattern library is stored in the memory space of UE again.
In order to public WiFi is carried out with risk supervision of going fishing, based on target SSID, from MAC information pattern library, search out mesh
The mark corresponding one or more safe MAC information of SSID.Then, comparison object MAC information corresponding with target SSID one or
Multiple safe MAC information.If Destination MAC information is consistent with one of safe MAC information then it represents that Destination MAC information is pacified
Entirely, so represent this public WiFi there is a possibility that go fishing risk less, so determine public WiFi there is not fishing risk.
Whereas if Destination MAC information any one safe MAC information corresponding with target SSID all inconsistent then it represents that public
WiFi is potentially unsafe, and then in S103, determines that public WiFi has fishing risk.
By said process, it is achieved that the detection of risk that public WiFi is gone fishing.By foregoing description as can be seen that this
Bright embodiment detects that the method for public WiFi fishing risk does not need additional hardware to dispose, by contrasting the target of public WiFi
Whether MAC information is consistent with the corresponding safe MAC information of target SSID of record in MAC information pattern library, and then to public
The fishing risk of WiFi is detected.Thus solving prior art can only be by the skill of additional hardware deployment detection fishing risk
Art problem is it is achieved that be independent of the technique effect that additional hardware is disposed and public WiFi is detected, and then reduces to public affairs
The cost of common WiFi security maintenance.
During implementing, because storage MAC information pattern library can take larger storage resource, simultaneously by target
MAC information and safe MAC information in a large number carry out contrasting and also can consume a large amount of memory sources and electricity, accordingly, it is considered to UE storage
Resource, memory source and electricity are limited, therefore, are executed the detection of public WiFi fishing risk in the embodiment of the present invention by server
Select for preferable.
Further, because Destination MAC information can have multiple possibility, thus the specific implementation of S102 also have multiple.
Just describe in detail to wherein several below.
The first:
In the first implementation, Destination MAC information specifically includes destination-mac address, and MAC information also specifically includes peace
MAC Address, and then S102 entirely is realized by following process:
Judge described target SSID corresponding whether with described MAC information pattern library record for the described destination-mac address
Individual described secure mac address is consistent;
Wherein, when described destination-mac address and any one described secure mac address are all inconsistent, represent described mesh
Mark MAC information any one safe MAC information corresponding with described target SSID of described MAC information reference recording all differs
Cause.
Specifically, based on target SSID, search out target SSID from MAC information pattern library corresponding one or more
Secure mac address, then comparison object MAC Address and the corresponding secure mac address of target SSID.Under normal circumstances, on each
The MAC Address of net equipment is unique, if therefore destination-mac address consistent with one of secure mac address then it represents that this AP sets
Configure for by public WiFi operator, so this public WiFi there is a possibility that fishing risk is less.Therefore, work as Destination MAC
When address one of secure mac address corresponding with target SSID is consistent, represent that Destination MAC information is remembered with MAC information benchmark
The corresponding one of safe MAC information of target SSID of record is consistent, and then determines that public WiFi does not have fishing risk.Instead
It, if destination-mac address all secure mac address corresponding with target SSID are all inconsistent then it represents that this AP equipment may
Do not configured by public WiFi operator, so this public WiFi has fishing risk.Therefore, when destination-mac address and target
When any one secure mac address corresponding of SSID is all inconsistent, represent Destination MAC information and MAC information reference recording
The corresponding all safe MAC information of target SSID are all inconsistent, determine that this public WiFi has fishing risk.
For example, target SSID is specially * * * *-WEB, the safety of the * * * *-WEB of record in MAC information pattern library
MAC Address is as shown in table 1.
Table 1
Assume that destination-mac address is 58:66:ba:6e:57:20.Due to destination-mac address and secure address 58:66:ba:
6e:57:20 is consistent, so determining that this public WiFi does not have fishing risk.Hypothesis destination-mac address is 5c:ad:cf:46:
b8:Ae, because destination-mac address is all inconsistent with the secure mac address in table 1, so determine that this public WiFi has fishing
Risk.
Further, during implementing, may there is the situation of MAC Address repetition, identical in order to distinguish address
Different MAC Address, MAC information pattern library, in record security MAC Address, can record each secure mac address simultaneously
Coordinate, thus to distinguish the MAC of repetition.For example, 58:66:ba:6e:57:20 (coordinates:Beijing) and 58:66:ba:6e:57:20
(coordinate:Shanghai).And then, also need in S101 obtain the coordinate of AP further, corresponding with target SSID in destination-mac address
When one of MAC Address is consistent, determine whether whether consistent with this secure mac address of coordinate of destination-mac address
Coordinate is consistent.If the coordinate of the coordinate of destination-mac address and this identical secure mac address inconsistent then it represents that Destination MAC
The corresponding AP in address is not the safe AP indicated by this identical secure mac address in fact, so still determining public
There is fishing risk in WiFi.
Second:
In second implementation, Destination MAC information specifically includes Destination MAC manufacturer, and safe MAC information is also concrete
Including safe MAC manufacturer, and then S102 is realized by following process:
Judge whether described Destination MAC manufacturer is corresponding with described target SSID of described MAC information pattern library record
One described safe MAC manufacturer is consistent;
Wherein, when described Destination MAC manufacturer and any one described safe MAC manufacturer are all inconsistent, represent institute
State Destination MAC information any one safe MAC information corresponding with described target SSID of described MAC information reference recording all not
Unanimously.
Specifically, the MAC manufacturer in the embodiment of the present invention, refer to produce AP equipment or AC (access controller,
Access Control) company of equipment or producer.Based on target SSID, from MAC information pattern library, search out target SSID
Corresponding one or more safe MAC manufacturer, then comparison object MAC manufacturer and the corresponding safe MAC life of target SSID
Business men.Because under normal circumstances, the operator of public WiFi can in high volume purchase the AP equipment that one or more manufacturers produce
Or AC equipment, the probability of indivedual buyings is less, and these manufacturers produce fishing AP equipment or AC equipment for lawless person
Probability also less, if therefore Destination MAC manufacturer consistent with one of safe MAC manufacturer then it represents that this AP equipment
Configured by public WiFi operator, so this public WiFi there is a possibility that fishing risk is less.Therefore, when Destination MAC is given birth to
When business men is consistent with the one of safe MAC manufacturer of target SSID, represent Destination MAC information and MAC information reference recording
The corresponding one of safe MAC information of target SSID consistent, and then determine that public WiFi does not have fishing risk.Conversely, such as
Fruit Destination MAC manufacturer any safe MAC manufacturer corresponding with target SSID all inconsistent then it represents that this AP equipment may be simultaneously
Do not configured by public WiFi operator, so this public WiFi has fishing risk.Therefore, when Destination MAC manufacturer and target
When the corresponding any safe MAC manufacturer of SSID is all inconsistent, represent the mesh of Destination MAC information and MAC information reference recording
The mark corresponding all safe MAC information of SSID are all inconsistent, determine that this public WiFi has fishing risk.
For continuing to use the example that target SSID is specially * * * *-WEB, the * * * *-WEB of record in MAC information pattern library
Safe MAC manufacturer is as shown in table 2.
Table 2
Hypothesis Destination MAC manufacturer is Hangzhou H3C Technologies Co..Due to Destination MAC manufacturer with
Safe MAC manufacturer Hangzhou H3C Technologies Co. is consistent, so determining that this public WiFi does not have fishing wind
Danger.Hypothesis destination-mac address manufacturer is ABC, because Destination MAC manufacturer is all differed with the safe MAC manufacturer in table 2
Cause, so determining that this public WiFi has fishing risk.
The third:
In conjunction with the first implementation, in the third implementation, Destination MAC information further comprises Destination MAC
Manufacturer, safe MAC information also further comprises safe MAC manufacturer, when destination-mac address and one or more safety
When MAC Address is all inconsistent, and then the process of realizing of S102 further comprises:
Judge whether described Destination MAC manufacturer is corresponding with described target SSID of described MAC information pattern library record
One described safe MAC manufacturer is consistent;
Wherein, when described destination-mac address is all inconsistent with secure mac address any one described, and described target
When MAC manufacturer and any one described safe MAC manufacturer are also all inconsistent, represent described Destination MAC information and described MAC
Described target SSID any one safe MAC information corresponding of information reference recording is all inconsistent.
Specifically, in the third implementation, Destination MAC information specifically includes destination-mac address and Destination MAC life
Business men, safe MAC information also specifically includes secure mac address and safe MAC manufacturer.In the third implementation, first
Judge that whether corresponding with target SSID destination-mac address one of secure mac address be consistent.If destination-mac address with
The corresponding one of secure mac address of target SSID is consistent, then judge that public WiFi does not have fishing risk.Wherein, judge
Whether consistent with the corresponding secure mac address of the target SSID detailed process of destination-mac address in the first implementation
By the agency of, therefore for the something in common of the first implementation and the third implementation, just it is no longer repeated.
The third implementation is with the difference of the first implementation, when destination-mac address and target SSID
When corresponding all secure mac address are all inconsistent, will not confirm that public WiFi has fishing risk, but determine whether mesh
Whether corresponding with SSID mark MAC manufacturer one of safe MAC manufacturer be consistent.When Destination MAC manufacturer and all peaces
When full MAC manufacturer is also all inconsistent, just can determine whether that public WiFi has fishing risk.
Specifically, because pattern library may not record the corresponding safe MAC Address of target complete SSID, or simultaneously
Do not record the new secure mac address of target SSID in time, so, in all safe MAC of destination-mac address and target SSID
When address is all inconsistent, whether checking Destination MAC manufacturer is safe MAC manufacturer further.
Due to safe MAC manufacturer, the most of AP equipment producing or AC equipment are safe, so working as destination-mac address
All secure mac address corresponding with target SSID are all inconsistent, but Destination MAC manufacturer is corresponding with target SSID wherein
When one safe MAC manufacturer is consistent, still believe that public WiFi is safe.And work as destination-mac address and target SSID pair
The all secure mac address answered are all inconsistent, Destination MAC manufacturer also all safe MAC manufacturer corresponding with target SSID
When all inconsistent, just can determine whether that public WiFi has fishing risk.Thus, the detection that improve public WiFi fishing risk is accurate
Rate.
Further, for the third implementation, can also include:
When described destination-mac address is all inconsistent with secure mac address any one described, and described Destination MAC produces
When business safe MAC manufacturer described with is consistent, described destination-mac address is recorded as described target SSID corresponding described
Secure mac address.
Specifically, when destination-mac address is all inconsistent with one or more secure mac address, and Destination MAC manufacturer
When consistent with one of safe MAC manufacturer, show to miss destination-mac address in MAC information pattern library, therefore, now
Destination-mac address is added to the corresponding secure mac address of target SSID.
4th kind:
In conjunction with the first implementation and second implementation, in the 4th kind of implementation, Destination MAC information is specifically wrapped
Include destination-mac address and Destination MAC manufacturer, safe MAC information specifically includes secure mac address and safe MAC manufacturer,
S102 to realize process as follows:
Judge described target SSID corresponding whether with described MAC information pattern library record for the described destination-mac address
Individual described secure mac address is consistent, and whether corresponding with the described SSID described safety of described Destination MAC manufacturer
MAC manufacturer is consistent;
Wherein, when described destination-mac address is all inconsistent with any described secure mac address, and the life of described Destination MAC
When business men and any described safe MAC manufacturer are also all inconsistent, represent described Destination MAC information and described MAC information benchmark
The corresponding any safe MAC information of described target SSID of record is all inconsistent.
In the 4th kind of implementation, will destination-mac address and Destination MAC manufacturer be verified simultaneously.Concrete
During realization, can first judge that whether corresponding with target SSID destination-mac address one of secure mac address be consistent, then
Judge that whether corresponding with target SSID Destination MAC manufacturer one of safe MAC manufacturer be consistent, or first judge target
Whether corresponding with target SSID MAC manufacturer one of safe MAC manufacturer be consistent, more whether judges destination-mac address
One of secure mac address corresponding with target SSID is consistent, or carries out the judgement of above-mentioned two independence simultaneously, and the present invention is not
Do concrete restriction.
Just no longer heavy with the something in common of the first implementation and second implementation for the 4th kind of implementation
Repeat again.
4th kind of implementation is with the difference of the first implementation and second implementation, works as target
MAC Address is consistent with one of secure mac address of target SSID, or Destination MAC manufacturer is with target SSID wherein
When one safe MAC manufacturer is consistent, determine public WiFi safety.And it is corresponding with target SSID all to work as destination-mac address
Secure mac address is all inconsistent, and Destination MAC manufacturer also all safe MAC manufacturer corresponding with target SSID is also equal
When inconsistent, just can determine whether that public WiFi has fishing risk.Thus, the detection that improve public WiFi fishing risk is accurate
Rate.
During implementing, those skilled in the art can be above-mentioned five kinds according to actual selection
Any one in implementation, the present invention is not particularly limited.
Below how server is set up with MAC information pattern library be introduced.
First, server sends to multiple UE of access server and reports instruction, and this reports instruction to be used for notifying each UE
The AP accessing is detected, obtains and access AP information, and AP information reporting will be detected to server.Wherein, AP information
At least include security attribute, SSID and MAC information, coordinate of AP etc. can also be included further, the present invention is not particularly limited.
And then, server passes through reporting of multiple UE, obtains a large amount of AP information.Further, the management personnel of server can also be never
With acquisition AP information at the operator of public WiFi.
Then, server, based on the security attribute in each AP information, filters out the AP that security attribute is OPEN, that is, from big
Public WiFi is filtered out in amount WiFi.In addition in addition it is also necessary to internally hold identical AP information to carry out duplicate removal process so that remaining AP
There is no content identical AP information in information.And, by detecting and verifying, filter out from the AP information of public WiFi in a large number
The safe AP information of safe AP.
Next, clustering to all safe AP information according to SSID, thus obtaining the corresponding safe MAC of each SSID
The safe MAC information such as address, safe MAC manufacturer and coordinate.Then, record the corresponding safe MAC information of each SSID, build
Vertical MAC information pattern library.
Further, in order to store the storage resource reducing shared by MAC information pattern library, obtain each SSID's further
Quantity, and carry out by high sequence on earth according to the quantity of each SSID.Then, in MAC information pattern library, only record is arranged
SSID before predetermined order for the sequence and corresponding safe MAC information.In other words, due to accessing less during implementing
The probability of common public WiFi is less, so can only record relatively conventional in MAC information pattern library, coverage rate is higher, and
The SSID of a fairly large number of public WiFi and corresponding MAC safety information.
Further, the proportion of each safe MAC manufacturer of each SSID can also be counted, so proportion is higher
Safe MAC manufacturer record in MAC security criteria storehouse, proportion relatively low safe MAC manufacturer then do not record.
Further, server, when safeguarding MAC information pattern library, can also receive user's update information that UE reports,
And then add, safe MAC information is deleted or modified based on user's update information.
Based on the inventive concept same with the detection method of WiFi fishing risk public in previous embodiment, the present invention second
Aspect also provides the detection means that a kind of public WiFi goes fishing risk, as shown in Fig. 2 including:
Obtain module 101, for obtaining user equipment (UE), the wireless access point AP of public wireless fidelity WiFi is examined
The information surveyed and obtain, the information of described acquisition includes destination service set identifier SSID of described AP and the target matchmaker of described AP
Body access control MAC information;
Judge module 102, for based on the MAC information pattern library prestoring, judge described Destination MAC information whether with
The corresponding safe MAC information of described target SSID of described MAC information pattern library record is consistent, and described target SSID corresponds to
Described safe MAC information be one or more;
Determining module 103, for when the described target of described Destination MAC information and described MAC information pattern library record
When SSID any one safe MAC information corresponding is all inconsistent, determine that described public WiFi has fishing risk.
Specifically, Destination MAC information includes destination-mac address, and described safe MAC information includes secure mac address, sentences
Disconnected module 102 is used for judging whether described destination-mac address is corresponding with described target SSID of described MAC information pattern library record
A described secure mac address consistent;
Wherein, when described destination-mac address and any one described secure mac address are all inconsistent, represent described mesh
Mark MAC information any one safe MAC information corresponding with described target SSID of described MAC information reference recording all differs
Cause.
Or, described Destination MAC information includes Destination MAC manufacturer, and described safe MAC information includes safe MAC and produces
Business, judge module 102 is used for judging the described target whether with described MAC information pattern library record for the described Destination MAC manufacturer
The corresponding described safe MAC manufacturer of SSID is consistent;
Wherein, when described Destination MAC manufacturer and any one described safe MAC manufacturer are all inconsistent, represent institute
State Destination MAC information any one safe MAC information corresponding with described target SSID of described MAC information reference recording all not
Unanimously.
Further, described Destination MAC information also includes Destination MAC manufacturer, and described safe MAC information also includes safety
MAC manufacturer, when described destination-mac address and any one described secure mac address are all inconsistent, judge module 102 is also
For judging corresponding one of described target SSID whether with described MAC information pattern library record for the described Destination MAC manufacturer
Described safe MAC manufacturer is consistent;
Wherein, when described destination-mac address is all inconsistent with secure mac address any one described, and described target
When MAC manufacturer and any one described safe MAC manufacturer are also all inconsistent, represent described Destination MAC information and described MAC
Described target SSID any one safe MAC information corresponding of information reference recording is all inconsistent.
Further, the device in the embodiment of the present invention also includes:
Logging modle, for when described destination-mac address all inconsistent with secure mac address any one described, and institute
State Destination MAC manufacturer safe MAC manufacturer described with consistent when, described destination-mac address is recorded as described target
The corresponding described secure mac address of SSID.
The various change mode of detection method of public WiFi fishing risk in aforementioned Fig. 1 embodiment and instantiation are same
Sample is applied to the detection means of the public WiFi fishing risk of the present embodiment, by the detection of aforementioned risk that public WiFi is gone fishing
The detailed description of method, those skilled in the art are clear that the detection dress of public WiFi fishing risk in the present embodiment
The implementation put, thus succinct for description, will not be described in detail herein.
Said one in the embodiment of the present application or multiple technical scheme, at least have following one or more technology effect
Really:
In the technical scheme of the embodiment of the present invention, obtain user equipment (UE) first and the wireless access point AP of WiFi is carried out
The information detecting and obtaining, the information of described acquisition includes destination service set identifier SSID of described AP and the target of described AP
Media access control MAC information, is then based on the MAC information pattern library prestoring, judge described Destination MAC information whether with
Consistent in the corresponding safe MAC information of described target SSID of described MAC information pattern library record, described target SSID pair
The described safe MAC information answered includes one or more, when described Destination MAC information and described MAC information pattern library record
When the corresponding any safe MAC information of described target SSID is all inconsistent, determine that described public WiFi has fishing risk.Institute
With, in the case of not needing additional hardware deployment, by contrast the described Destination MAC information of described public WiFi whether with institute
The corresponding safe MAC information of described target SSID stating record in MAC information pattern library is consistent, and then the fishing to public WiFi
Risk is detected.Thus solving prior art can only be real by the technical problem of additional hardware deployment detection fishing risk
Show the technique effect being independent of additional hardware deployment and public WiFi being detected, and then reduced to public WiFi safety
The cost safeguarded.
Algorithm and display be not inherently related to any certain computer, virtual system or miscellaneous equipment provided herein.
Various general-purpose systems can also be used together with based on teaching in this.As described above, construct required by this kind of system
Structure be obvious.Additionally, the present invention is also not for any certain programmed language.It is understood that, it is possible to use various
Programming language realizes the content of invention described herein, and the description above language-specific done is to disclose this
Bright preferred forms.
In description mentioned herein, illustrate a large amount of details.It is to be appreciated, however, that the enforcement of the present invention
Example can be put into practice in the case of not having these details.In some instances, known method, structure are not been shown in detail
And technology, so as not to obscure the understanding of this description.
Similarly it will be appreciated that in order to simplify the disclosure and help understand one or more of each inventive aspect,
Above in the description to the exemplary embodiment of the present invention, each feature of the present invention is grouped together into single enforcement sometimes
In example, figure or descriptions thereof.However, the method for the disclosure should be construed to reflect following intention:I.e. required guarantor
The application claims of shield more features than the feature being expressly recited in each claim.More precisely, it is such as following
Claims reflected as, inventive aspect is all features less than single embodiment disclosed above.Therefore,
The claims following specific embodiment are thus expressly incorporated in this specific embodiment, wherein each claim itself
All as the separate embodiments of the present invention.
Those skilled in the art are appreciated that and the module in the equipment in embodiment can be carried out adaptively
Change and they are arranged in one or more equipment different from this embodiment.Can be the module in embodiment or list
Unit or assembly be combined into a module or unit or assembly, and can be divided in addition multiple submodule or subelement or
Sub-component.In addition to such feature and/or at least some of process or unit exclude each other, can adopt any
Combination is to all features disclosed in this specification (including adjoint claim, summary and accompanying drawing) and so disclosed
Where method or all processes of equipment or unit are combined.Unless expressly stated otherwise, this specification (includes adjoint power
Profit requires, summary and accompanying drawing) disclosed in each feature can carry out generation by the alternative features providing identical, equivalent or similar purpose
Replace.
Although additionally, it will be appreciated by those of skill in the art that some embodiments in this include institute in other embodiments
Including some features rather than further feature, but the combination of the feature of different embodiment means to be in the scope of the present invention
Within and form different embodiments.For example, in the following claims, embodiment required for protection any it
One can in any combination mode using.
The all parts embodiment of the present invention can be realized with hardware, or to run on one or more processor
Software module realize, or with combinations thereof realize.It will be understood by those of skill in the art that can use in practice
Microprocessor or digital signal processor (DSP) come to realize gateway according to embodiments of the present invention, proxy server, in system
Some or all parts some or all functions.The present invention is also implemented as executing side as described herein
Some or all equipment of method or program of device (for example, computer program and computer program).Such
The program realizing the present invention can store on a computer-readable medium, or can have the shape of one or more signal
Formula.Such signal can be downloaded from internet website and obtain, or provides on carrier signal, or with any other shape
Formula provides.
It should be noted that above-described embodiment the present invention will be described rather than limits the invention, and ability
Field technique personnel can design alternative embodiment without departing from the scope of the appended claims.In the claims,
Any reference markss between bracket should not be configured to limitations on claims.Word "comprising" does not exclude the presence of not
Element listed in the claims or step.Word "a" or "an" before element does not exclude the presence of multiple such
Element.The present invention can come real by means of the hardware including some different elements and by means of properly programmed computer
Existing.If in the unit claim listing equipment for drying, several in these devices can be by same hardware branch
To embody.The use of word first, second, and third does not indicate that any order.These words can be explained and run after fame
Claim.
The invention discloses, A1, a kind of detection method of public WiFi fishing risk are it is characterised in that include:
Obtain the information that user equipment (UE) is detected and obtained to the wireless access point AP of public wireless fidelity WiFi, institute
The information stating acquisition includes destination service set identifier SSID of described AP and the target medium access control MAC letter of described AP
Breath;
Based on the MAC information pattern library prestoring, judge described Destination MAC information whether with described MAC information benchmark
The corresponding safe MAC information of described target SSID of storehouse record is consistent, the corresponding described safe MAC letter of described target SSID
Cease for one or more;
When described Destination MAC information corresponding with described target SSID of described MAC information pattern library record any one
When safe MAC information is all inconsistent, determine that described public WiFi has fishing risk.
A2, the method according to A1 it is characterised in that described Destination MAC information includes destination-mac address, described peace
Full MAC information includes secure mac address, judge described Destination MAC information whether with described in described MAC information pattern library record
The corresponding safe MAC information of target SSID is consistent, including:
Judge described target SSID corresponding whether with described MAC information pattern library record for the described destination-mac address
Individual described secure mac address is consistent;
Wherein, when described destination-mac address and any one described secure mac address are all inconsistent, represent described mesh
Mark MAC information any one safe MAC information corresponding with described target SSID of described MAC information reference recording all differs
Cause.
A3, the method according to A1 are it is characterised in that described Destination MAC information includes Destination MAC manufacturer, described
Safe MAC information includes safe MAC manufacturer, judge described Destination MAC information whether with described MAC information pattern library record
The corresponding safe MAC information of described target SSID is consistent, including:
Judge whether described Destination MAC manufacturer is corresponding with described target SSID of described MAC information pattern library record
One described safe MAC manufacturer is consistent;
Wherein, when described Destination MAC manufacturer and any one described safe MAC manufacturer are all inconsistent, represent institute
State Destination MAC information any one safe MAC information corresponding with described target SSID of described MAC information reference recording all not
Unanimously.
A4, the method according to A2 are it is characterised in that described Destination MAC information also includes Destination MAC manufacturer, institute
State safe MAC information and also include safe MAC manufacturer, when described destination-mac address is equal with secure mac address any one described
When inconsistent, judge described target SSID corresponding whether with described MAC information pattern library record for the described Destination MAC information
Individual safe MAC information is consistent, also includes:
Judge whether described Destination MAC manufacturer is corresponding with described target SSID of described MAC information pattern library record
One described safe MAC manufacturer is consistent;
Wherein, when described destination-mac address is all inconsistent with secure mac address any one described, and described target
When MAC manufacturer and any one described safe MAC manufacturer are also all inconsistent, represent described Destination MAC information and described MAC
Described target SSID any one safe MAC information corresponding of information reference recording is all inconsistent.
A5, the method according to A4 are it is characterised in that methods described also includes:
When described destination-mac address is all inconsistent with secure mac address any one described, and described Destination MAC produces
When business safe MAC manufacturer described with is consistent, described destination-mac address is recorded as described target SSID corresponding described
Secure mac address.
B6, a kind of detection means of public WiFi fishing risk are it is characterised in that include:
Obtain module, for obtain user equipment (UE) the wireless access point AP of public wireless fidelity WiFi is detected and
The information obtaining, the information of described acquisition includes destination service set identifier SSID of described AP and the target medium visit of described AP
Ask control MAC information;
Judge module, for based on the MAC information pattern library prestoring, judge described Destination MAC information whether with institute
The corresponding safe MAC information of described target SSID stating MAC information pattern library record is consistent, and described target SSID is corresponding
Described safe MAC information is one or more;
Determining module, for when described target SSID pair of described Destination MAC information and described MAC information pattern library record
When any one the safe MAC information answered is all inconsistent, determine that described public WiFi has fishing risk.
B7, the device according to B6 it is characterised in that described Destination MAC information includes destination-mac address, described peace
Full MAC information includes secure mac address, described judge module be used for judging described destination-mac address whether with described MAC information
The corresponding described secure mac address of described target SSID of pattern library record is consistent;
Wherein, when described destination-mac address and any one described secure mac address are all inconsistent, represent described mesh
Mark MAC information any one safe MAC information corresponding with described target SSID of described MAC information reference recording all differs
Cause.
B8, the device according to B6 are it is characterised in that described Destination MAC information includes Destination MAC manufacturer, described
Safe MAC information includes safe MAC manufacturer, described judge module be used for judging described Destination MAC manufacturer whether with described
The corresponding described safe MAC manufacturer of described target SSID of MAC information pattern library record is consistent;
Wherein, when described Destination MAC manufacturer and any one described safe MAC manufacturer are all inconsistent, represent institute
State Destination MAC information any one safe MAC information corresponding with described target SSID of described MAC information reference recording all not
Unanimously.
B9, the device according to B7 are it is characterised in that described Destination MAC information also includes Destination MAC manufacturer, institute
State safe MAC information and also include safe MAC manufacturer, when described destination-mac address is equal with secure mac address any one described
When inconsistent, described judge module be additionally operable to judge described Destination MAC manufacturer whether with described MAC information pattern library record
A corresponding described safe MAC manufacturer is consistent for described target SSID;
Wherein, when described destination-mac address is all inconsistent with secure mac address any one described, and described target
When MAC manufacturer and any one described safe MAC manufacturer are also all inconsistent, represent described Destination MAC information and described MAC
Described target SSID any one safe MAC information corresponding of information reference recording is all inconsistent.
B10, the device according to B9 are it is characterised in that described device also includes:
Logging modle, for when described destination-mac address all inconsistent with secure mac address any one described, and institute
State Destination MAC manufacturer safe MAC manufacturer described with consistent when, described destination-mac address is recorded as described target
The corresponding described secure mac address of SSID.
Claims (10)
1. a kind of detection method of public WiFi fishing risk is it is characterised in that include:
Obtain user equipment (UE) information that the wireless access point AP of public wireless fidelity WiFi is detected and obtained, described obtain
The information obtaining includes destination service set identifier SSID of described AP and the target medium access control MAC information of described AP;
Based on the MAC information pattern library prestoring, judge whether described Destination MAC information is remembered with described MAC information pattern library
The corresponding safe MAC information of described target SSID of record is consistent, and the corresponding described safe MAC information of described target SSID is
One or more;
When described Destination MAC information and described target SSID any one safety corresponding of described MAC information pattern library record
When MAC information is all inconsistent, determine that described public WiFi has fishing risk.
2. the method for claim 1 is it is characterised in that described Destination MAC information includes destination-mac address, described peace
Full MAC information includes secure mac address, judge described Destination MAC information whether with described in described MAC information pattern library record
The corresponding safe MAC information of target SSID is consistent, including:
Judge the corresponding institute of described target SSID whether with described MAC information pattern library record for the described destination-mac address
State secure mac address consistent;
Wherein, when described destination-mac address and any one described secure mac address are all inconsistent, represent described Destination MAC
Information any one safe MAC information corresponding with described target SSID of described MAC information reference recording is all inconsistent.
3. the method for claim 1 is it is characterised in that described Destination MAC information includes Destination MAC manufacturer, described
Safe MAC information includes safe MAC manufacturer, judge described Destination MAC information whether with described MAC information pattern library record
The corresponding safe MAC information of described target SSID is consistent, including:
Judge corresponding one of described target SSID whether with described MAC information pattern library record for the described Destination MAC manufacturer
Described safe MAC manufacturer is consistent;
Wherein, when described Destination MAC manufacturer and any one described safe MAC manufacturer are all inconsistent, represent described mesh
Mark MAC information any one safe MAC information corresponding with described target SSID of described MAC information reference recording all differs
Cause.
4. method as claimed in claim 2 is it is characterised in that described Destination MAC information also includes Destination MAC manufacturer, institute
State safe MAC information and also include safe MAC manufacturer, when described destination-mac address is equal with secure mac address any one described
When inconsistent, judge described target SSID corresponding whether with described MAC information pattern library record for the described Destination MAC information
Individual safe MAC information is consistent, also includes:
Judge corresponding one of described target SSID whether with described MAC information pattern library record for the described Destination MAC manufacturer
Described safe MAC manufacturer is consistent;
Wherein, when described destination-mac address is all inconsistent with secure mac address any one described, and the life of described Destination MAC
When business men and any one described safe MAC manufacturer are also all inconsistent, represent described Destination MAC information and described MAC information
Described target SSID any one safe MAC information corresponding of reference recording is all inconsistent.
5. method as claimed in claim 4 is it is characterised in that methods described also includes:
When described destination-mac address is all inconsistent with secure mac address any one described, and described Destination MAC manufacturer with
When one described safe MAC manufacturer is consistent, described destination-mac address is recorded as the corresponding described safety of described target SSID
MAC Address.
6. a kind of detection means of public WiFi fishing risk is it is characterised in that include:
Obtain module, the wireless access point AP of public wireless fidelity WiFi is detected and obtain for obtaining user equipment (UE)
Information, the target medium of destination service set identifier SSID and described AP that the information of described acquisition includes described AP accesses control
MAC information processed;
Judge module, for based on the MAC information pattern library prestoring, judge described Destination MAC information whether with described MAC
The corresponding safe MAC information of described target SSID of information pattern library record is consistent, and described target SSID is corresponding described
Safe MAC information is one or more;
Determining module, for when described Destination MAC information corresponding with described target SSID of described MAC information pattern library record
When any one safe MAC information is all inconsistent, determine that described public WiFi has fishing risk.
7. device as claimed in claim 6 is it is characterised in that described Destination MAC information includes destination-mac address, described peace
Full MAC information includes secure mac address, described judge module be used for judging described destination-mac address whether with described MAC information
The corresponding described secure mac address of described target SSID of pattern library record is consistent;
Wherein, when described destination-mac address and any one described secure mac address are all inconsistent, represent described Destination MAC
Information any one safe MAC information corresponding with described target SSID of described MAC information reference recording is all inconsistent.
8. device as claimed in claim 6 is it is characterised in that described Destination MAC information includes Destination MAC manufacturer, described
Safe MAC information includes safe MAC manufacturer, described judge module be used for judging described Destination MAC manufacturer whether with described
The corresponding described safe MAC manufacturer of described target SSID of MAC information pattern library record is consistent;
Wherein, when described Destination MAC manufacturer and any one described safe MAC manufacturer are all inconsistent, represent described mesh
Mark MAC information any one safe MAC information corresponding with described target SSID of described MAC information reference recording all differs
Cause.
9. device as claimed in claim 7 is it is characterised in that described Destination MAC information also includes Destination MAC manufacturer, institute
State safe MAC information and also include safe MAC manufacturer, when described destination-mac address is equal with secure mac address any one described
When inconsistent, described judge module be additionally operable to judge described Destination MAC manufacturer whether with described MAC information pattern library record
A corresponding described safe MAC manufacturer is consistent for described target SSID;
Wherein, when described destination-mac address is all inconsistent with secure mac address any one described, and the life of described Destination MAC
When business men and any one described safe MAC manufacturer are also all inconsistent, represent described Destination MAC information and described MAC information
Described target SSID any one safe MAC information corresponding of reference recording is all inconsistent.
10. device as claimed in claim 9 is it is characterised in that described device also includes:
Logging modle, for when described destination-mac address all inconsistent with secure mac address any one described, and described mesh
When mark MAC manufacturer safe MAC manufacturer described with is consistent, described destination-mac address is recorded as described target SSID
Corresponding described secure mac address.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611191620.3A CN106454847A (en) | 2016-12-21 | 2016-12-21 | Method and device for detecting phishing risk of public WiFi |
| PCT/CN2017/117690 WO2018113728A1 (en) | 2016-12-21 | 2017-12-21 | Method and device for determining risk of phishing attack in public wifi network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611191620.3A CN106454847A (en) | 2016-12-21 | 2016-12-21 | Method and device for detecting phishing risk of public WiFi |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106454847A true CN106454847A (en) | 2017-02-22 |
Family
ID=58215334
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611191620.3A Pending CN106454847A (en) | 2016-12-21 | 2016-12-21 | Method and device for detecting phishing risk of public WiFi |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN106454847A (en) |
| WO (1) | WO2018113728A1 (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2018113728A1 (en) * | 2016-12-21 | 2018-06-28 | 北京奇虎科技有限公司 | Method and device for determining risk of phishing attack in public wifi network |
| CN109391944A (en) * | 2018-10-31 | 2019-02-26 | 北京小米移动软件有限公司 | Wireless network remarks method and device |
| CN109729525A (en) * | 2017-10-31 | 2019-05-07 | 中国电信股份有限公司 | Fishing WIFI recognition methods, device, terminal device and computer readable storage medium |
| CN111314911A (en) * | 2020-02-26 | 2020-06-19 | 广东星辰信通科技有限公司 | WiFi terminal sniffing prevention method |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112512050A (en) * | 2020-11-06 | 2021-03-16 | 北京小米移动软件有限公司 | Method and device for preventing terminal from attacking and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101277229A (en) * | 2008-05-26 | 2008-10-01 | 杭州华三通信技术有限公司 | Method for detecting illegality equipment and wireless client terminal |
| CN102843682A (en) * | 2012-08-20 | 2012-12-26 | 中国联合网络通信集团有限公司 | Access point authorizing method, device and system |
| CN103780430A (en) * | 2014-01-20 | 2014-05-07 | 华为技术有限公司 | Method and device for monitoring network equipment |
| CN104580152A (en) * | 2014-12-03 | 2015-04-29 | 中国科学院信息工程研究所 | Protection method and system against wifi (wireless fidelity) phishing |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR102000159B1 (en) * | 2013-12-18 | 2019-07-16 | 한국전자통신연구원 | Apparatus and method for identifying rogue device |
| CN106792704B (en) * | 2015-11-24 | 2020-10-09 | 中国移动通信集团公司 | Method and device for detecting phishing access point |
| CN106454847A (en) * | 2016-12-21 | 2017-02-22 | 北京奇虎科技有限公司 | Method and device for detecting phishing risk of public WiFi |
-
2016
- 2016-12-21 CN CN201611191620.3A patent/CN106454847A/en active Pending
-
2017
- 2017-12-21 WO PCT/CN2017/117690 patent/WO2018113728A1/en active Application Filing
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101277229A (en) * | 2008-05-26 | 2008-10-01 | 杭州华三通信技术有限公司 | Method for detecting illegality equipment and wireless client terminal |
| CN102843682A (en) * | 2012-08-20 | 2012-12-26 | 中国联合网络通信集团有限公司 | Access point authorizing method, device and system |
| CN103780430A (en) * | 2014-01-20 | 2014-05-07 | 华为技术有限公司 | Method and device for monitoring network equipment |
| CN104580152A (en) * | 2014-12-03 | 2015-04-29 | 中国科学院信息工程研究所 | Protection method and system against wifi (wireless fidelity) phishing |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2018113728A1 (en) * | 2016-12-21 | 2018-06-28 | 北京奇虎科技有限公司 | Method and device for determining risk of phishing attack in public wifi network |
| CN109729525A (en) * | 2017-10-31 | 2019-05-07 | 中国电信股份有限公司 | Fishing WIFI recognition methods, device, terminal device and computer readable storage medium |
| CN109391944A (en) * | 2018-10-31 | 2019-02-26 | 北京小米移动软件有限公司 | Wireless network remarks method and device |
| CN109391944B (en) * | 2018-10-31 | 2022-05-20 | 北京小米移动软件有限公司 | Wireless network remarking method and device |
| CN111314911A (en) * | 2020-02-26 | 2020-06-19 | 广东星辰信通科技有限公司 | WiFi terminal sniffing prevention method |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2018113728A1 (en) | 2018-06-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106454847A (en) | Method and device for detecting phishing risk of public WiFi | |
| CN105554007B (en) | A kind of web method for detecting abnormality and device | |
| CN104125197B (en) | A kind of security baseline system and its method for realizing safety inspection | |
| CN106101130B (en) | A kind of network malicious data detection method, apparatus and system | |
| CN104253791B (en) | A kind of safety access method of Web page application program, server and client side | |
| CN106033514B (en) | A kind of detection method and device of suspicious process | |
| CN107251513A (en) | System and method for the accurate guarantee of Malicious Code Detection | |
| CN105243252B (en) | A kind of method and device of account risk assessment | |
| CN104023336B (en) | The radio switch-in method and mobile terminal of mobile terminal | |
| CN106998265A (en) | A kind of monitoring method and its device | |
| US20120185624A1 (en) | Automated Cabling Process for a Complex Environment | |
| Sellwood et al. | Sleeping android: The danger of dormant permissions | |
| US20110307735A1 (en) | Method, computer, and computer program product for hardware mapping | |
| CN102984128B (en) | A kind of network computer information security detection method | |
| CN104935601B (en) | Web log file safety analytical method based on cloud, apparatus and system | |
| CN106815137A (en) | Ui testing method and apparatus | |
| CN106034054A (en) | Redundant access control list ACL rule file detection method and apparatus thereof | |
| CN107395608A (en) | A kind of network access method for detecting abnormality and device | |
| CN106980647A (en) | A kind of Distributed File System Data location mode and device | |
| CN108073499A (en) | The test method and device of application program | |
| CN108898012A (en) | The method and apparatus for detecting illegal program | |
| CN102469098B (en) | Information safety protection host machine | |
| CN106790077B (en) | Method and device for detecting DNS full-flow hijacking risk | |
| CN104216930B (en) | A kind of detection method and device of jump class fishing webpage | |
| CN103336740B (en) | The operating system integrated test facility of electric power secondary system and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170222 |