CN107979845A - The indicating risk method and apparatus of wireless access point - Google Patents

The indicating risk method and apparatus of wireless access point Download PDF

Info

Publication number
CN107979845A
CN107979845A CN201710305771.5A CN201710305771A CN107979845A CN 107979845 A CN107979845 A CN 107979845A CN 201710305771 A CN201710305771 A CN 201710305771A CN 107979845 A CN107979845 A CN 107979845A
Authority
CN
China
Prior art keywords
access point
wireless access
risk
information
security
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710305771.5A
Other languages
Chinese (zh)
Inventor
许昌华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Zhangmen Science and Technology Co Ltd
Original Assignee
Shanghai Zhangmen Science and Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Zhangmen Science and Technology Co Ltd filed Critical Shanghai Zhangmen Science and Technology Co Ltd
Priority to CN201710305771.5A priority Critical patent/CN107979845A/en
Priority to PCT/CN2017/119834 priority patent/WO2018201745A1/en
Publication of CN107979845A publication Critical patent/CN107979845A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • H04W12/082Access security using revocation of authorisation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/08Access restriction or access information delivery, e.g. discovery data delivery
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/16Discovering, processing access restriction or access information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/20Selecting an access point

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephone Function (AREA)

Abstract

This application provides a kind of indicating risk scheme of wireless access point, in the program, user equipment can obtain the wireless access point list comprising at least one wireless access point, the identification information on the wireless access point is sent to security service equipment, the security of wireless access point is judged by relevant information of the security service equipment based on big data or wireless access point, and the risk information that will determine that sends back user equipment, user equipment is enabled to determine that there are the wireless access point of security risk in wireless access point list according to risk information, and it is marked, clearly there may be security risk for which wireless access point of prompting user, so that user avoids connecting these wireless access point as far as possible, to reduce, there is a situation where safety problem.

Description

The indicating risk method and apparatus of wireless access point
Technical field
This application involves the indicating risk method and apparatus of information technology field, more particularly to a kind of wireless access point.
Background technology
With WiFi (Wireless-Fidelity, the Wireless Fidelity) continuous developments of technology and the popularization of intelligent terminal, with And more and more users access network by way of the wireless access point that terminal device is accessed in WLAN, just occur It is stored with the webserver of the access information such as wireless access point and its corresponding password.User will can will need what is shared Wireless access point and its corresponding password are uploaded in the webserver so that other users can be by depositing on the webserver The access information such as the wireless access point of storage and its corresponding password, it is more convenient, rapidly access wireless network.
With the increase for the wireless access point quantity shared, also someone will be pacified for some wireless access point shared Full attack, or directly share unsafe wireless access point so that normal users are to connect these using user equipment wireless After access point, the leakage of the information such as account number cipher, personal information there are security risk, can be caused.Since current industry does not have The scheme to solve the above problems so that user, may be unsafe because of being connected in the wireless access point that access is shared Wireless access point and produce security risk.
Apply for content
The purpose of the application is to provide a kind of indicating risk method and apparatus of wireless access point.
To achieve the above object, this application provides a kind of indicating risk method of wireless access point, this method to include:
Obtain the wireless access point list for including at least one wireless access point;
The identification information on the wireless access point is sent to security service equipment, and obtains the security service equipment The risk information on the wireless access point returned;
According to the risk information, to there are the progress of the wireless access point of security risk in the wireless access point list Mark;
Further, this method further includes:
Wireless access point list after display mark.
Further, the identification information to the transmission of security service equipment on the wireless access point, including:
The wireless access point list is sent to security server, so that the security service equipment is by the wireless access The identification information of the wireless access point is extracted in point list;Or
By extracting the identification information of the wireless access point in the wireless access point list, sent to security server The identification information of the wireless access point.
Further, the risk information includes safety scoring;
According to the risk information, to there are the progress of the wireless access point of security risk in the wireless access point list Mark, including:
According to the safety scoring and the comparative result of preset value, the wireless access point there are security risk is determined;
The wireless access point there are security risk is marked in the wireless access point list.
Further, this method further includes:
Connect the wireless access point in the wireless access point list;
If the wireless access point currently connected is the wireless access point there are security risk, according to the wireless access point Risk classifications corresponding to risk information, display and the matched information warning of the risk classifications.
Further, this method further includes:
Connect the wireless access point in the wireless access point list;
When entering risk interaction scenarios, detect whether the wireless access point currently connected is that there are the wireless of security risk Access point;
If testing result is yes, the automatic connection disconnected with the wireless access point or display information warning.
In addition, present invention also provides a kind of indicating risk method of wireless access point, this method includes:
When having connected any wireless access point, send to security service equipment and believe on the identification of the wireless access point Breath, and obtain the risk information on the wireless access point that the security service equipment returns;
The wireless access point is being determined there are during security risk based on the risk information, according to the wireless access point Risk information corresponding to risk classifications, display with the matched information warning of the risk classifications.
Further, the information warning includes one kind or more in alert flag, risk classifications prompting and processing prompting Kind.
Further, information warning is shown, including:
Information warning is shown by way of pop-up window.
Another aspect based on the application, additionally provides a kind of indicating risk equipment of wireless access point, which includes:
Processing unit, for obtaining the wireless access point list for including at least one wireless access point, and according to risk Information, is marked the wireless access point there are security risk in the wireless access point list;
Transmitting device, for sending the identification information on the wireless access point to security service equipment, and obtains institute State the risk information on the wireless access point of security service equipment return.
Further, which further includes:
Display device, for showing the wireless access point list after marking.
Further, the transmitting device is used to send the wireless access point list to security server, so that described Security service equipment is by extracting the identification information of the wireless access point in the wireless access point list;Or to safety clothes The identification information for the device transmission wireless access point of being engaged in, wherein, the identification information is wirelessly connect by the processing unit from described Enter in point list and extract.
Further, the risk information includes safety scoring;
The processing unit, for according to the safety scoring and the comparative result of preset value, determining that there are security risk Wireless access point;And the wireless access point there are security risk is marked in the wireless access point list.
Further, which further includes:
Attachment device, for connecting the wireless access point in the wireless access point list;
The display device, it is the wireless access point there are security risk to be additionally operable in the wireless access point currently connected When, according to the risk classifications corresponding to the risk information of the wireless access point, display and the matched warning of the risk classifications Information.
Further, which further includes:
Attachment device, for connecting the wireless access point in the wireless access point list;
The processing unit, is additionally operable to when entering risk interaction scenarios, whether the wireless access point that detection currently connects For there are the wireless access point of security risk;
The display device, is additionally operable in testing result as when being, the automatic connection disconnected with the wireless access point or Show information warning.
In addition, present invention also provides a kind of indicating risk equipment of wireless access point, which includes:
Transmitting device, when having connected any wireless access point, sends on the wireless access to security service equipment The identification information of point, and obtain the risk information on the wireless access point that the security service equipment returns;
Processing unit, for judging that the wireless access point whether there is security risk based on the risk information;
Display device, for determining the wireless access point there are during security risk based on the risk information, according to Risk classifications corresponding to the risk information of the wireless access point, display and the matched information warning of the risk classifications.
Further, the information warning includes one kind or more in alert flag, risk classifications prompting and processing prompting Kind.
Further, the display device, for showing information warning by way of pop-up window.
In addition, present invention also provides a kind of indicating risk equipment of wireless access point, which is included based on storing The memory of calculation machine programmed instruction and the processor for execute program instructions, wherein, when the computer program instructions are by this When managing device execution, the method any one of equipment perform claim requirement 1 to 7 is triggered.
Compared with prior art, in the scheme that the application provides, user equipment can be obtained wirelessly to be connect comprising at least one The wireless access point list of access point, sends the identification information on the wireless access point, by safety clothes to security service equipment Business relevant information of the equipment based on big data or wireless access point judges the security of wireless access point, and will determine that Obtained risk information sends back user equipment so that user equipment can determine in wireless access point list according to risk information There are the wireless access point of security risk, and it is marked, clearly there may be peace for which wireless access point of prompting user Full blast danger so that user avoids connecting these wireless access point as far as possible, and there is a situation where safety problem to reduce.
Brief description of the drawings
By reading the detailed description made to non-limiting example made with reference to the following drawings, the application's is other Feature, objects and advantages will become more apparent upon:
Fig. 1 be the application scheme when realizing the indicating risk of wireless access point, user equipment and security service equipment Between interaction schematic diagram;
Fig. 2 is the interaction process flow between user equipment and security service equipment in the embodiment of the present application;
Fig. 3 is the schematic diagram of the wireless access point list after being marked in the embodiment of the present application;
Fig. 4 is a kind of schematic diagram of information warning in the embodiment of the present application;
Fig. 5 is the schematic diagram of another information warning in the embodiment of the present application;
Fig. 6 is a kind of structure diagram of user equipment provided by the embodiments of the present application;
Fig. 7 is the structure diagram of another user equipment provided by the embodiments of the present application;
The same or similar reference numeral represents the same or similar component in attached drawing.
Embodiment
The application is described in further detail below in conjunction with the accompanying drawings.
In one typical configuration of the application, terminal, the equipment of service network include one or more processors (CPU), input/output interface, network interface and memory.
Memory may include computer-readable medium in volatile memory, random access memory (RAM) and/or The forms such as Nonvolatile memory, such as read-only storage (ROM) or flash memory (flash RAM).Memory is computer-readable medium Example.
Computer-readable medium includes permanent and non-permanent, removable and non-removable media, can be by any side Method or technology realize that information stores.Information can be computer-readable instruction, data structure, the module of program or other numbers According to.The example of the storage medium of computer includes, but are not limited to phase transition internal memory (PRAM), static RAM (SRAM), dynamic random access memory (DRAM), other kinds of random access memory (RAM), read-only storage (ROM), electrically erasable programmable read-only memory (EEPROM), fast flash memory bank or other memory techniques, read-only optical disc (CD- ROM), digital versatile disc (DVD) or other optical storages, magnetic cassette tape, magnetic disk storage or other magnetic storages Equipment or any other non-transmission medium, the information that can be accessed by a computing device available for storage.
Fig. 1 shown when realizing the indicating risk of wireless access point, the friendship between user equipment and security service equipment Mutual schematic diagram.User equipment 100 refers to that what user used is used to connect the terminal device of wireless access point, it is implemented can be with It is the equipment that mobile phone, laptop, tablet computer, PDA, personal computer etc. can realize wireless access point linkage function. Security service equipment 200 can be based on big data either the relevant information of big data or wireless access point to wireless access point The network side equipment that is judged of security, its specific implementation can be single network server, multiple webserver groups Into cluster or set of computers based on cloud computing etc..Here, cloud is by based on a large amount of of cloud computing (Cloud Computing) Host or the webserver are formed, wherein, cloud computing is one kind of Distributed Calculation, by the computer collection group of a group loose couplings Into a virtual machine.
In one embodiment of the application, function that user equipment can be realized is included in user and checks what can be connected During wireless access point, the wireless access point there are security risk can be marked, stamp safety label, to prompt user can Security risk existing for energy.When stating function in realization, specific interaction process stream between user equipment and security service equipment Journey is as shown in Fig. 2, including following processing step:
Step S201, user equipment 100 obtain the wireless access point list for including at least one wireless access point.User sets It is standby to detect the signal of neighbouring wireless access point, so as to get the relevant information on these wireless access point, formed One wireless access point list.
Step S202, user equipment 100 send the identification letter on the wireless access point to security service equipment 200 Breath.Wherein, the identification information of the wireless access point refers to can be used in the information for identifying specific wireless access point, such as can Be user equipment scans to wireless access point list (wireless access included can determine by the information included in list Point) or the identification information of wireless access point that is extracted from the wireless access point list, such as wireless access point SSID (Service Set Identifier, service set)+BSSID (Basic Service Set ID, i.e. MAC Address) Etc. information.
Thus, user equipment sends identification information and includes at least following two situations:Directly institute is sent to security server Wireless access point list is stated, so that the security service equipment in the wireless access point list by extracting the wireless access The identification information of point;Or by extracting the identification information of the wireless access point, Ran Houxiang in the wireless access point list Security server sends the identification information of the wireless access point.
Step S203, after security service equipment 200 receives identification information, if what is received is wireless access point range Table, then parse the wireless access point list, extracts progress security and judges required information.The reality of one of which The mode of applying is:Security service equipment extracts the identification information of the wireless access point from the wireless access point list.If What is received is the identification information of SSID+BSSID, then can directly carry out the judgement of security accordingly.
At this time, security service equipment carries out wireless access point security judge can the mode based on big data, this Kind mode judges its security based on the historical data of the wireless access point, such as wireless access point AP 1, there is number More user equipment is measured after connection by arp (Address Resolution Protocol, address resolution protocol) Attack, then the security service equipment can combine the judgement that the historical data carries out security, determine the risk information of AP1.Safety After service equipment determines the risk information of wireless access point, corresponding user equipment can be returned to,
Step S204, user equipment 100 obtain the wind on the wireless access point that the security service equipment returns Dangerous information.Risk information is intended to indicate that wireless access point whether there is the information of security risk, in the implementation of the application In example, risk information can include safety scoring, and security service equipment can be according to the historical data of wireless access point, according to default Algorithm calculate generation wireless access point safety scoring so that user equipment can according to safety score concrete numerical value determine The security of wireless access point.
In addition, the information on risk classifications can also be included in risk information so that user equipment is receiving risk letter During breath, risk classifications existing for wireless access point can be shown to user at the same time.Such as risk classifications are including but not limited to as follows It is several:Arp attacks, network monitoring attack, webpage tamper risk, counterfeit public WiFi, fishing WiFi etc..
ARP attacks are exactly to realize that ARP is cheated by forging IP address and MAC Address, can be produced in a network substantial amounts of The ARP traffics make network congestion, as long as the continual arp response bag for sending forgery of attacker is with regard to that can change destination host IP-MAC entries in arp cache, cause network interruption or man-in-the-middle attack.
Network monitoring attack is one kind of man-in-the-middle attack, realizes certificate if cheating nothing but with regard to two kinds of sides if desired Formula, because network monitoring exchange process is plaintext, attacker controls this step all right, allows user to download to the card of vacation Book.Also one kind is exactly to control DNS, allows DNS to be oriented to incorrect website, so that incorrect certificate is downloaded, then because attacking The person of hitting knows the key on oneself server, it is possible to easily eavesdrops very much these data.
The webpage that webpage tamper risk refers to user to enter originally intercepts other Website pages, such as all kinds of fishings Fishnet station, generally distorts the browser of user by forms such as browser plug-ins, the browser of user is configured not just Often, business website is directed to by force.Common phenomenon is changed into nameless website, often baffled for homepage and internet hunt page Pop-up advertisement webpage inputs normal station address and is but connected to other websites.
Counterfeit public WiFi refer to unsafe wireless access point disguise oneself as public WiFi (such as telecommunications, movement etc. operation The public wireless access point that business provides).The public WiFi in regular place will not generally damage personal information, and if Counterfeit WiFi signal, can give mobile phone, notes than implantation wooden horse, Virus, long-term hazards personal daily information or privacy Etc. information security.
The WiFi that goes fishing is a false wireless access point, when your wireless device connection is got on, is understood by counter-scanning, if At this moment what website your mobile phone, which is just connected on, has carried out data communication, and has been related to the data such as account number cipher, and other side is just Your these information can be obtained.
Step S205, user equipment 100 is according to the risk information, to there is safety in the wireless access point list The wireless access point of risk is marked.When sharing information includes safety scoring, can be scored according to the safety and default The comparative result of value, determines the wireless access point there are security risk, then pacifies in the wireless access point list to existing The wireless access point of full blast danger is marked.For example, the preset value can be set as 73 points, i.e. user equipment can comment safety The wireless access point less than 73 points is divided to be determined to have security risk.
There are security risk wireless access point be marked refer in wireless access point list predeterminated position increase Corresponding label so that finally be presented to and the label is included in the wireless access point list of user, so as to directly prompt user can Security risk existing for energy.Wake up for example, being added in wireless access point list at the SSID display locations of a certain wireless access point Purpose " risk " label, such as the wireless access point " TP-link_F2A123 " in Fig. 3.
After being marked, user equipment 100 can continue to execute step S206, show the wireless access point after mark List.
Further, user equipment 100 is after the wireless access point list after showing mark to user, if according to user Operation be connected to wireless access point in the wireless access point list, then can exist in the wireless access point currently connected During the wireless access point of security risk, according to the risk classifications corresponding to the risk information of the wireless access point, display and institute State the matched information warning of risk classifications.
For example, user is in certain circumstances, it is necessary to connects in list that there are the wireless access point of security risk When, user equipment can be in connection after wireless access point, can be based on receiving before on the wireless access point Risk information, judges whether the wireless access point that currently connects is wireless access point there are security risk, if it has, then display Information warning.
Here, information warning can include but is not limited to one kind in alert flag, risk classifications prompting and processing prompting It is or a variety of.Such as alert flag can be all kinds of awake purpose mark or display effect, such as change the color of linkage interface, make Its is shown in red, other dynamic effects of increase etc..Risk classifications prompting refers to the type progress to foregoing several security risks The information of prompting, such as the current risk classifications of prompting user are arp attacks, network monitoring attack, webpage tamper risk, counterfeit Public WiFi, fishing WiFi etc..Processing prompting refers to how suggestion or prompting user carry out subsequent operation at this time, such as prompts User's " it is recommended that disconnection ", " click disconnects " etc..Fig. 4 shows a kind of concrete form for showing information warning.
In actual scene, different types of risk extent of injury caused by user is also different, for different Risk classifications, can be with the information warning of showed different, intuitively to inform wireless access point of the user there are security risk Degree of risk.For example, using different colors as information warning when, to distinguish different degrees of risk, if degree of danger It is higher, then use red to be used as information warning, if degree of danger is relatively low, information warning is used as using yellow.
Whether it is that there are security risk in the wireless access point for judging currently to connect in one embodiment of the application During wireless access point, secure cloud can also be based on and known otherwise.Such a mode determines risk different from foregoing based on big data The mode of information, with big data difference lies in:Big data is the historical data based on wireless access point, and secure cloud identification Mode is the real time data interacted between relevant information and user equipment and wireless access point based on wireless access point.
Such as the relevant information of the wireless access point of connection can be sent to security service equipment, such as DNS by user (Domain Name System) information, IP address, subnet mask (subnet mask) etc., if security service equipment can be true DNS information before settled is unsafe dns server, it may be considered that wireless access point is kidnapped by DNS, there are safety wind Danger.In addition, the daily record interacted between wireless access point can be sent to security service equipment by user equipment, security service is set Whether the standby data that can be judged to interact between user equipment and wireless access point according to daily record are normal, can be with if abnormal Think there are security risk, result is returned into user equipment so that user equipment is completed to judge.
In addition, after wireless access point of the user equipment in the connection wireless access point list, if being handed over into risk Mutual scene, then can detect whether the wireless access point that currently connects is wireless access point there are security risk, if detection knot Fruit is yes, the automatic connection disconnected with the wireless access point or display information warning.
The risk interaction scenarios refer to that needs carry out the scene of information exchange in safer environment, such as are related to Pay, the scene that account number logs in, if leakage of information may cause greater loss to user.Under these risk interaction scenarios, User equipment automatically can be detected the wireless access point currently connected, and specific detection mode can be based on security service equipment The risk information that is obtained according to big data is known otherwise based on secure cloud., may due in these risk interaction scenarios It can cause any property loss to user, cause serious consequence, therefore user equipment exists in the wireless access point for determining currently to connect During security risk, the connection with the wireless access point can be disconnected automatically, avoid carrying out with the wireless access point further Data interaction, prevents the leakage of account number, password.In addition it is also possible to information warning is only shown, with the wind for prompting user there is currently Whether danger, need to disconnect.
In this scene, other situations can be also included in the criterion there are security risk, for example, user Equipment is the current wireless access point of First Contact Connections, which can be determined as strange WiFi by security service equipment, It is considered as a kind of there is a situation where security risk;Also such as, some wireless access point that login password is not required, security service are set It is standby to can determine whether as open WiFi, it is considered as a kind of there is a situation where security risk etc..Security service equipment is by testing result It is sent to user equipment so that user equipment is according to testing result, the automatic connection or display disconnected with the wireless access point Information warning.
The particular content of information warning equally can include but is not limited to alert flag, risk classifications prompting and processing prompting In one or more, details are not described herein again.In addition, the display mode of information warning can be real by way of pop-up window It is existing, as shown in Figure 5.
The embodiment of the present application additionally provides the indicating risk method of another wireless access point, and this method is connecting When connecting a wireless access point, risk supervision is carried out to the wireless access point that currently connects, and there are prompted during risk User.The processing step of this method is as follows, first when having connected any wireless access point, to security service equipment send on The identification information of the wireless access point, and obtain the risk on the wireless access point that the security service equipment returns Information.If for example, user equipment judge currently be connected to a wireless access point AP 1, can be by the identification information of AP1 (such as SSID+BSSID security service equipment) is uploaded to, risk analysis is carried out to AP1 by security service equipment, determines its corresponding wind Dangerous information simultaneously returns to user equipment so that user equipment can wirelessly connect according to the risk information got to what is currently connected Access point is judged with the presence or absence of security risk.
The wireless access point is being determined there are during security risk based on the risk information, according to the wireless access point Risk information corresponding to risk classifications, display with the matched information warning of the risk classifications.With in foregoing scene, showing The mode of information warning is similar, can be endangered according to caused by different risk classifications are possible, can be with the police of showed different Show information, intuitively to inform degree of risk of the user there are the wireless access point of security risk.
Based on same inventive concept, the indicating risk equipment of wireless access point is additionally provided in the embodiment of the present application, this sets Standby corresponding method is the indicating risk method of wireless access point in previous embodiment, and its principle for solving the problems, such as and the party Method is similar.
Fig. 6 shows a kind of indicating risk equipment of wireless access point provided by the embodiments of the present application, including processing unit 610th, transmitting device 620 and display device 630.The user that the indicating risk equipment is used to connect wireless access point for user sets It is standby, it is possible to achieve function when being included in user and checking the wireless access point that can be connected, can be to there are the nothing of security risk Line access point is marked, and stamps safety label, to prompt user's security risk that may be present.When stating function in realization, Specific interaction process flow is as shown in Fig. 2, including following processing step between user equipment and security service equipment:
Step S201, the processing unit 610 of user equipment obtain the wireless access point for including at least one wireless access point List.User equipment can detect the signal of neighbouring wireless access point, so as to get the phase on these wireless access point Information is closed, forms a wireless access point list.
Step S202, the transmitting device 620 of user equipment are sent on the wireless access point to security service equipment Identification information.Wherein, the identification information of the wireless access point refers to can be used in the information for identifying specific wireless access point, Such as can be user equipment scans to wireless access point list (nothing included can determine by the information included in list Line access point) or the identification information of wireless access point that is extracted from the wireless access point list, such as wirelessly connect Access point SSID (Service Set Identifier, service set)+BSSID (Basic Service Set ID, i.e., MAC Address) etc. information.
Thus, the transmitting device 620 of user equipment sends identification information and includes at least following two situations:Transmitting device 620 directly send the wireless access point list to security server, so that the security service equipment is by the wireless access The identification information of the wireless access point is extracted in point list;Or transmitting device 620 sends the nothing to security server The identification information of line access point, wherein, the identification information is extracted by the processing unit from the wireless access point list.
Step S203, after security service equipment receives identification information, if what is received is wireless access point list, The wireless access point list is parsed, progress security is extracted and judges required information.The embodiment party of one of which Formula is:Security service equipment extracts the identification information of the wireless access point from the wireless access point list.If receive To be SSID+BSSID identification information, then can directly carry out the judgement of security accordingly.
At this time, security service equipment carries out wireless access point security judge can the mode based on big data, this Kind mode judges its security based on the historical data of the wireless access point, such as wireless access point AP 1, there is number More user equipment is measured after connection by arp (Address Resolution Protocol, address resolution protocol) Attack, then the security service equipment can combine the judgement that the historical data carries out security, determine the risk information of AP1.Safety After service equipment determines the risk information of wireless access point, corresponding user equipment can be returned to,
Step S204, the transmitting device 620 of user equipment obtain that the security service equipment returns on described wireless The risk information of access point.Risk information is intended to indicate that wireless access point whether there is the information of security risk, in the application One embodiment in, risk information can include safety scoring, security service equipment can be according to the history number of wireless access point According to the safety that generation wireless access point is calculated according to default algorithm scores so that what user equipment can score according to safety Concrete numerical value determines the security of wireless access point.
In addition, the information on risk classifications can also be included in risk information so that user equipment is receiving risk letter During breath, risk classifications existing for wireless access point can be shown to user at the same time.Such as risk classifications are including but not limited to as follows It is several:Arp attacks, network monitoring attack, webpage tamper risk, counterfeit public WiFi, fishing WiFi etc..
ARP attacks are exactly to realize that ARP is cheated by forging IP address and MAC Address, can be produced in a network substantial amounts of The ARP traffics make network congestion, as long as the continual arp response bag for sending forgery of attacker is with regard to that can change destination host IP-MAC entries in arp cache, cause network interruption or man-in-the-middle attack.
Network monitoring attack is one kind of man-in-the-middle attack, realizes certificate if cheating nothing but with regard to two kinds of sides if desired Formula, because network monitoring exchange process is plaintext, attacker controls this step all right, allows user to download to the card of vacation Book.Also one kind is exactly to control DNS, allows DNS to be oriented to incorrect website, so that incorrect certificate is downloaded, then because attacking The person of hitting knows the key on oneself server, it is possible to easily eavesdrops very much these data.
The webpage that webpage tamper risk refers to user to enter originally intercepts other Website pages, such as all kinds of fishings Fishnet station, generally distorts the browser of user by forms such as browser plug-ins, the browser of user is configured not just Often, business website is directed to by force.Common phenomenon is changed into nameless website, often baffled for homepage and internet hunt page Pop-up advertisement webpage inputs normal station address and is but connected to other websites.
Counterfeit public WiFi refer to unsafe wireless access point disguise oneself as public WiFi (such as telecommunications, movement etc. operation The public wireless access point that business provides).The public WiFi in regular place will not generally damage personal information, and if Counterfeit WiFi signal, can give mobile phone, notes than implantation wooden horse, Virus, long-term hazards personal daily information or privacy Etc. information security.
The WiFi that goes fishing is a false wireless access point, when your wireless device connection is got on, is understood by counter-scanning, if At this moment what website your mobile phone, which is just connected on, has carried out data communication, and has been related to the data such as account number cipher, and other side is just Your these information can be obtained.
Step S205, the processing unit 610 of user equipment is according to the risk information, in the wireless access point list Wireless access point there are security risk is marked.When sharing information includes safety scoring, processing unit 610 can root According to the safety scoring and the comparative result of preset value, the wireless access point there are security risk is determined, then described wireless The wireless access point there are security risk is marked in access point list.For example, the preset value can be set as 73 points, I.e. the wireless access point that safety scores less than 73 points can be determined to have security risk by user equipment.
There are security risk wireless access point be marked refer in wireless access point list predeterminated position increase Corresponding label so that finally be presented to and the label is included in the wireless access point list of user, so as to directly prompt user can Security risk existing for energy.Wake up for example, being added in wireless access point list at the SSID display locations of a certain wireless access point Purpose " risk " label, such as the wireless access point " TP-link_F2A123 " in Fig. 3.
After being marked, user equipment 100 can continue to execute step S206, and mark is shown by display device 630 Wireless access point list afterwards.
Further, user equipment further includes attachment device, is connected for being established with wireless access point.User equipment is shown Showing device is after the wireless access point list after showing mark to user, if attachment device is connected to institute according to the operation of user The wireless access point in wireless access point list is stated, then display device can be in the wireless access point currently connected for there are safety wind During the wireless access point of danger, according to the risk classifications corresponding to the risk information of the wireless access point, display and the risk The information warning of type matching.
For example, user is in certain circumstances, it is necessary to connects in list that there are the wireless access point of security risk When, user equipment can be in connection after wireless access point, and processing unit can be wireless on this based on receiving before The risk information of access point, judges whether the wireless access point that currently connects is wireless access point there are security risk, if It is that then display device shows information warning.
Here, information warning can include but is not limited to one kind in alert flag, risk classifications prompting and processing prompting It is or a variety of.Such as alert flag can be all kinds of awake purpose mark or display effect, such as change the color of linkage interface, make Its is shown in red, other dynamic effects of increase etc..Risk classifications prompting refers to the type progress to foregoing several security risks The information of prompting, such as the current risk classifications of prompting user are arp attacks, network monitoring attack, webpage tamper risk, counterfeit Public WiFi, fishing WiFi etc..Processing prompting refers to how suggestion or prompting user carry out subsequent operation at this time, such as prompts User's " it is recommended that disconnection ", " click disconnects " etc..Fig. 4 shows a kind of concrete form for showing information warning.
In actual scene, different types of risk extent of injury caused by user is also different, for different Risk classifications, can be with the information warning of showed different, intuitively to inform wireless access point of the user there are security risk Degree of risk.For example, using different colors as information warning when, to distinguish different degrees of risk, if degree of danger It is higher, then use red to be used as information warning, if degree of danger is relatively low, information warning is used as using yellow.
In one embodiment of the application, whether user equipment is that there are peace in the wireless access point for judging currently to connect During the wireless access point of full blast danger, secure cloud can also be based on and known otherwise.Such a mode is based on big data different from foregoing Determine the mode of risk information, with big data difference lies in:Big data is the historical data based on wireless access point, and safety Cloud know be otherwise interacted between relevant information and user equipment and wireless access point based on wireless access point it is real-time Data.
Such as the relevant information of the wireless access point of connection can be sent to security service by transmitting device and set by user It is standby, such as DNS (Domain Name System) information, IP address, subnet mask (subnet mask), if security service is set It is standby to determine that current DNS information is unsafe dns server, it may be considered that wireless access point is kidnapped by DNS, deposit In security risk.In addition, the daily record interacted between wireless access point can be sent to peace by user equipment by transmitting device Full service equipment, security service equipment can judge whether is the data that are interacted between user equipment and wireless access point according to daily record Normally, it is if abnormal, it may be considered that there are security risk, result is returned into user equipment so that user equipment is completed to judge.
In addition, after wireless access point of the attachment device of user equipment in the connection wireless access point list, if Processing unit judgement has been currently entering risk interaction scenarios, then can detect whether the wireless access point currently connected is that there are safety The wireless access point of risk, if testing result is yes, disconnects the connection with the wireless access point or passes through display dress automatically Put display information warning.
The risk interaction scenarios refer to that needs carry out the scene of information exchange in safer environment, such as are related to Pay, the scene that account number logs in, if leakage of information may cause greater loss to user.Under these risk interaction scenarios, User equipment automatically can be detected the wireless access point currently connected, and specific detection mode can be based on security service equipment The risk information that is obtained according to big data is known otherwise based on secure cloud., may due in these risk interaction scenarios It can cause any property loss to user, cause serious consequence, therefore user equipment exists in the wireless access point for determining currently to connect During security risk, the connection with the wireless access point can be disconnected automatically, avoid carrying out with the wireless access point further Data interaction, prevents the leakage of account number, password.In addition it is also possible to information warning is only shown, with the wind for prompting user there is currently Whether danger, need to disconnect.
In this scene, other situations can be also included in the criterion there are security risk, for example, user Equipment is the current wireless access point of First Contact Connections, which can be determined as strange WiFi by security service equipment, It is considered as a kind of there is a situation where security risk;Also such as, some wireless access point that login password is not required, security service are set It is standby to can determine whether as open WiFi, it is considered as a kind of there is a situation where security risk etc..Security service equipment is by testing result It is sent to user equipment so that user equipment is according to testing result, the automatic connection or display disconnected with the wireless access point Information warning.
The particular content of information warning equally can include but is not limited to alert flag, risk classifications prompting and processing prompting In one or more, details are not described herein again.And the display mode of information warning can be realized by way of pop-up window, such as Shown in Fig. 5.
The embodiment of the present application additionally provides the indicating risk equipment of another wireless access point, which can connect When connecting a wireless access point, risk supervision is carried out to the wireless access point that currently connects, and there are prompted during risk User.When stating processing in realization, the transmitting device of the equipment can be when having connected any wireless access point, to security service Equipment sends identification information on the wireless access point, and obtain that the security service equipment returns on described wireless The risk information of access point.If for example, user equipment judge currently be connected to a wireless access point AP 1, can be by AP1 Identification information (such as SSID+BSSID) is uploaded to security service equipment, carries out risk analysis to AP1 by security service equipment, determines Its corresponding risk information simultaneously returns to user equipment so that user equipment can be according to the risk information got to currently connecting The wireless access point connect is judged with the presence or absence of security risk.
The processing unit of the equipment can judge that the wireless access point whether there is safety wind based on the risk information Danger.And display device then based on the risk information can determine the wireless access point in processing unit that there are security risk When, according to the risk classifications corresponding to the risk information of the wireless access point, display and the matched warning of the risk classifications Information.With in foregoing scene, showing that the mode of information warning is similar, can endanger according to caused by different risk classifications are possible Evil, can be with the information warning of showed different, intuitively to inform risk of the user there are the wireless access point of security risk Degree.
In addition, the part of the application can be applied to computer program product, such as computer program instructions, when its quilt When computer performs, by the operation of the computer, it can call or provide according to the present processes and/or technical solution. And the programmed instruction of the present processes is called, it is possibly stored in fixed or moveable recording medium, and/or pass through Broadcast or the data flow in other signal bearing medias and be transmitted, and/or be stored according to programmed instruction run calculating In the working storage of machine equipment.Here, a wireless access point as shown in Figure 7 is included according to one embodiment of the application Indicating risk equipment, the equipment include be used for store the memory 710 of computer program instructions and for execute program instructions Processor 720, wherein, when the computer program instructions are performed by the processor, trigger the equipment and perform based on foregoing more Methods and/or techniques scheme in a embodiment.
In conclusion in the scheme that the application provides, user equipment can be obtained comprising at least one wireless access point Wireless access point list, sends the identification information on the wireless access point, by security service equipment to security service equipment Relevant information based on big data or wireless access point judges the security of wireless access point, and will determine that Risk information sends back user equipment so that user equipment can determine there is peace in wireless access point list according to risk information The wireless access point of full blast danger, and be marked, then show the wireless access point list after mark, clearly prompt user There may be security risk for which wireless access point so that user avoids connecting these wireless access point as far as possible, is occurred with reducing The situation of safety problem.
It should be noted that the application can be carried out in the assembly of software and/or software and hardware, for example, can adopt With application-specific integrated circuit (ASIC), general purpose computer or any other realized similar to hardware device.In one embodiment In, the software program of the application can be performed by processor to realize above step or function.Similarly, the software of the application Program (including relevant data structure) can be stored in computer readable recording medium storing program for performing, for example, RAM memory, magnetic or CD-ROM driver or floppy disc and similar devices.In addition, some steps or function of the application can employ hardware to realize, for example, As coordinating with processor so as to performing the circuit of each step or function.
It is obvious to a person skilled in the art that the application is not limited to the details of above-mentioned one exemplary embodiment, Er Qie In the case of without departing substantially from spirit herein or essential characteristic, the application can be realized in other specific forms.Therefore, no matter From the point of view of which point, the present embodiments are to be considered as illustrative and not restrictive, and scope of the present application is by appended power Profit requires rather than described above limits, it is intended that all in the implication and scope of the equivalency of claim by falling Change is included in the application.Any reference numeral in claim should not be considered as to the involved claim of limitation.This Outside, it is clear that one word of " comprising " is not excluded for other units or step, and odd number is not excluded for plural number.That is stated in device claim is multiple Unit or device can also be realized by a unit or device by software or hardware.The first, the second grade word is used for table Show title, and be not offered as any specific order.

Claims (19)

1. a kind of indicating risk method of wireless access point, wherein, this method includes:
Obtain the wireless access point list for including at least one wireless access point;
The identification information on the wireless access point is sent to security service equipment, and obtains the security service equipment and returns The risk information on the wireless access point;
According to the risk information, to there are the wireless access point of security risk into rower in the wireless access point list Note.
2. according to the method described in claim 1, wherein, this method further includes:
Wireless access point list after display mark.
3. according to the method described in claim 1, wherein, the identification on the wireless access point is sent to security service equipment Information, including:
The wireless access point list is sent to security server, so that the security service equipment is by the wireless access point range The identification information of the wireless access point is extracted in table;Or
By extracting the identification information of the wireless access point in the wireless access point list, to described in security server transmission The identification information of wireless access point.
4. according to the method described in claim 1, wherein, the risk information includes safety and scores;
According to the risk information, to there are the wireless access point of security risk into rower in the wireless access point list Note, including:
According to the safety scoring and the comparative result of preset value, the wireless access point there are security risk is determined;
The wireless access point there are security risk is marked in the wireless access point list.
5. method according to any one of claim 1 to 4, wherein, this method further includes:
Connect the wireless access point in the wireless access point list;
If the wireless access point currently connected is the wireless access point there are security risk, according to the risk of the wireless access point Risk classifications corresponding to information, display and the matched information warning of the risk classifications.
6. method according to any one of claim 1 to 4, wherein, this method further includes:
Connect the wireless access point in the wireless access point list;
When entering risk interaction scenarios, detect whether the wireless access point that currently connects is wireless access there are security risk Point;
If testing result is yes, the automatic connection disconnected with the wireless access point or display information warning.
7. a kind of indicating risk method of wireless access point, wherein, this method includes:
When having connected any wireless access point, the identification information on the wireless access point is sent to security service equipment, And obtain the risk information on the wireless access point that the security service equipment returns;
The wireless access point is being determined there are during security risk based on the risk information, according to the wind of the wireless access point Risk classifications corresponding to dangerous information, display and the matched information warning of the risk classifications.
8. method according to any one of claims 5 to 7, wherein, the information warning includes alert flag, risk class The one or more in prompting are prompted and handled to type.
9. method according to any one of claims 5 to 7, wherein, show information warning, including:
Information warning is shown by way of pop-up window.
10. a kind of indicating risk equipment of wireless access point, wherein, which includes:
Processing unit, the wireless access point list of at least one wireless access point is included for obtaining, and according to risk information, The wireless access point there are security risk is marked in the wireless access point list;
Transmitting device, for sending the identification information on the wireless access point to security service equipment, and obtains the peace The risk information on the wireless access point that full service equipment returns.
11. equipment according to claim 10, wherein, which further includes:
Display device, for showing the wireless access point list after marking.
12. equipment according to claim 10, wherein, the transmitting device is used to send to security server described wireless Point list is accessed, so that the security service equipment is by extracting the mark of the wireless access point in the wireless access point list Know information;Or the identification information of the wireless access point is sent to security server, wherein, the identification information is by described Reason device is extracted from the wireless access point list.
13. equipment according to claim 10, wherein, the risk information includes safety and scores;
The processing unit, for according to the safety scoring and the comparative result of preset value, determining the nothing there are security risk Line access point;And the wireless access point there are security risk is marked in the wireless access point list.
14. the equipment according to any one of claim 10 to 13, wherein, which further includes:
Attachment device, for connecting the wireless access point in the wireless access point list;
The display device, is additionally operable to when the wireless access point currently connected is the wireless access point there are security risk, root According to the risk classifications corresponding to the risk information of the wireless access point, display and the matched information warning of the risk classifications.
15. the equipment according to any one of claim 10 to 13, wherein, which further includes:
Attachment device, for connecting the wireless access point in the wireless access point list;
The processing unit, is additionally operable to, when entering risk interaction scenarios, detect whether the wireless access point currently connected is to deposit In the wireless access point of security risk, and when testing result is to be the automatic connection disconnected with the wireless access point or or Person indicates the display device, shows information warning.
16. a kind of indicating risk equipment of wireless access point, wherein, which includes:
Transmitting device, when having connected any wireless access point, sends on the wireless access point to security service equipment Identification information, and obtain the risk information on the wireless access point that the security service equipment returns;
Processing unit, for judging that the wireless access point whether there is security risk based on the risk information;
Display device, for determining the wireless access point there are during security risk based on the risk information, according to described Risk classifications corresponding to the risk information of wireless access point, display and the matched information warning of the risk classifications.
17. the equipment according to any one of claim 14 to 16, wherein, the information warning includes alert flag, wind One or more in dangerous type prompts and processing prompting.
18. the equipment according to any one of claim 14 to 16, wherein, the display device, for passing through pop-out The mode of mouth shows information warning.
19. a kind of indicating risk equipment of wireless access point, which includes being used for the memory for storing computer program instructions With the processor for execute program instructions, wherein, when the computer program instructions are performed by the processor, trigger the equipment Method any one of perform claim requirement 1 to 9.
CN201710305771.5A 2017-05-03 2017-05-03 The indicating risk method and apparatus of wireless access point Pending CN107979845A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201710305771.5A CN107979845A (en) 2017-05-03 2017-05-03 The indicating risk method and apparatus of wireless access point
PCT/CN2017/119834 WO2018201745A1 (en) 2017-05-03 2017-12-29 Risk warning method and device for wireless access point

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710305771.5A CN107979845A (en) 2017-05-03 2017-05-03 The indicating risk method and apparatus of wireless access point

Publications (1)

Publication Number Publication Date
CN107979845A true CN107979845A (en) 2018-05-01

Family

ID=62012178

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710305771.5A Pending CN107979845A (en) 2017-05-03 2017-05-03 The indicating risk method and apparatus of wireless access point

Country Status (2)

Country Link
CN (1) CN107979845A (en)
WO (1) WO2018201745A1 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108632823A (en) * 2018-05-14 2018-10-09 Oppo广东移动通信有限公司 A kind of method for switching network, terminal and computer storage media
CN109714770A (en) * 2019-01-08 2019-05-03 上海连尚网络科技有限公司 Method and apparatus for sending information
CN109890027A (en) * 2019-03-20 2019-06-14 上海连尚网络科技有限公司 For determining the method and apparatus of the security risk information of target wireless access points
CN111148103A (en) * 2018-11-06 2020-05-12 奇酷互联网络科技(深圳)有限公司 Method for detecting safety connectivity of Bluetooth device, mobile terminal and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104463569A (en) * 2014-11-11 2015-03-25 北京奇虎科技有限公司 Secure connection payment method and device
CN106209918A (en) * 2016-09-13 2016-12-07 深圳市金立通信设备有限公司 The method of a kind of internet security management and terminal
CN106302519A (en) * 2016-09-13 2017-01-04 深圳市金立通信设备有限公司 The method of a kind of internet security management and terminal

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103634270B (en) * 2012-08-21 2017-06-16 中国电信股份有限公司 Recognize method, system and the access point authentication server of access point legitimacy
US9432910B2 (en) * 2013-03-11 2016-08-30 Futurewei Technologies, Inc. System and method for WiFi authentication and selection
CN104540135B (en) * 2015-01-12 2019-08-30 努比亚技术有限公司 A kind of wireless network safety access method, device and terminal
CN106714172A (en) * 2015-11-18 2017-05-24 中兴通讯股份有限公司 WIFI hotspot processing method, device and system
CN105682015B (en) * 2016-04-05 2017-10-31 上海连尚网络科技有限公司 A kind of method and apparatus for being used to set up wireless connection
CN107493576B (en) * 2016-06-12 2020-09-18 上海连尚网络科技有限公司 Method and apparatus for determining security information for a wireless access point

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104463569A (en) * 2014-11-11 2015-03-25 北京奇虎科技有限公司 Secure connection payment method and device
CN106209918A (en) * 2016-09-13 2016-12-07 深圳市金立通信设备有限公司 The method of a kind of internet security management and terminal
CN106302519A (en) * 2016-09-13 2017-01-04 深圳市金立通信设备有限公司 The method of a kind of internet security management and terminal

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108632823A (en) * 2018-05-14 2018-10-09 Oppo广东移动通信有限公司 A kind of method for switching network, terminal and computer storage media
CN111148103A (en) * 2018-11-06 2020-05-12 奇酷互联网络科技(深圳)有限公司 Method for detecting safety connectivity of Bluetooth device, mobile terminal and storage medium
CN109714770A (en) * 2019-01-08 2019-05-03 上海连尚网络科技有限公司 Method and apparatus for sending information
CN109890027A (en) * 2019-03-20 2019-06-14 上海连尚网络科技有限公司 For determining the method and apparatus of the security risk information of target wireless access points
CN109890027B (en) * 2019-03-20 2022-04-15 上海连尚网络科技有限公司 Method and apparatus for determining security risk information of target wireless access point

Also Published As

Publication number Publication date
WO2018201745A1 (en) 2018-11-08

Similar Documents

Publication Publication Date Title
US9900346B2 (en) Identification of and countermeasures against forged websites
US8893278B1 (en) Detecting malware communication on an infected computing device
US8813239B2 (en) Online fraud detection dynamic scoring aggregation systems and methods
US8763116B1 (en) Detecting fraudulent activity by analysis of information requests
US9350758B1 (en) Distributed denial of service (DDoS) honeypots
CN103607385B (en) Method and apparatus for security detection based on browser
CN107979845A (en) The indicating risk method and apparatus of wireless access point
WO2015051720A1 (en) Method and device for detecting suspicious dns, and method and system for processing suspicious dns
US8856928B1 (en) Protecting electronic assets using false profiles in social networks
CN105430011B (en) A kind of method and apparatus detecting distributed denial of service attack
CN107800678B (en) Method and device for detecting abnormal registration of terminal
Romanov et al. Detection of fake profiles in social media-Literature review
CN106936791B (en) Method and device for intercepting malicious website access
JP2019528509A (en) System and method for detecting online fraud
CN105119909A (en) Fake website detection method and fake website detection system based on page visual similarity
CN107241292B (en) Vulnerability detection method and device
US11521231B2 (en) Fraud prevention in programmatic advertising
CN109600362A (en) Zombie host recognition methods, identification equipment and medium based on identification model
CN106789858A (en) A kind of access control method and device and server
CN112287198B (en) Junk short message detection method based on crawler technology
CN101741645A (en) Method, device and system for detecting storage-type cross-site scripting attack and attack detector
CN105100024B (en) UDP message bag safety detection method and device
Nirmal et al. Maximizing online security by providing a 3 factor authentication system to counter-attack'Phishing'
CN110351274A (en) A kind of method, server and the system of the tracking of network attack face
CN109660499A (en) It attacks hold-up interception method and device, calculate equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20180501