CN110536324B - WiFi signal data acquisition and processing method and system - Google Patents

WiFi signal data acquisition and processing method and system Download PDF

Info

Publication number
CN110536324B
CN110536324B CN201910845417.0A CN201910845417A CN110536324B CN 110536324 B CN110536324 B CN 110536324B CN 201910845417 A CN201910845417 A CN 201910845417A CN 110536324 B CN110536324 B CN 110536324B
Authority
CN
China
Prior art keywords
data
wifi
packets
packet
protocol
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910845417.0A
Other languages
Chinese (zh)
Other versions
CN110536324A (en
Inventor
赵晋洪
武发鲁
周睿
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shandong Yiwa Information Technology Co ltd
Original Assignee
Shandong Yiwa Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shandong Yiwa Information Technology Co ltd filed Critical Shandong Yiwa Information Technology Co ltd
Priority to CN201910845417.0A priority Critical patent/CN110536324B/en
Publication of CN110536324A publication Critical patent/CN110536324A/en
Application granted granted Critical
Publication of CN110536324B publication Critical patent/CN110536324B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N20/00Machine learning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/06Notations for structuring of protocol data, e.g. abstract syntax notation one [ASN.1]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/22Parsing or analysis of headers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W24/00Supervisory, monitoring or testing arrangements
    • H04W24/02Arrangements for optimising operational condition
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W24/00Supervisory, monitoring or testing arrangements
    • H04W24/08Testing, supervising or monitoring using real traffic
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Medical Informatics (AREA)
  • Evolutionary Computation (AREA)
  • Data Mining & Analysis (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Physics (AREA)
  • Artificial Intelligence (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention provides a method and a system for acquiring and processing WiFi signal data, wherein the method comprises the following steps: s1, monitoring and receiving a protocol packet transmitted by the WiFi signal; s2, arranging the data of each received protocol packet into a data packet, accumulating a certain amount of data packets, packaging and sending the data packets to the WiFi data analysis module; s3, analyzing the WiFi data based on a machine learning algorithm to obtain the name of the WiFi equipment, the type of the equipment and the type of WiFi signal data; s4, generating a detection report, and storing the received data, the analysis result and the detection report into a database correspondingly; and S5, acquiring the detection report from the database and displaying the detection report at the terminal. The system comprises a WiFi data acquisition module, a WiFi data transmission module, a WiFi data analysis module and a WiFi data display module. The method and the system can acquire WiFi data transmitted in the air in a non-contact manner, judge the type and the data type of the WiFi equipment according to the data, realize real-time detection on the WiFi equipment and are beneficial to supervision on the WiFi equipment.

Description

WiFi signal data acquisition and processing method and system
Technical Field
The invention relates to a method and a system for acquiring and analyzing and processing wireless WiFi signals, and belongs to the technical field of wireless WiFi signal detection.
Background
In recent decades, the modern wireless communication field has been developed greatly, and at present, large data transmission in indoor and small-range wireless local area networks is mainly realized by a WiFi communication protocol. The WiFi protocol has the advantages of good confidentiality and high transmission speed, is mainly applied to two frequency bands of 2.4GHz and 5.8GHz at present, a large number of wireless local area network devices can transmit and control through the WiFi protocol, and is suitable for office environments, personal applications and family applications.
The existence of a large number of WiFi devices is also accompanied by a problem: due to the fact that the WiFi equipment is high in encryption, monitoring management of the WiFi equipment is difficult to conduct. Once the data or the personal information in the wireless local area network is leaked, the data or the personal information in the wireless local area network can be leaked, if the data or the personal information is illegally or indirectly connected into the wireless local area network through the WiFi equipment allowed by a user; in addition, some WiFi devices are configured to be wireless hotspots and are easily used for unauthorized data transmission. Due to the fact that WiFi is high in encryption, professional detection software needs to be installed on a hotspot/router or professional equipment needs to be connected to manage and control WiFi signals, otherwise, data transmission conditions of wireless WiFi terminal equipment and various attributes and safety conditions of the equipment are difficult to judge, and the data transmission of the WiFi equipment is more difficult to supervise and detect if the WiFi equipment of the wireless hotspot is established independently.
Disclosure of Invention
The invention provides a WiFi signal data acquisition and processing method and a system thereof, aiming at the problem that the WiFi equipment and WiFi signal are difficult to detect and manage at present, a chip complying with an IEEE802.11 protocol is utilized to directly capture a protocol packet transmitted by an aerial WiFi signal in a monitoring mode, the WiFi data is analyzed according to a machine learning algorithm, the equipment type and the data type corresponding to the WiFi data are confirmed, the real-time detection of the WiFi equipment is realized, a detection report is generated, relevant personnel can conveniently check the information of the WiFi equipment, and then the supervision of the WiFi equipment is realized.
In order to solve the technical problems, the invention adopts the following technical means:
a WiFi signal data acquisition and processing method comprises the following steps:
s1, monitoring WiFi signals in the air according to fixed frequency in a monitoring mode, and receiving protocol packets transmitted by the WiFi signals;
s2, arranging the timestamp of each protocol packet received and the frame header part of the protocol packet into data packets, storing the data packets into a temporary database, and when the number of the data packets of the same WiFi signal in the temporary database reaches a set threshold value, packaging the data packets of the same WiFi signal in the temporary database into a data packet set and sending the data packet set to a WiFi data analysis module;
S3, analyzing the WiFi device name, the device type and the WiFi signal data type corresponding to the WiFi signal according to the data in the data packet set based on a machine learning algorithm;
s4, generating a detection report according to the data packet set and the analysis result of the step S3, and correspondingly storing the data packet set, the analysis result and the detection report into a relational database;
and S5, acquiring the detection report from the relational database and displaying the detection report at the terminal.
Furthermore, the fixed frequency is in a value range of 0.5-10 times/second.
Further, each data packet includes a data packet sequence number, a header portion of the protocol packet, and a timestamp for receiving the protocol packet, where the header portion of the protocol packet includes an SSID, a frame length, a frame status, a duration length, a source MAC address, and a destination MAC address.
Further, the threshold set in step S2 is equal to or greater than 300.
Further, the specific operation of step S3 is as follows:
s31, extracting the SSID of the protocol packet from the data packet set, and analyzing the SSID to obtain the WiFi equipment name corresponding to the WiFi signal;
s32, acquiring a source MAC address of the protocol packet from the data packet set, matching the source MAC address with a registered MAC information registration table registered in an IEEE database, and judging the device type of the WiFi device corresponding to the source MAC address;
And S33, extracting data characteristics from the data packet set, training a model according to a machine learning algorithm and the data characteristics, and judging the data type of the WiFi signal by using the trained model.
Further, the specific operation of step S33 is as follows:
(1) randomly selecting a data packet set, dividing the data packets in the data packet set into N groups, wherein each group of data packets has e data packets in total, namely e protocol packets, extracting the frame length of each protocol packet in each group of data packets, and the frame length set of the ith group of data packets is A i ={a 1i ,a 2i ,...,a ji ,...a ei Where i ═ 1,2 ji For the j protocol packet frame in the i group data packetLength, j 1,2, e, calculating the frame length distribution of the i-th group of data packets according to the cumulative distribution function
Figure BDA0002192562340000021
The specific calculation formula is as follows:
Figure BDA0002192562340000031
wherein A is imax Representing a set of protocol packets A i The length of the frame of the largest frame in the frame,
Figure BDA0002192562340000032
represents A i Middle element is less than or equal to
Figure BDA0002192562340000033
The probability of (d);
(2) the frame length distribution of N groups of data packets is set as
Figure BDA0002192562340000034
And performing KS detection on the frame length distribution set to obtain the frame length distribution stability x, wherein the specific calculation formula is as follows:
Figure BDA0002192562340000035
(3) extracting the frame length of each protocol packet in each group of data packets and the timestamp of the received protocol packet, calculating the frame length transmitted in unit time, namely the signal bandwidth, and taking the bandwidth average value as the bandwidth value of the data packet set:
Figure BDA0002192562340000036
Where B represents the bandwidth value of the packet set, B i Signal bandwidth representing the ith packet of data;
(4) calculating the bandwidth standard deviation of the data packet set according to the signal bandwidth of each group of data packets, and taking the bandwidth standard deviation as the bandwidth stability S of the data packet set;
(5) acquiring M data packet sets, performing the processing of the steps (1) to (4) to obtain data characteristics, wherein the data characteristics comprise frame length distribution, frame length distribution stability, bandwidth value and bandwidth stability, manually marking the data type of each group of data packets in each data packet set, using the data characteristics and the manually marked data types as training samples, and training a WiFi data type identification model based on a machine learning algorithm;
(6) and extracting data characteristics for the newly received data packet set, inputting the extracted data characteristics into the trained model, and outputting the WiFi signal data type corresponding to the newly received data packet set.
Further, the detection report includes a WiFi device name, a WiFi device type, a WiFi signal data type, a WiFi signal occurrence time period, and WiFi signal strength information.
A WiFi signal data acquisition and processing system comprises a WiFi data acquisition module, a WiFi data transmission module, a WiFi data analysis module and a WiFi data display module.
The WiFi data acquisition module is used for monitoring WiFi signals in the detection area and acquiring protocol packets transmitted by the WiFi signals; the WiFi data transmission module is used for temporarily storing a plurality of protocol packets collected by the WiFi data collection module, and transmitting the collected protocol packets to the WiFi data analysis module after being packaged through a wired or wireless network; the WiFi data analysis module is used for analyzing the data in the acquired protocol packet, judging the WiFi equipment name, the WiFi equipment type and the WiFi signal data type corresponding to the WiFi signal, and generating a detection report; and the WiFi data display module is used for storing the acquired WiFi data, the analysis result and the detection report and displaying the detection report at the terminal.
Further, the WiFi data collection module selects a WiFi chip complying with IEEE802.11 protocol.
Further, the WiFi device types include a mobile phone, a tablet, a notebook, a printer, a digital camera, a wireless camera; the WiFi signal data types comprise audio and video.
The following advantages can be obtained by adopting the technical means:
the invention provides a method and a system for acquiring and processing WiFi signal data, wherein the method and the system utilize the monitoring function of a WiFi chip, and monitor and acquire WiFi signal transmission data in a detection area through a WiFi signal acquisition module, the WiFi signal acquisition module does not need to be connected with any WiFi equipment in hardware, and software does not need to be installed on the existing WiFi equipment, so that non-contact data acquisition is realized, the monitoring range can be changed by moving the WiFi data acquisition module, and the data acquisition is more flexible and convenient. The acquired data are transmitted to the WiFi data analysis module, the WiFi data are analyzed and processed according to the existing database system and a machine learning algorithm, the WiFi equipment name, the equipment type and the WiFi signal data type are judged, the calculation method is simple, the automation degree of the whole operation is high, excessive manual participation is not needed, and the calculation result is accurate. The collected data and the calculation result generate a detection report for relevant personnel to check, so that the functions of visual WiFi signal detection, visual classification of various WiFi devices, visual STA (station) devices connected under various AP hotspots and the like are realized, the data transmission condition of the WiFi devices can be known by the relevant personnel, and the relevant personnel can conveniently supervise the WiFi devices. The system and the method have the advantages of low cost, real-time flexible acquisition and processing of WiFi signal data, small calculation amount, short calculation time, accurate calculation result and capability of automatically analyzing data in real time, and provide high-quality informatization service for wireless WiFi signal detection.
Drawings
Fig. 1 is a flowchart illustrating steps of a WiFi signal data acquisition and processing method according to the present invention.
Fig. 2 is a schematic structural diagram of a WiFi signal data acquisition and processing system of the present invention.
In the figure, 1 is a WiFi data acquisition module, 2 is a WiFi data transmission module, 3 is a WiFi data analysis module, and 4 is a WiFi data display module.
Detailed Description
The technical scheme of the invention is further explained by combining the accompanying drawings as follows:
the invention provides a method for acquiring and processing WiFi signal data, which specifically comprises the following steps as shown in FIG. 1:
and S1, in the SNIFFER monitoring mode, monitoring WiFi signals in the air detection area by using a WiFi data acquisition module according to fixed frequency, and receiving protocol packets transmitted by the WiFi signals. At present, 13 frequency points are commonly used in the 2.4GHz frequency band of the WiFi protocol in China, each frequency point can be monitored sequentially by adopting the same acquisition module according to fixed frequency, and 13 frequency points can also be monitored respectively by adopting 13 acquisition modules according to fixed frequency.
In the embodiment of the invention, 13 frequency points are monitored by using the same WiFi data acquisition module according to the frequency of 10 times/second in sequence, each frequency point monitors for 100ms, all frequency points can be polled within 1.3 seconds, and the frequency points with data transmission are recorded after all the frequency points are polled; when the second round of monitoring is carried out, the frequency points with data transmission are monitored according to the frequency of 0.5 time/second, namely each frequency point monitors for 2s of time, and if the number of the frequency points with data transmission is N, the second round of monitoring consumes 2 x N seconds; and during the third monitoring, sequentially monitoring 13 frequency points again according to the frequency of 10 times/second, recording the frequency points of data transmission again, and so on, and acquiring data of WiFi signal transmission, namely the protocol packet.
Each protocol packet can be called a frame, and can be divided into a management frame, a control frame and a data frame according to different destination devices, data in the protocol packet and the like. The frame header part comprises a Physical Layer protocol (PLCP) header and a MAC header, wherein the PLCP header comprises the length of the frame, and the MAC header comprises a Frame Control (FC), a duration length and a MAC address, wherein the FC represents the state of the frame and comprises the direction of a packet, namely an uplink or a downlink; the duration length represents a channel reservation duration, i.e., a time required to complete data transmission; for uplink packets, the MAC address includes the MAC address of the AP, the source MAC address, and the destination MAC address.
S2, the timestamp of each protocol packet receiving and the header part of the protocol packet are arranged into data packets and stored in a temporary database, each data packet comprises a data packet sequence number, the header part of the protocol packet and the timestamp of receiving the protocol packet, the data packet sequence number is mainly used for marking which WiFi signal on which frequency point the data packet belongs to, and therefore follow-up statistics, query and analysis are facilitated, the header part of the protocol packet stored in the data packet mainly comprises an SSID, a frame length, a frame state, a duration length, a source MAC address and a destination MAC address, and the timestamp comprises the start time and the end time of receiving the protocol packet.
Because the useful data in one data packet is less, in order to have enough useful data during data analysis and processing and improve the data analysis accuracy, the data packets collected in the invention are firstly stored in the temporary database, and when the number of the data packets of the same WiFi signal in the temporary database reaches a set threshold value, the data packets of the same WiFi signal in the temporary database are packed into a data packet set and sent to the WiFi data analysis module. Through a plurality of tests, the set threshold value is more than or equal to 300, namely more than 300 data packets are collected each time, and then the data packets are packed and sent to the WiFi data analysis module.
S3, analyzing the WiFi equipment name, the equipment type and the WiFi signal data type corresponding to the WiFi signal according to the data in the data packet set based on a machine learning algorithm; the specific operation is as follows:
and S31, extracting SSIDs of the protocol packets from the data packet sets, wherein all the protocol packets in one data packet set usually originate from the same WiFi device, so that the SSIDs in each protocol packet should be the same, and analyzing the SSIDs to obtain the names of the WiFi devices corresponding to the WiFi signals. In addition, background databases for the WiFi device may also be linked, existing data existing in the background databases may be retrieved, the device type is determined according to the SSID, for example, most commercially available routers include the brand and model of the router in their name, and the WiFi device may be deduced as a router device according to the brand and model by analyzing the SSID.
And S32, since mainstream WiFi equipment manufacturers apply for the range of the MAC address in the IEEE association, the WIFI equipment corresponding to a certain MAC address can be judged by searching through an IEEE database. Analyzing protocol packets in a data packet set, acquiring a source MAC address from a frame header part of the protocol packets, wherein all protocol packets in one data packet set usually originate from the same WiFi equipment, so that the source MAC addresses are the same, matching the source MAC addresses with an MAC information registration table registered in an IEEE database, and judging the equipment type of the WiFi equipment corresponding to the source MAC addresses.
S33, because different WiFi devices can perform specific data length segmentation according to characteristics of the WiFi devices when transmitting data, when a certain number of data packets transmitted by a WiFi device are accumulated, rules of data length segmentation can be searched according to the data packets by matching with a machine learning algorithm, and then data types of WiFi signal transmission are distinguished. And extracting data characteristics from the data packet set, training a model according to a machine learning algorithm and the data characteristics, and judging the WiFi signal data type by using the trained model. Step S33 may be further specifically divided into the following operations:
(1) randomly selecting a data packet set, dividing the data packets in the data packet set into N groups, wherein each group of data packets has e data packets, i.e., there are e protocol packets, for example, there are 500 data packets in a data packet set, and dividing 500 data packets into 10 groups, then each group includes 50 data packets, i.e., there are 50 protocol packets in each group.
Extracting the frame length of each protocol packet in each group of data packets, wherein the frame length set of the ith group of data packets is A i ={a 1i ,a 2i ,...,a ji ,...a ei Where i ═ 1,2 ji Calculating the frame length of jth protocol packet in ith group of data packet, j is 1,2 Frame length distribution of packets
Figure BDA0002192562340000071
The specific calculation formula is as follows:
Figure BDA0002192562340000072
wherein A is imax Representing a set of protocol packets A i The frame length of the largest frame in the group,
Figure BDA0002192562340000073
represents A i Middle element is less than or equal to
Figure BDA0002192562340000074
The probability of (c).
(2) Calculating the frame length distribution of each group of data packets according to the formula (4) to obtain the frame length distribution set of N groups of data packets
Figure BDA0002192562340000075
And performing KS detection on the frame length distribution set to obtain the frame length distribution stability x, wherein a specific calculation formula is as follows:
Figure BDA0002192562340000076
wherein sup () is a supremum function.
(3) Extracting the frame length of each protocol packet in each group of data packets and the timestamp of the received protocol packet, calculating the frame length transmitted in unit time, namely the signal bandwidth, and taking the bandwidth average value as the bandwidth value of the data packet set:
Figure BDA0002192562340000077
where B represents the bandwidth value of the packet set, B i Indicating the signal bandwidth of the ith packet of data.
(4) Calculating the bandwidth standard deviation of the data packet set according to the signal bandwidth of each group of data packets, and taking the bandwidth standard deviation as the bandwidth stability S of the data packet set:
Figure BDA0002192562340000081
(5) acquiring M data packet sets, performing the processing of the steps (1) to (4) to obtain the data characteristics of each data packet, wherein the data characteristics comprise frame length distribution, frame length distribution stability, bandwidth value and bandwidth stability, manually marking the data type of each group of data packets in each data packet set, using the data characteristics and the manually marked data type as training samples, and training a WiFi data type identification model based on a machine learning algorithm.
(6) And extracting data characteristics for the newly received data packet set, inputting the extracted data characteristics into the trained model, and outputting the WiFi signal data type corresponding to the newly received data packet set.
And S4, generating a detection report according to the data packet set and the analysis result of the step S3, wherein the detection report mainly comprises the WiFi device name, the WiFi device type, the WiFi signal data type, the WiFi signal occurrence time period, the WiFi signal strength information and other contents, and the WiFi signal strength can be directly obtained through the acquisition module. And storing the data packet set, the analysis result and the detection report into a relational database correspondingly, and subsequently calling related data from the relational database through keywords, such as calling the corresponding data packet set, the analysis result and the detection report through a data packet sequence number.
And S5, accessing the relational database on the terminal, acquiring the detection report from the relational database, and displaying the content in the detection report on the terminal, wherein the display mode can be tables, texts and the like.
The invention also provides a system for acquiring and processing the WiFi signal data, which comprises a WiFi data acquisition module 1, a WiFi data transmission module 2, a WiFi data analysis module 3 and a WiFi data display module 4, as shown in FIG. 2. The WiFi data acquisition module is used for acquiring data transmitted by WiFi signals, the data are packaged and then transmitted to the WiFi data analysis module by the WiFi data transmission module, the WiFi data analysis module analyzes the WiFi data by using some existing databases and machine learning algorithms to obtain WiFi equipment names, equipment types and WiFi signal data types corresponding to the transmitted WiFi data, results obtained by analysis of the WiFi data analysis module and the acquired WiFi data are combined together to form a detection report, and related personnel can check the detection report on the WiFi data display module.
WiFi data acquisition module mainly used monitors the wiFi signal in the detection zone, gather wiFi signal transmission's protocol package, wireless routing network card can be adopted to wiFi data acquisition module, wireless devices such as professional WIFI module, router, the core chip of wiFi data acquisition module need adopt the wiFi chip that follows IEEE802.11 agreement, the detection zone size of wiFi data acquisition module is generally decided by the hardware equipment or the chip that adopt. The WiFi data acquisition module works on a data link layer, 13 frequency points are used in the 2.4GHz frequency band of the WiFi protocol in China, the WiFi data acquisition module can be used for carrying out single monitoring or circulating monitoring on the required frequency points in a time-sharing mode, and grabbing and basic analysis are carried out on a data packet in an IEEE802.11 protocol format, so that the required data in the header part of a protocol packet frame is extracted.
The WiFi data transmission module is used for temporarily storing a plurality of protocol packets acquired by the WiFi data acquisition module, packaging the acquired protocol packets through a wired or wireless network and transmitting the packaged protocol packets to the WiFi data analysis module, and the transmission mode of the WiFi data transmission module includes but is not limited to WiFi, Bluetooth, USB, RS-485 bus and WLAN. The WiFi data transmission module is not a necessary module, and if the WiFi data acquisition module and the WiFi data analysis module are directly combined on the same set of embedded equipment to realize data transmission of the WiFi data acquisition module and the WiFi data analysis module, the WiFi data transmission module can be omitted under the condition. In order to ensure that the WiFi data analysis module has enough data to analyze and save network resources, the WiFi data transmission module can arrange and temporarily store the data acquired by the WiFi data acquisition module, and the WiFi data are accumulated to a certain amount and then uniformly packaged and transmitted to the WiFi data analysis module.
The WiFi data analysis module is mainly used for analyzing data collected by the WiFi data collection module, judging the WiFi equipment name, the WiFi equipment type and the WiFi signal data type corresponding to the WiFi signal according to the existing database and a machine learning algorithm, and generating a detection report. The detection report is generated according to the data collected by the WiFi data collecting module and the analysis result of the WiFi data analyzing module, and comprises the WiFi equipment name, the WiFi equipment type, the WiFi signal data type, the WiFi signal appearing time period, the WiFi signal strength information and the like.
The WiFi data display module is used for storing the collected WiFi data, the analysis result and the detection report and displaying the detection report at the terminal, the WiFi data display module can be divided into a database end and a display end, the database end depends on a relational database on a server and stores the collected WiFi data, the analysis result and the detection report in the relational database correspondingly, the display end can access the database end to obtain the detection report and display the detection report, and the display end can be software installed on terminals such as a mobile phone, a computer and a tablet and can also be a webpage.
The method and the system can automatically acquire and process the WiFi data transmitted in the air, and judge the name, type, WiFi data type and the like of the WiFi equipment sending the data.
The embodiments of the present invention have been described in detail with reference to the drawings, but the present invention is not limited to the above embodiments, and various changes can be made within the knowledge of those skilled in the art without departing from the gist of the present invention.

Claims (8)

1. A WiFi signal data acquisition and processing method is characterized by comprising the following steps:
s1, monitoring WiFi signals in the air according to fixed frequency in a monitoring mode, and receiving protocol packets transmitted by the WiFi signals;
s2, arranging the timestamp of each protocol packet received and the frame header part of the protocol packet into data packets, storing the data packets into a temporary database, and when the number of the data packets of the same WiFi signal in the temporary database reaches a set threshold value, packaging the data packets of the same WiFi signal in the temporary database into a data packet set and sending the data packet set to a WiFi data analysis module;
S3, analyzing the WiFi device name, the device type and the WiFi signal data type corresponding to the WiFi signal according to the data in the data packet set based on a machine learning algorithm; the specific operation of step S3 is as follows:
s31, extracting the SSID of the protocol packet from the data packet set, and analyzing the SSID to obtain the WiFi equipment name corresponding to the WiFi signal;
s32, acquiring a source MAC address of the protocol packet from the data packet set, matching the source MAC address with a registered MAC information registration table registered in an IEEE database, and judging the device type of the WiFi device corresponding to the source MAC address;
s33, extracting data characteristics from the data packet set, training a model according to a machine learning algorithm and the data characteristics, and judging the WiFi signal data type by using the trained model; the specific operation of step S33 is as follows:
(1) arbitrarily selecting a data packet set, dividing the data packets in the data packet set into N groups, wherein each group of data packets has e data packets, namely e protocol packets, extracting the frame length of each protocol packet in each group of data packets, and the frame length set of the ith group of data packets is A i ={a 1i ,a 2i ,...,a ji ,...a ei Where i ═ 1,2 ji Calculating the frame length distribution of the ith group of data packets according to the cumulative distribution function for the frame length of the jth protocol packet in the ith group of data packets, wherein j is 1,2
Figure FDA0003691004460000011
The specific calculation formula is as follows:
Figure FDA0003691004460000012
wherein A is imax Representing a set of protocol packets A i The length of the frame of the largest frame in the frame,
Figure FDA0003691004460000021
represents A i Middle element is less than or equal to
Figure FDA0003691004460000022
The probability of (d);
(2) the frame length distribution of N groups of data packets is set as
Figure FDA0003691004460000023
And performing KS detection on the frame length distribution set to obtain the frame length distribution stability x, wherein a specific calculation formula is as follows:
Figure FDA0003691004460000024
(3) extracting the frame length of each protocol packet in each group of data packets and the timestamp of the received protocol packet, calculating the frame length transmitted in unit time, namely the signal bandwidth, and taking the bandwidth average value as the bandwidth value of the data packet set:
Figure FDA0003691004460000025
where B represents the bandwidth value of the packet set, B i Signal bandwidth representing the ith packet of data;
(4) calculating the bandwidth standard deviation of the data packet set according to the signal bandwidth of each group of data packets, and taking the bandwidth standard deviation as the bandwidth stability S of the data packet set;
(5) acquiring M data packet sets, performing the processing of the steps (1) to (4) to obtain data characteristics, wherein the data characteristics comprise frame length distribution, frame length distribution stability, bandwidth value and bandwidth stability, manually marking the data type of each group of data packets in each data packet set, using the data characteristics and the manually marked data types as training samples, and training a WiFi data type identification model based on a machine learning algorithm;
(6) Extracting data characteristics for the newly received data packet set, inputting the extracted data characteristics into a trained model, and outputting a WiFi signal data type corresponding to the newly received data packet set;
s4, generating a detection report according to the data packet set and the analysis result of the step S3, and correspondingly storing the data packet set, the analysis result and the detection report into a relational database;
and S5, acquiring the detection report from the relational database and displaying the detection report at the terminal.
2. The method for acquiring and processing WiFi signal data according to claim 1, wherein the fixed frequency is in a range of 0.5-10 times/second.
3. The method of claim 1, wherein each data packet comprises a packet sequence number, a header portion of a protocol packet, and a timestamp for receiving the protocol packet, and the header portion of the protocol packet comprises an SSID, a frame length, a frame status, a duration length, a source MAC address, and a destination MAC address.
4. The method for acquiring and processing WiFi signal data of claim 1, wherein the threshold set in step S2 is greater than or equal to 300.
5. The method of claim 1, wherein the detection report includes a WiFi device name, a WiFi device type, a WiFi signal data type, a WiFi signal occurrence time period, and WiFi signal strength information.
6. A WiFi signal data acquisition and processing system is characterized by comprising a WiFi data acquisition module, a WiFi data transmission module, a WiFi data analysis module and a WiFi data display module;
the WiFi data acquisition module is used for monitoring WiFi signals in the detection area and acquiring protocol packets transmitted by the WiFi signals;
the WiFi data transmission module is used for temporarily storing a plurality of protocol packets collected by the WiFi data collection module, and transmitting the collected protocol packets to the WiFi data analysis module after being packaged through a wired or wireless network;
the WiFi data analysis module is used for analyzing the data in the acquired protocol packet, judging the WiFi equipment name, the WiFi equipment type and the WiFi signal data type corresponding to the WiFi signal, and generating a detection report;
the WiFi data analysis module extracts the SSID of the protocol packet from the data packet set, and analyzes the SSID to obtain the WiFi equipment name corresponding to the WiFi signal; acquiring a source MAC address of a protocol packet from a data packet set, matching the source MAC address with a registered MAC information registration table registered in an IEEE database, and judging the equipment type of WiFi equipment corresponding to the source MAC address; extracting data characteristics from the data packet set, training a model according to a machine learning algorithm and the data characteristics, and judging the WiFi signal data type by using the trained model;
The WiFi data analysis module randomly selects a data packet set, the data packets in the data packet set are divided into N groups, each group of data packets has e data packets in total, namely e protocol packets, the frame length of each protocol packet in each group of data packets is extracted, and the frame length set of the ith group of data packets is A i ={a 1i ,a 2i ,...,a ji ,...a ei Where i ═ 1,2 ji Calculating the frame length distribution of the ith group of data packets according to the cumulative distribution function for the frame length of the jth protocol packet in the ith group of data packets, wherein j is 1,2
Figure FDA0003691004460000031
The specific calculation formula is as follows:
Figure FDA0003691004460000041
wherein A is imax Representing a set of protocol packets A i The length of the frame of the largest frame in the frame,
Figure FDA0003691004460000042
represents A i Middle element is less than or equal to
Figure FDA0003691004460000043
The probability of (d);
the frame length distribution of N groups of data packets is set as
Figure FDA0003691004460000044
And performing KS detection on the frame length distribution set to obtain the frame length distribution stability x, wherein a specific calculation formula is as follows:
Figure FDA0003691004460000045
extracting the frame length of each protocol packet in each group of data packets and the timestamp of the received protocol packet, calculating the frame length transmitted in unit time, namely the signal bandwidth, and taking the bandwidth average value as the bandwidth value of the data packet set:
Figure FDA0003691004460000046
where B represents the bandwidth value of the packet set, B i Signal bandwidth representing the ith packet of data;
calculating the bandwidth standard deviation of the data packet set according to the signal bandwidth of each group of data packets, and taking the bandwidth standard deviation as the bandwidth stability S of the data packet set;
Acquiring M data packet sets, performing the processing of the steps (1) to (4) to obtain data characteristics, wherein the data characteristics comprise frame length distribution, frame length distribution stability, bandwidth value and bandwidth stability, manually marking the data type of each group of data packets in each data packet set, using the data characteristics and the manually marked data types as training samples, and training a WiFi data type identification model based on a machine learning algorithm;
extracting data characteristics for the newly received data packet set, inputting the extracted data characteristics into a trained model, and outputting a WiFi signal data type corresponding to the newly received data packet set;
and the WiFi data display module is used for storing the acquired WiFi data, the analysis result and the detection report and displaying the detection report at the terminal.
7. The system of claim 6, wherein the WiFi data acquisition module is a WiFi chip compliant with IEEE802.11 protocol.
8. The system of claim 6, wherein the WiFi device types include cell phones, tablets, notebooks, printers, digital cameras, wireless cameras; the WiFi signal data types comprise audio and video.
CN201910845417.0A 2019-09-05 2019-09-05 WiFi signal data acquisition and processing method and system Active CN110536324B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910845417.0A CN110536324B (en) 2019-09-05 2019-09-05 WiFi signal data acquisition and processing method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910845417.0A CN110536324B (en) 2019-09-05 2019-09-05 WiFi signal data acquisition and processing method and system

Publications (2)

Publication Number Publication Date
CN110536324A CN110536324A (en) 2019-12-03
CN110536324B true CN110536324B (en) 2022-08-12

Family

ID=68667638

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910845417.0A Active CN110536324B (en) 2019-09-05 2019-09-05 WiFi signal data acquisition and processing method and system

Country Status (1)

Country Link
CN (1) CN110536324B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111914244B (en) * 2020-07-31 2024-06-07 深圳力维智联技术有限公司 Data processing method, device and computer readable storage medium
CN112152875A (en) * 2020-09-09 2020-12-29 杭州涂鸦信息技术有限公司 System and method for testing abnormal connection of WiFi module
CN113836109B (en) * 2021-08-17 2023-04-14 中国电子科技集团公司第二十九研究所 Statistical analysis and result presentation method for monitoring data of wireless electromagnetic signals
CN116156505B (en) * 2023-04-18 2023-08-04 南京桂瑞得信息科技有限公司 WiFi equipment detection method based on denoising self-encoder and metric learning

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103402177A (en) * 2013-08-02 2013-11-20 南京市海聚信息科技有限公司 Information pushing system of WiFi (wireless fidelity) terminal and implementation method thereof
CN105960016A (en) * 2016-06-23 2016-09-21 成都信息工程大学 RSSI acquisition method
CN108449716A (en) * 2018-03-28 2018-08-24 北京智慧空间科技有限责任公司 A kind of user property analysis method and system based on wireless sensor
CN109451486A (en) * 2018-11-30 2019-03-08 南京航空航天大学 WiFi acquisition system and WiFi terminal detection method based on probe request

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103402177A (en) * 2013-08-02 2013-11-20 南京市海聚信息科技有限公司 Information pushing system of WiFi (wireless fidelity) terminal and implementation method thereof
CN105960016A (en) * 2016-06-23 2016-09-21 成都信息工程大学 RSSI acquisition method
CN108449716A (en) * 2018-03-28 2018-08-24 北京智慧空间科技有限责任公司 A kind of user property analysis method and system based on wireless sensor
CN109451486A (en) * 2018-11-30 2019-03-08 南京航空航天大学 WiFi acquisition system and WiFi terminal detection method based on probe request

Also Published As

Publication number Publication date
CN110536324A (en) 2019-12-03

Similar Documents

Publication Publication Date Title
CN110536324B (en) WiFi signal data acquisition and processing method and system
US20200322237A1 (en) Traffic detection method and traffic detection device
US9961571B2 (en) System and method for a multi view learning approach to anomaly detection and root cause analysis
US7516049B2 (en) Wireless performance analysis system
CN106416136A (en) Network monitor
CN109451486B (en) WiFi acquisition system based on detection request frame and WiFi terminal detection method
CN107995626B (en) Method and device for identifying WIFI signal security category in wireless local area network
CN106961693B (en) Method for determining working channel of wireless access equipment
CN106412809A (en) MAC address acquisition method and system based on Bluetooth and WIFI
Rusca et al. What WiFi probe requests can tell you
CN114629811A (en) Operation monitoring method for industrial Ethernet communication system
CN114554185A (en) Wireless network flow-based candid camera detection and protection method
Redondi et al. Passive classification of Wi-Fi enabled devices
CN111885621B (en) Wireless message grabbing method, system, terminal and storage medium
CN101426216B (en) Test method and device for wireless access system distributed base station
Pintor et al. Analysis of wi-fi probe requests towards information element fingerprinting
CN111371689B (en) TCP congestion control version identification method and device based on deep learning
US20220123848A1 (en) Wireless communication quality visualization system, wireless communication quality visualization device, and measurement apparatus
US20230292229A1 (en) Terminal scanning method, system, and apparatus, electronic device, and storage medium
CN102595467B (en) Data acquisition method and data acquisition device
Cache Fingerprinting 802.11 implementations via statistical analysis of the duration field
US20160134747A1 (en) Quality degradation analysis method, quality degradation analysis device, and network system
CN109618139A (en) A kind of intelligent video monitoring system and method for view-based access control model routing
WO2021057997A1 (en) Data monitoring method of sniffer, sniffer, storage medium and terminal
de Mello Silva et al. Performance analysis of a privacy-preserving frame sniffer on a Raspberry Pi

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant