CN1953387B - Mobile station and its method for detecting attack under power-saving mode - Google Patents

Mobile station and its method for detecting attack under power-saving mode Download PDF

Info

Publication number
CN1953387B
CN1953387B CN200510100550A CN200510100550A CN1953387B CN 1953387 B CN1953387 B CN 1953387B CN 200510100550 A CN200510100550 A CN 200510100550A CN 200510100550 A CN200510100550 A CN 200510100550A CN 1953387 B CN1953387 B CN 1953387B
Authority
CN
China
Prior art keywords
mobile radio
radio station
access point
saving mode
access control
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN200510100550A
Other languages
Chinese (zh)
Other versions
CN1953387A (en
Inventor
唐正文
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hongfujin Precision Industry Shenzhen Co Ltd
Hon Hai Precision Industry Co Ltd
Original Assignee
Hongfujin Precision Industry Shenzhen Co Ltd
Hon Hai Precision Industry Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hongfujin Precision Industry Shenzhen Co Ltd, Hon Hai Precision Industry Co Ltd filed Critical Hongfujin Precision Industry Shenzhen Co Ltd
Priority to CN200510100550A priority Critical patent/CN1953387B/en
Publication of CN1953387A publication Critical patent/CN1953387A/en
Application granted granted Critical
Publication of CN1953387B publication Critical patent/CN1953387B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

The invention relates to a method for detecting attach in save mode by mobile station. Wherein, it comprises that providing an access point; mobile station enters into save mode; mobile station makes a false mobile station to connect the access point; the false mobile station transmits data to mobile station via access point; the mobile station judges if there is access point in said data to judge the attach. When attacked, the mobile station can exit save mode to avoid attack.

Description

Mobile radio station and under battery saving mode the method for attack detecting
[technical field]
The present invention relates to field of wireless communication, relate in particular to a kind of mobile radio station and the method for attack detecting under battery saving mode.
[background technology]
For mobile radio station (mobile station), for example: (Personal Digital Assistant, PDA) etc., electric power resource is limited and valuable resource for mobile phone, portable computer, personal digital assistant.In order to save electric power resource, mobile radio station is once charged after, can adhere to the more permanent time, so most of mobile radio stations all are provided with battery saving mode.Mobile radio station is in battery saving mode, and the electric weight that consumes during the electricity ratio operate as normal that consumed is wanted much less, thereby has effectively saved electric power resource.
When mobile radio station was in battery saving mode, other mobile radio station sent to the data of mobile radio station by an access point, can be stored in the buffer (buffer) of access point.At this moment, the assailant can be by medium access control (the Media Access Control of mobile radio station, MAC) address sends the claim frame rogue access point, obtain the data that belong to mobile radio station, and then cause mobile radio station can't obtain data, thereby to mobile radio station cause the letter out data Denial of Service attack (Denial Of Service ATTACK, DOSAttack).
[summary of the invention]
In view of this, need provide a kind of mobile radio station, it can detect the Denial of Service attack (Denial Of Service ATTACK, DOS Attack) of letter out data under battery saving mode.
In addition, also need to provide a kind of mobile radio station under battery saving mode, to detect the method for the Denial of Service attack of letter out data.
A kind of mobile radio station, be applicable to a wireless local area network (WLAN) system, wherein this wireless local area network (WLAN) system comprises an Internet Protocol (Internet Protocol, IP) core network and an access point (Access Point, AP), above-mentioned mobile radio station comprises a faking module and a judge module.Faking module is used to forge an empty mobile radio station, and wherein empty mobile radio station comprises a data generating module, is used to produce data.Judge module is used for whether being present in access point according to above-mentioned data, and judges whether to detect attack.
The method of a kind of mobile radio station attack detecting under battery saving mode may further comprise the steps: an access point is provided; Mobile radio station enters battery saving mode; Mobile radio station is forged an empty mobile radio station, and makes empty mobile radio station and access point set up line; Empty mobile radio station transmits data by access point and gives mobile radio station; Reach mobile radio station and whether be present in access point, and judge whether to detect attack according to above-mentioned data.
Mobile radio station can utilize above-mentioned under battery saving mode the method for attack detecting, the detecting dos attack when detecting when attacking, is withdrawed from battery saving mode, and is under attack to prevent to continue, and then prevents that its data are by letter out.
[description of drawings]
Fig. 1 is the enforcement environment map of the method for mobile radio station of the present invention attack detecting under battery saving mode.
Fig. 2 is the module map of the execution mode of mobile radio station of the present invention.
Fig. 3 is the schematic diagram of execution mode of the first association request frame of mobile radio station request power saving of the present invention.
Fig. 4 is the schematic diagram of execution mode of the second association request frame of mobile radio station request power saving of the present invention.
Fig. 5 is the schematic diagram of execution mode of the ADDTS claim frame of mobile radio station request power saving of the present invention.
Fig. 6 is the flow chart of mobile radio station of the present invention method of attack detecting under battery saving mode.
Fig. 7 is the flow chart of an execution mode of the method for mobile radio station of the present invention attack detecting under battery saving mode.
Fig. 8 be of the present invention under battery saving mode in the method for attack detecting empty mobile radio station request set up the schematic diagram of execution mode of the authentication request frames of line.
Fig. 9 be of the present invention under battery saving mode in the method for attack detecting empty mobile radio station request set up the schematic diagram of execution mode of the 3rd association request frame of line.
Figure 10 be of the present invention under battery saving mode in the method for attack detecting empty mobile radio station send to the schematic diagram of execution mode of a MPDU frame of mobile radio station by access point.
Figure 11 be of the present invention under battery saving mode in the method for attack detecting mobile radio station send to the schematic diagram of execution mode of the PS-Poll frame of access point.
Figure 12 be of the present invention under battery saving mode in the method for attack detecting access point send to the schematic diagram of execution mode of the 2nd MPDU frame of mobile radio station.
Figure 13 is the flow chart of mobile radio station of the present invention another execution mode of the method for attack detecting under battery saving mode.
Figure 14 is the schematic diagram of the execution mode of the beacon frame that access point sends in the method for attack detecting under battery saving mode of the present invention.
Figure 15 is the flow chart of mobile radio station of the present invention another execution mode of the method for attack detecting under battery saving mode.
Figure 16 be of the present invention under battery saving mode in the method for attack detecting empty mobile radio station send to the schematic diagram of execution mode of the 3rd MPDU frame of mobile radio station by access point.
Figure 17 be of the present invention under battery saving mode in the method for attack detecting mobile radio station send to the schematic diagram of execution mode of the QoS-Poll frame of access point.
Figure 18 be of the present invention under battery saving mode in the method for attack detecting access point send to the schematic diagram of execution mode of the 4th MPDU frame of mobile radio station.
[embodiment]
Fig. 1 is the enforcement environment map of the method for mobile radio station of the present invention attack detecting under battery saving mode.For chatting bright embodiments of the present invention, the basic framework of wireless local area network (WLAN) system only is shown among the figure, wireless local area network (WLAN) system comprises: an Internet Protocol (Internet Protocol, IP) (Access Point, AP) 20, one mobile radio station (Mobile Station) 30 and is attacked mobile radio station 40 for core network (CoreNetwork) 10, an access point.Wherein, mobile radio station 30 comprises an empty mobile radio station 31, the mobile radio station of empty mobile radio station 31 for forging in the mobile radio station 30.
In the WLAN (wireless local area network) of reality, comprise a plurality of access points 20, a plurality of mobile radio station 30 and a plurality of attack mobile radio station 40, for simplicity's sake, an access point 20, a mobile radio station 30 and an attack mobile radio station 40 only are shown in Fig. 1.
Access point 20 is wiredly connected to IP core network 10.Mobile radio station 30 and attack mobile radio station 40 can be arbitrary equipment with the inserted WLAN (wireless local area network) at WLAN (wireless local area network) interface, for example: mobile phone, portable computer, personal digital assistant (Personal Digital Assistant, PDA) etc. mobile radio station 30 and attack mobile radio station 40 and all carry out wireless telecommunications with access point 20.
Because mobile radio station 30 carries out wireless telecommunications with access point 20 by frame, but attack mobile radio station 40 received frames, and parse for frame and obtain medium access control (Media Access Control, MAC) address of mobile radio station 30.After mobile radio station 30 enters battery saving mode, other mobile radio station can be stored in the buffer of access point 20 by the data that access point 20 sends to mobile radio station 30 in the WLAN (wireless local area network), attack mobile radio station 40 and can send claim frame rogue access point 20 by the MAC Address of mobile radio station 30, obtain the data that belong to mobile radio station 30, and then cause mobile radio station 30 can't obtain data, thereby to mobile radio station 30 cause the letter out data Denial of Service attack (Denial Of Service ATTACK, DOSAttack).
Thereby, after mobile radio station 30 enters battery saving mode, be vulnerable to the dos attack of letter out data, so need the dos attack of detecting letter out data.In the present embodiment, mobile radio station 30 is forged an empty mobile radio station 31, the empty mobile radio station 31 of Schilling is set up line with access point 20, make empty mobile radio station 31 send data to mobile radio station 30 again by access point 20, whether mobile radio station 30 can be present in access point 20 according to the data that empty mobile radio station 31 is sent, and judges whether to detect attack.If data still are present in access point 20, then mobile radio station 30 does not detect attack, can keep battery saving mode; If data are not present in access point 20, then mobile radio station 30 detects attack, need withdraw from battery saving mode, and is under attack to prevent to continue.
Fig. 2 is the module map of the execution mode of mobile radio station 30 of the present invention.In the present embodiment, mobile radio station 30 comprises a delivery module 30a, a receiver module 30b, a judge module 30c and a faking module 30d.Faking module 30d is used to forge an empty mobile radio station 31, and wherein, empty mobile radio station 31 comprises a data generating module 31a.Data generating module 31a is used to produce data.Delivery module 30a is used for transmitting above-mentioned data by access point 20 and gives mobile radio station 30.Receiver module 30b is used for by the data of access point 20 receptions from empty mobile radio station 31.Judge module 30c is used for whether being present in access point according to above-mentioned data, and judges whether to detect attack.
In the present embodiment, a kind of mobile radio station 30 is mainly described under battery saving mode (Power SaveMode), the method for the attack of attack detecting mobile radio station 40.At first mobile radio station 30 sends a power saving request message to access point 20, enters battery saving mode with notice access point 20.After access point 20 is received power saving request message, send a power saving response message, mobile radio station 30 can enter battery saving mode.Above-mentioned battery saving mode can comprise power-save poll (Power Save Polling, PSP) and non-scheduling automatic power save transmit (Unscheduled Automatic Power Save Delivery, U-APSD) two kinds of battery saving modes.When mobile radio station 30 requests entered the PSP battery saving mode, mobile radio station 30 sent one first association request frame (Association Request Frame) 100 and gives access point 20.As shown in Figure 3, the first association request frame 100 comprises a power management (Power Management) field 101, it should be noted, described all frames of present embodiment all are identical with IEEE 802.11 standards, and the content of each frame does not disclose on figure fully, only has to disclose required field part.Mobile radio station 30 can enter battery saving mode by power management field 101 notice access points 20.In the present embodiment, mobile radio station 30 is made as 1 with the power management field 101 of the first association request frame 100, shows that promptly mobile radio station 30 requests enter the PSP battery saving mode.
When mobile radio station 30 request entered the U-APSD battery saving mode, mobile radio station 30 sent one second association request frame 200 or by different designs and adds the inbound traffics specification (ADD Traffic Spec, ADDTS) claim frame 300.As shown in Figure 4, the second association request frame 200 comprises a power management field 201 and a quality of service capabilities (Quality of Service Capability, QoS Capability) field 202, mobile radio station 30 can enter battery saving mode by power management field 201 notice access points 20, and to carry out category of access (Access Category, AC) grade of U-APSD battery saving mode by QoS Capability field 202 notice access points 20.The AC grade comprises best endeavors (Best Effort, BE), background transmission (Background, BK), video signal (Video, VI) and sound (Voice, VO) four grades, QoS Capabilty field 202 can indicate one or more in the above-mentioned AC grade and enter the U-APSD battery saving mode, and the AC grade that does not indicate then enters the PSP battery saving mode.
As shown in Figure 5, ADDTS claim frame 300 comprises that a power management field 301, a scheduling automatic power save transmit (Automatic Power Save Delivery, APSD) (Traffic Spec Identifier, TSID) field 309 for field 305, a scheduling (Schedule) field 307 and first-class gauge lattice identification code.Mobile radio station 30 enters battery saving mode by power management field 301 notice access points 20, enter the APSD battery saving mode by APSD field 305 notice access points 20 again, more enter the U-APSD battery saving mode, more will carry out the AC grade of U-APSD battery saving mode by TSID field 309 notice access points 20 by Schedule field 307 notice access points 20.Wherein, when power management field 301 is made as 1, APSD field 305 is made as 1, and Schedule field 307 is made as 0, promptly shows to carry out the U-APSD battery saving mode.The AC grade comprises above-mentioned Best Effort, Background, Video and four grades of Voice, the grade that TSID field 309 can indicate in the above-mentioned AC grade enters the U-APSD battery saving mode, the AC grade that does not indicate then enters the PSP battery saving mode, when promptly entering the U-APSD battery saving mode, TSID field 309 must have been specified the AC grade.After mobile radio station 30 enters battery saving mode, be vulnerable to the dos attack of letter out data, so need the dos attack of detecting letter out data.The concrete operations flow process of the method for mobile radio station 30 attack detecting under battery saving mode sees for details hereinafter.
Fig. 6 is the flow chart of mobile radio station 30 of the present invention method of attack detecting under battery saving mode.After mobile radio station 30 enters battery saving mode, be vulnerable to the dos attack of letter out data, so need the dos attack of detecting letter out data.
At step S600, mobile radio station 30 notice access points 20, and enter battery saving mode.At step S602, mobile radio station 30 is forged an empty mobile radio station 31, and makes empty travelling carriage 31 set up line with access point 20.At step S604, empty mobile radio station 31 transmits data by access point 20 and gives mobile radio station 30.At step S606, whether mobile radio station 30 can be present in access point 20 according to the data that empty mobile radio station 31 is sent, and judges whether to detect attack.
The flow chart of one execution mode of the method for Fig. 7 mobile radio station 30 of the present invention attack detecting under battery saving mode.After mobile radio station 30 enters the PSP battery saving mode, be vulnerable to the dos attack of letter out data, so need the dos attack of detecting letter out data.
At step S700, the mobile radio station 30 transmissions first association request frame 100 as shown in Figure 3 enters the PSP battery saving mode to access point 20 with request.In the present embodiment, mobile radio station 30 is made as 1 with the power management field 101 of the first association request frame 100, after then access point 20 is received the first association request frame 100, promptly mobile radio station 30 requests enter the PSP battery saving mode as can be known, and send a response message to mobile radio station 30, thereby mobile radio station 30 can enter the PSP battery saving mode.
At step S702, mobile radio station 30 is forged an empty mobile radio station 31, and makes empty mobile radio station 31 set up line with access point 20.In the present embodiment, mobile radio station 30 is forged a MAC Address, and when mobile radio station 30 sent message to access point 20 by the MAC Address of forging, access point 20 can be considered as a new mobile radio station with it, promptly can be considered and forges an empty mobile radio station 31.Empty mobile radio station 31 will be set up line with access point 20, at first need send as shown in Figure 8 authentication request frames 400 to access point 20.
As shown in Figure 8, when empty mobile radio station 31 requests are set up line with access point 20, the authentication request frames 400 that empty mobile radio station 31 sends comprises a BSSID (Basic Service SetIdentifier, BSSID) field 401, a destination address (Destination Address, DA) field 402 and is originated, and (Source Address, SA) field 403 in the address.
In the present embodiment, wireless telecommunication system is Basic Service Set (the BasicService Set that architecture is arranged, BSS), so the MAC Address .DA field 402 that BSSID field 401 is made as access point 20 is the purpose workstation address of authentication request frames 400, so the MAC Address .SA field 403 that is made as access point 20 is for producing the workstation address of authentication request frames 400, so be made as the MAC Address of empty mobile radio station 31. after access point 20 is received authentication request frames 400, can loopback one authentication Echo Frame. then, empty mobile radio station 31 send again as shown in Figure 9 the 3rd association request frame 500 to access point 20. as shown in Figure 9, the 3rd contact frame 500 comprises a BSSID field 501, one destination address field (DAF) 502 and a source address field 503. are wherein, the BSSID field 501 of the 3rd association request frame 500, the BSSID field 401 of the setting of da field 502 and sa field 503 and authentication request frames 400, being provided with of da field 402 and sa field 403 is identical. after access point 20 is received the 3rd association request frame 500, can loopback one get in touch Echo Frame, empty mobile radio station 31 is received the association response frame, then represents the line success.
And for example shown in Figure 7, at step S704, mobile radio station 30 sends one first Medium Access Control (MAC) Protocol Data Unit by empty mobile radio station 31 by access point 20, and (MAC Protocol Data Unit, MPDU) frame 600 is given mobile radio station 30.
As shown in figure 10, the one MPDU 600 frames comprise one to compartment system (To DistributedSystem, To DS) field 601, is from compartment system (From Distributed System, From DS) field 602, a BSSID field 603, a destination address field (DAF) 604, source address field 605 and one the one MAC service data unit (MAC Service Data Unit, MSDU) 607.In the present embodiment, To DS field 601 is made as 1 and 0 respectively with From DS field 602, its represent a MPDU frame 600 be send to distributed system (Distributed System, DS).BSSID field 603 is made as the MAC Address of access point 20.Destination address field (DAF) 604 is made as the MAC Address of mobile radio station 30.Source address field 605 is made as the MAC Address of empty mobile radio station 31.The one MSDU 607 is data that a MPDU frame 600 contained empty mobile radio stations 31 send to mobile radio station 30.After access point 20 receives a MPDU frame 600, because mobile radio station 30 is in battery saving mode, so access point 20 is stored in a MPDU frame 600 contained MSDU 607 in the buffer of access point 20.
And for example shown in Figure 7, at step S706, (Power Save Polling, PS-Poll) frame 700 is given access point 20 to mobile radio station 30 transmission power-save poll as shown in figure 11, to want data to access point 20.
As shown in figure 11, PS-Poll frame 700 comprises contacting identifiers symbol (Association Identifier, AID) (Transmitter Address, TA) field 705 field 701, a BSSID field 703 and a transfer address.AID field 701 comprises 15 positions (bits), and wherein bit 15 is all 1 with bit 14, and bit 0-13 is the AID of the work station of transmission PS-Poll frame 700, the i.e. AID of mobile radio station 30.AID be access point distribute to each and the identifier of mobile radio station of communication, to distinguish each mobile radio station.BSSID field 703 is made as the MAC Address of access point 20, and TA field 705 is meant the workstation address that transmits PS-Poll frame 700, is the MAC Address of mobile radio station 30.
And for example shown in Figure 7, at step S708, after access point 20 is received PS-Poll frame 700, transmit one the 2nd MPDU frame 800 and give mobile radio station 30.
As shown in figure 12, the 2nd MPDU frame 800 comprises more multidata (More Data) field 806 and one the 2nd MSDU 807.Wherein, More Data field 806 is whether access point 20 is used for notifying the mobile radio station 30 present access points 20 that are in battery saving mode to also have the MSDU tendency to develop to give mobile radio station 30, and its value is 1, illustrates that access point 20 also has at least one MSDU tendency to develop to give mobile radio station 30 at present.The 2nd MSDU 807 is other mobile radio station in the WLAN (wireless local area network), comprises that empty mobile radio station 31 sends the data of mobile radio station 30 to by access point 20.
And for example shown in Figure 7, at step S710, mobile radio station 30 receives the 2nd MPDU frame 800, judges the 2nd MSDU 807 of the 2nd MPDU frame 800, and whether a MSDU 607 of a MPDU frame 600 that is transmitted with empty mobile radio station 31 is identical.
If the 2nd MSDU 807 of the 2nd MPDU frame 800 is identical with a MSDU 607 of a MPDU frame 600, then at step S716, mobile radio station 30 does not detect attack.
If a MSDU 607 of the 2nd MSDU 807 of the 2nd MPDU frame 800 and a MPDU frame 600 is inequality, then at step S712, mobile radio station 30 continues to judge whether the More Data field 806 of the 2nd MPDU frame 800 is 0.
If the More Data field 806 of the 2nd MPDU frame 800 is 0, then mobile radio station 30 detects attack.
If the More Data field 806 of the 2nd MPDU frame 800 is not 0, then get back to step S706, mobile radio station 30 sends another PS-Poll frame 700 again to access point 20, continuation is wanted data to access point 20. and this step circulates always, the More Data field 806 of the 2nd MPDU frame 800 that is transmitted up to access point 20 is 0, and promptly access point 20 has not had the MSDU tendency to develop to give mobile radio station 30.
Figure 13 is the flow chart of mobile radio station 30 of the present invention another execution mode of the method for attack detecting under battery saving mode.After mobile radio station 30 enters the PSP battery saving mode, be vulnerable to the dos attack of letter out data, so need the dos attack of detecting letter out data.
In the present embodiment, access point 20 sends a beacon frame (Beacon Frame) 900 with some cycles, and as shown in figure 14, Beacon frame 900 comprises a flow indicator correspondence table, and (Traffic-indicationMap, TIM) field 901.TIM field 901 comprises the correspondence table with each mobile radio station AID of access point 20 communications, is 0 with a bit or is 1 to represent it whether data to be arranged in the buffer of access point 20 for each AID.So if mobile radio station 30 is learnt the data of no mobile radio station 30 in the buffer of access point 20 by Beacon frame 900, then mobile radio station 30 can be judged and is subjected to the dos attack of letter out data.But,, then need to judge in conjunction with method shown in Figure 7 if the data of mobile radio station 30 are arranged in the buffer of access point 20.
In the present embodiment, step S1300, step S1302 and step S1304 all step S700, step S702 and the step S704 with Fig. 7 are identical, therefore repeat no more.
At step S1306, mobile radio station 30 receives the Beacon frame 900 that access point 20 is sent.At step S1308, mobile radio station 30 judges according to the TIM field 901 of Beacon frame 900 whether the data that belongs to mobile radio station 30 is arranged in the access point 20.
If do not belong to the data of mobile radio station 30 in the access point 20, then at step S1310, mobile radio station 30 detects attack.
If in the access point 20 data that belong to mobile radio station 30 are arranged, then at step S1312, mobile radio station 30 can't judge whether under attack, needs to judge in conjunction with the method for Fig. 7.
Figure 15 is the flow chart of mobile radio station 30 of the present invention another execution mode of the method for attack detecting under battery saving mode.After mobile radio station 30 enters the U-APSD battery saving mode, be vulnerable to the dos attack of letter out data, so need the dos attack of detecting letter out data.
At step S1500, mobile radio station 30 transmissions one second association request frame 200 as shown in Figure 4 enters the U-APSD battery saving mode to access point 20 with request.In the present embodiment, mobile radio station 30 is made as 1 with the power management field 201 of the second association request frame 200, QoS Capability field 202 is made as the Voice grade, after then access point 20 is received the second association request frame 200, promptly mobile radio station 30 request Voice enter the U-APSD battery saving mode as can be known, ask other AC grade to enter the PSP battery saving mode, and send a response message, thereby mobile radio station 30 can enter the U-APSD battery saving mode to mobile radio station 30.
In another embodiment, mobile radio station 300 can send as shown in Figure 5 an ADDTS claim frame 300 to access point 20, enters the U-APSD battery saving mode with request.
In the present embodiment, step S1502 is identical with the step S702 of Fig. 7, is not therefore giving unnecessary details.Please then see hereinafter.
At step S1504, mobile radio station 30 sends one the 3rd MPDU frame 1000 to mobile radio station 30 by empty mobile radio station 31 by access point 20.As shown in figure 16, the 3rd MPDU frame 1000 comprises a To DS field 1001, a From DS field 1002, a BSSID field 1003, a destination address field (DAF) 1004, a source address field 1005, QoS control (Quality of ServiceControl) field 1007 and one the 3rd MSDU 1009.In the present embodiment, To DS field 1001 and From DS field 1002 are made as 1 respectively and are made as the MAC Address of access point 20 with 0.BSSID field 1003. and destination address field (DAF) 1004 is made as the MAC Address of mobile radio station 30. and the MAC Address .QoS control field 1007 that source address field 1005 is made as empty mobile radio station 31 comprises a flow identifier sign indicating number (Traffic Identifier, TID) field 1007a is used to indicate the AC grade.
In the present embodiment, to get in touch the specified AC grade of the QoS Capabilty field 202 of frame 200 identical for this AC grade and second.
The 3rd MSDU 1009 is data that the 3rd MPDU 1000 contained empty mobile radio stations 31 send to mobile radio station 30.After access point 20 receives the 3rd MPDU frame 1000, because mobile radio station 30 is in battery saving mode, so access point 20 is stored in the 3rd MPDU frame 1000 the 3rd contained MSDU 1009 in the buffer.
At step S1506, (Quality ofService Poll, QoS-Poll) frame 1100 is given access point 20 to mobile radio station 30 transmission service quality poll as shown in figure 17, to want data to access point 20.As shown in figure 17, QoS-Poll frame 1100 comprises a type (Type) field 1101, a subtype (Subtype) field 1103, a destination address 1105, a BSSID field 1107 and a QoS control field 1108.Type field 1101 is to be used to point out the present frame kenel with sub-type field 1103.In the present embodiment, the QoS-Poll frame comprises two kinds of QoS Data frame and QoS Null frames, and type field 1101 is made as 10, and sub-type field 1103 is made as 1000, shows that promptly present frame is a QoS Data frame; Type field 1101 is made as 10, and son money type field 1103 is made as 1100 respectively, shows that promptly present frame is a QoS Null frame.Destination address field (DAF) 1105 is made as the MAC Address of access point 20.BSSID field 1107 is made as the MAC Address of access point 20.Qos control field 1108 comprises a TID field 1108a, and TID field 1108a indicates the AC grade.In the present embodiment, to get in touch the specified AC grade of the QoS Capabilty field 202 of frame 200 identical for this AC grade and second.
At step S1508, after access point 20 is received QoS-Poll frame 1100, transmit the 4th MPDU frame 1200 and give mobile radio station 30.As shown in figure 18, the 4th MPDU frame 1200 comprises a QoS control field 1207 and one the 4th MSDU 1209.Wherein, QoS control field 1207 comprises that (TID field 1207a is used to indicate the AC grade for End Of Service Period, EOSP) field 1207b for a TID field 1207a and an end service field.EOSP field 1207b is whether access point 20 is used for notifying mobile radio station 30 to also have the MSDUs tendency to develop to give mobile radio station 30, and its value is 1, illustrates that access point 20 also has at least one MSDU tendency to develop to give mobile radio station 30 at present.The 4th MSDU 1209 is other mobile radio station in the WLAN (wireless local area network), comprises that empty mobile radio station 31 by access point 20, sends the data of mobile radio station 30 to.
At step S1510, mobile radio station 30 receives the 4th MPDU frame 1200, judges the 4th MSDU 1209 of the 4th MPDU frame 1200, and whether the 3rd MSDU 1009 of the 3rd MPDU frame 1000 that is transmitted with empty mobile radio station 31 is identical.
If the 4th MSDU 1209 of the 4th MPDU frame 1200 is identical with the 3rd MSDU 1009 of the 3rd MPDU frame 1000, then at step S1516, mobile radio station 30 does not detect attack.
If the 3rd MSDU 1009 of the 4th MSDU 1209 of the 4th MPDU frame 1200 and the 3rd MPDU frame 1000 is inequality, then at step S1512, mobile radio station 30 continues to judge whether the EOSP field 1207b of the 4th MPDU frame 1200 is 0.
If the EOSP field 1207b of the 4th MPDU frame 1200 is 0, then at step S1514, mobile radio station 30 detects attack.
If the EOSP field 1207b of the 4th MPDU frame 1200 is not 0, then get back to step S1506, mobile radio station 30 sends another QoS-Poll frame 1100 again to access point 20, continues to want data to access point 20.This step circulates always, and the EOSP field 1207b of the 4th MPDU frame 1200 that is transmitted up to access point 20 is 0, and promptly access point 20 has not had the MSDU tendency to develop to give mobile radio station 30.
Mobile radio station 30 can utilize of the present invention under battery saving mode the method for attack detecting, the dos attack of detecting letter out data when detecting when attacking, is withdrawed from battery saving mode, and is under attack to prevent to continue.

Claims (17)

1. a mobile radio station is applicable to wireless local area network (WLAN) system, and wherein said wireless local area network (WLAN) system comprises Internet Protocol core network and access point, it is characterized in that: described mobile radio station enters battery saving mode, and described mobile radio station comprises:
Faking module is used to forge empty mobile radio station, and wherein said empty mobile radio station comprises data generating module, is used to produce data;
Delivery module is used for sending the data that described empty mobile radio station produces to described mobile radio station by described access point; And
Judge module is used for whether being present in described access point according to described data, and judges whether to detect attack.
2. mobile radio station as claimed in claim 1 is characterized in that: described mobile radio station also comprises receiver module, is used for by the data of described access point reception from described empty mobile radio station.
3. the method for mobile radio station attack detecting under battery saving mode is characterized in that may further comprise the steps:
Access point is provided;
Described mobile radio station enters battery saving mode;
Described mobile radio station is forged empty mobile radio station, and makes described empty mobile radio station and described access point set up line;
Described empty mobile radio station transmits data by described access point and gives described mobile radio station; And
Whether described mobile radio station is present in described access point according to described data, and judges whether to detect attack.
4. as claimed in claim 3 under battery saving mode the method for attack detecting, it is characterized in that:
Described battery saving mode comprises the battery saving mode that power-save poll and non-scheduling automatic power save transmit.
5. as claimed in claim 3 under battery saving mode the method for attack detecting, it is characterized in that described mobile radio station forges described empty mobile radio station, and the step that makes described empty mobile radio station and described access point set up line may further comprise the steps:
Described mobile radio station is forged the medium access control address;
Described mobile radio station utilizes described medium access control address to send authentication request frames to described access point;
Described access point transmits the authentication Echo Frame; And
Described mobile radio station utilizes described medium access control address to transmit the association request frame to described access point.
6. as claimed in claim 3 under battery saving mode the method for attack detecting, it is characterized in that the step that described mobile radio station enters battery saving mode may further comprise the steps:
Described mobile radio station sends the contact frame to described access point, enters the power-save poll battery saving mode with request.
7. as claimed in claim 6 under battery saving mode the method for attack detecting, it is characterized in that described empty mobile radio station transmits described data by described access point and may further comprise the steps for the step of described mobile radio station:
Described empty mobile radio station sends the first medium access control protocol data unit frame to described access point, and the described first medium access control protocol data unit frame comprises first medium access control service data unit; And
Described access point stores described first medium access control service data unit.
8. as claimed in claim 7 under battery saving mode the method for attack detecting, it is characterized in that whether described mobile radio station is present in described access point according to described data, and judge whether that the step that detects attack may further comprise the steps:
Described mobile radio station transmits the power-save poll frame and gives described access point;
Described access point transmits the second medium access control protocol data unit frame and gives described mobile radio station, the described second medium access control protocol data unit frame comprises that second medium access control service data unit reaches more multidata field, whether wherein said more multidata field is used for described access point and notifies the present described access point of described mobile radio station to also have the tendency to develop of medium access control service data unit to give described mobile radio station, the value of described more multidata field is zero, illustrates that described access point does not have the tendency to develop of medium access control service data unit to give described mobile radio station at present;
Described mobile radio station receives the described second medium access control protocol data unit frame, and judge described second medium access control service data unit of the described second medium access control protocol data unit frame, whether identical with described first medium access control service data unit of the described first medium access control protocol data unit frame; And
If identical, then described mobile radio station does not detect attack.
9. as claimed in claim 8 under battery saving mode the method for attack detecting, it is characterized in that whether described mobile radio station is present in described access point according to described data, and judge whether that the step that detects attack more may further comprise the steps:
If described second medium access control service data unit of the described second medium access control protocol data unit frame, inequality with described first medium access control service data unit of the described first medium access control protocol data unit frame, judge then whether described more multidata field is zero; And
If be zero, then described mobile radio station detects attack.
10. as claimed in claim 9 under battery saving mode the method for attack detecting, it is characterized in that whether described mobile radio station is present in described access point according to described data, and judge whether that the step that detects attack more may further comprise the steps:
If described more multidata field is non-vanishing, then described mobile radio station continues to transmit described power-save poll frame and gives described access point.
11. as claimed in claim 7 under battery saving mode the method for attack detecting, it is characterized in that whether described mobile radio station is present in described access point according to described data, and judge whether that the step that detects attack may further comprise the steps:
Described access point sends beacon frame;
Described mobile radio station receives described beacon frame, and judges according to described beacon frame whether the data that belongs to described mobile radio station is arranged in the described access point; And
If no, then described mobile radio station detects attack.
12. as claimed in claim 3 under battery saving mode the method for attack detecting, it is characterized in that: the step that described mobile radio station enters battery saving mode may further comprise the steps:
Described mobile radio station sends the contact frame to described access point, enters non-scheduling automatic power save with request and transmits battery saving mode.
13. as claimed in claim 3 under battery saving mode the method for attack detecting, it is characterized in that the step that described mobile radio station enters battery saving mode may further comprise the steps:
Described mobile radio station sends to described access point and adds the inbound traffics claim frame, enters non-scheduling automatic power save with request and transmits battery saving mode.
14. as claim 12 or 13 described under battery saving mode the method for attack detecting, it is characterized in that described empty mobile radio station transmits described data by described access point and may further comprise the steps for the step of described mobile radio station:
Described empty mobile radio station sends the 3rd medium access control protocol data unit frame to described access point, and described the 3rd medium access control protocol data unit frame comprises the 3rd medium access control service data unit; And
Described access point stores described the 3rd medium access control service data unit.
15. as claimed in claim 14 under battery saving mode the method for attack detecting, it is characterized in that whether described mobile radio station is present in described access point according to described data, and judge whether that the step that detects attack may further comprise the steps:
Described mobile radio station transmits the service quality poll frame and gives described access point;
Described access point transmits fourth media access control protocol data unit frame and gives described mobile radio station, described fourth media access control protocol data unit frame comprises fourth media access control service data unit and finishes service field, whether wherein said end service field is used for described access point and notifies described mobile radio station to also have the tendency to develop of medium access control service data unit to give described mobile radio station, the value of described end service field is zero, illustrates that described access point does not have the tendency to develop of medium access control service data unit to give described mobile radio station at present;
Described mobile radio station receives described fourth media access control protocol data unit frame, and judge the described fourth media access control service data unit of described fourth media access control protocol data unit frame, whether identical with described the 3rd medium access control service data unit of described the 3rd medium access control protocol data unit frame; And
If identical, then described mobile radio station does not detect attack.
16. as claimed in claim 15 under battery saving mode the method for attack detecting, it is characterized in that whether described mobile radio station is present in described access point according to described data, and judge whether that the step that detects attack more may further comprise the steps:
If the described fourth media access control service data unit of described fourth media access control protocol data unit frame, inequality with described the 3rd medium access control service data unit of described the 3rd medium access control protocol data unit frame, judge then whether described end service field is zero; And
If be zero, then described mobile radio station detects attack.
17. as claimed in claim 16 under battery saving mode the method for attack detecting, it is characterized in that whether described mobile radio station is present in described access point according to described data, and judge whether that the step that detects attack more may further comprise the steps:
If described end service field is non-vanishing, then described mobile radio station continues to transmit described service quality poll frame and gives described access point.
CN200510100550A 2005-10-17 2005-10-17 Mobile station and its method for detecting attack under power-saving mode Expired - Fee Related CN1953387B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN200510100550A CN1953387B (en) 2005-10-17 2005-10-17 Mobile station and its method for detecting attack under power-saving mode

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN200510100550A CN1953387B (en) 2005-10-17 2005-10-17 Mobile station and its method for detecting attack under power-saving mode

Publications (2)

Publication Number Publication Date
CN1953387A CN1953387A (en) 2007-04-25
CN1953387B true CN1953387B (en) 2010-05-05

Family

ID=38059529

Family Applications (1)

Application Number Title Priority Date Filing Date
CN200510100550A Expired - Fee Related CN1953387B (en) 2005-10-17 2005-10-17 Mobile station and its method for detecting attack under power-saving mode

Country Status (1)

Country Link
CN (1) CN1953387B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101562871B (en) * 2008-04-18 2011-09-28 鸿富锦精密工业(深圳)有限公司 Mobile station and method for preventing attack
US10205573B2 (en) 2013-09-13 2019-02-12 Futurewei Technologies, Inc. System and method for OFDMA PS-poll transmission

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004034602A1 (en) * 2002-10-10 2004-04-22 Symbol Technologies, Inc. Wlan communications system
CN1518288A (en) * 2003-01-15 2004-08-04 华为技术有限公司 Method of transmittng down data from insertion site in radio local network

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004034602A1 (en) * 2002-10-10 2004-04-22 Symbol Technologies, Inc. Wlan communications system
CN1518288A (en) * 2003-01-15 2004-08-04 华为技术有限公司 Method of transmittng down data from insertion site in radio local network

Also Published As

Publication number Publication date
CN1953387A (en) 2007-04-25

Similar Documents

Publication Publication Date Title
US11044670B2 (en) Unscheduled peer power save mode
US7911991B2 (en) Apparatus and method for controlling data communication in wireless local area network
US8050360B2 (en) Direct link relay in a wireless network
KR101645782B1 (en) Method for managing power save mede in wireless lan system, and device for supporting same
CN100527696C (en) Electric power management method and apparatus
US20100246461A1 (en) Power saving method for wireless access point
CN105578577A (en) Standby time improvements for stations in a wireless network
CN101395844A (en) Standby time improvements for stations in a wireless network
US20130148556A1 (en) System And Method For Access Point Power Save
US7574199B2 (en) Mobile station and method for detecting attacks in a power save mode for the same
WO2018079025A1 (en) Communication apparatus, communication control method, and program
WO2022052708A1 (en) Method for establishing multiple links in wireless communication system, and communication apparatus
CN1953387B (en) Mobile station and its method for detecting attack under power-saving mode
US8730857B2 (en) Filtering group-addressed frames in Wi-Fi devices
CN108430096B (en) Communication method, communication device and communication equipment of wireless local area network
CA2770833C (en) Apparatus and method for power save mode in wireless local area network
CN101185291A (en) Enhanced scanning for access entities
CN108430097B (en) Communication method, communication device and communication equipment of wireless local area network
WO2023194351A1 (en) Method of controlling operating states of a first communication interface through mediation via a second communication interface
CN116939845A (en) Multilink communication method and device
EP4193698A1 (en) Devices and methods for energy efficient multi-link communication in a wireless network
KR20090047597A (en) Apparatus and method for power saving mode support in broadband wireless access system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
C17 Cessation of patent right
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20100505

Termination date: 20111017