US20060194568A1 - System and method for determining location of rogue wireless access point - Google Patents
System and method for determining location of rogue wireless access point Download PDFInfo
- Publication number
- US20060194568A1 US20060194568A1 US11/414,018 US41401806A US2006194568A1 US 20060194568 A1 US20060194568 A1 US 20060194568A1 US 41401806 A US41401806 A US 41401806A US 2006194568 A1 US2006194568 A1 US 2006194568A1
- Authority
- US
- United States
- Prior art keywords
- wireless devices
- location
- unauthorized
- authorized wireless
- record
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
- H04W12/121—Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
- H04W12/122—Counter-measures against attacks; Protection against rogue devices
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/63—Location-dependent; Proximity-dependent
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W64/00—Locating users or terminals or network equipment for network management purposes, e.g. mobility management
Definitions
- wireless networks With the proliferation of wireless networks, many organizations (e.g., enterprises, universities, hospitals, etc.) have installed or are planning to install wireless networks in additional or, in alternative, to wired networks. Such wireless networks are believed to increase efficiency and productivity. However, one of disadvantages of wireless networks is security of such networks. Unlike wired networks, which are usually enclosed in secure and protected premisses of the organization, elements of wireless networks (e.g., wireless access points [“AP”]) may be scattered throughout the organization's premises.
- AP wireless access points
- a rogue AP is an unauthorized AP that allows a third party to access the organization's network without a permission of the organization. For instance, a rogue AP may be installed with malicious intentions (e.g., to obtain access to the organization's data stored on the network).
- Another example of utilization of a rogue AP is a less threatening scenario: a member of the organization (e.g., an employee) may connect a rogue AP to the organization's network without a proper authorization. In other words, the employee may be authorized to use the organization's network, but the use of that particular AP may be unauthorized.
- This situation may occur, for example, if the employee decided to use his personal AP for more convenient access to the organization's network. If the AP is not properly configured to provide a secure access to authorized users, then unauthorized users using compatible hardware may also gain access to the network. This may be of particular concern when the AP covers a physical area outside of the organization's premises. Then, unauthorized users may access the network without physically entering the organization's premises.
- the network administrator monitors the traffic on the network. Once a rogue AP is detected, however, the problem is to locate this rogue AP so that it can be removed. Finding the rogue AP may be a difficult task as the AP may be hidden anywhere in the organization's premises. For example, the rogue AP may be hidden under ceilings or behind walls. There is, therefore, a need for a system and method that determines a particular location of a rogue AP with great accuracy (e.g., within two feet) within the organization's premises.
- AP unauthorized wireless access point
- a tracking data record is generated partially based on information obtained during the tracking of the tracking beacon.
- the tracking record may include a location of each of the authorized APs and at least one of (i) a first strength data corresponding to a strength of the tracking beacon as measured by each of the authorized APs and (ii) a first time data corresponding to a time period that it takes for the tracking beacon to arrive at each of the authorized APs.
- the location of the unauthorized AP is determined as a function of at least one of (i) the tracking record and (ii) a calibrating record.
- the calibrating record may include (a) at least one of a second strength data corresponding to a strength of a calibrating beacon as transmitted from a predetermined location within the communication network and received by each of the authorized APs and a second time data corresponding to a time period that it takes for the calibrating beacon to arrive from the predetermined location to each of the authorized AP, (b) the predetermined location and (c) the location of each of the authorized AP.
- FIG. 1 shows an exemplary embodiment of a system according to the present invention
- FIG. 2 shows an exemplary embodiment of a method according to the present invention.
- FIG. 1 shows an exemplary embodiment of a wireless network and, in particular, a wireless local area network (“WLAN”) 100 according to the present invention.
- the WLAN 100 may include a plurality of authorized access points (“AP”s) 10 , 20 and 30 .
- the WLAN 100 may also include a plurality of authorized mobile units MUs (e.g., MU 1 - 5 ) and at least one server (e.g., a server 70 ).
- the APs 10 - 30 may be connected directly to the server 70 .
- the WLAN 100 includes a database 82 storing data regarding authorized devices, authorized users, locations of the WLAN's assets, etc.
- the database 82 may also include identification information about devices that are specifically prohibited from accessing the WLAN 100 .
- the MU 1 accesses various assets of the WLAN 100 via the APs 10 - 30 .
- the MU 1 may access the WLAN 100 via the closest AP. Every AP periodically transmits beacon signals which may be used to determine the closest AP.
- the MU 1 may determine that the AP 20 is the closest AP. Therefore, the MU 1 establishes wireless communication with the WLAN 100 via the AP 20 , rather than via the AP 10 or the AP 30 .
- the MU 1 first waits for a communication channel to the AP 20 to be available. Once the communication channel is available, the MU 1 transmits an authentication message to the AP 20 requesting an access to the WLAN 100 .
- the authentication message may contain user's identification data (e.g., login name and password).
- the AP 20 receives the authentication message from the MU 1 , it initiates an authentication process.
- the authentication process may include verification of the identification data received from the user against the data stored in the database 82 . If the identification data is not verified, then the MU 1 is denied access to the WLAN 100 .
- the AP 20 transmits a corresponding response authorizing the MU 1 to access the WLAN 100 .
- the MU 1 may access the WLAN 100 via the AP 20 .
- the user of the MU 1 may then access the server 70 .
- An unauthorized user may desire to obtain access to the WLAN 100 , and in particular, to the server 70 utilizing an unauthorized, or rogue, AP 60 .
- the rogue AP 60 may be configured to check its resident database before approving an access to the WLAN 100 .
- the resident database of the AP 60 configured by the unauthorized user may contain, for example, a login name and/or password of the unauthorized user.
- the rogue AP 60 may be configured to approve an access without verifying the identification data from the authentication message. The rogue AP 60 may then provide access to the WLAN 100 by a rogue MU 6 .
- the unauthorized user may use the MU 6 to access the server 70 via the rogue AP 60 .
- the MU 6 transmits an authentication message to the rogue AP 60 , which is configured by the unauthorized user to allow the MU 6 to access the WLAN 100 .
- the unauthorized user may gain access to the server 70 by logging in in the same manner as the authorized user.
- FIG. 2 shows a method according to an exemplary embodiment of the present invention utilized to determine the location of the rogue AP 60 with great accuracy (e.g., within two feet). Such location, or a specific area within which the rough AP 60 may be located, may be determined in relationship to another know object or location (e.g., within a three feet radius of a printer in Mr. Smith's Alex's office; in a reception area—near a door, etc.). The method is described with reference to FIG. 1 . Those skilled in the art will understand that other systems having varying configurations, for example, different numbers of APs, WLANs or MUs may be used to implement the exemplary method.
- the rogue AP 60 is detected and identified as an unauthorized AP.
- the detection of the rogue AP 60 may be accomplished in a variety of ways.
- the network administrator may monitor the traffic on the WLAN 100 using a sniffer program to detect any rogue APs.
- beacon signals are periodically transmitted by every AP.
- the beacon signal may contain information including a MAC address of the transmitting AP, a service set identification (“SSID”), supported data rates, etc.
- the MAC address is an identifier assigned by the manufacturer and hence it is utilized as a manufacturer identification of the AP.
- the SSID identifies a virtual local area network (“VLAN”) that is served by a particular WLAN.
- the VLAN may encompass a single WLAN (e.g., WLAN 100 ) or a plurality of WLANs.
- the WLAN 100 may serve a plurality of VLANs and a particular AP beacon, from an AP associated with the WLAN 100 , contain a list of SSIDs.
- the first exemplary criteria is based upon a verification of the manufacturer identification of the MAC address of the transmitting AP.
- the data stored in the beacon signal is compared to the data stored on the database 82 , which contains data of the authorized APs.
- the second exemplary criteria is based upon a verification using the SSID stored in the beacon signal against the authorized SSIDs stored in the database 82 . If this criteria is utilized, the network administrator or another authorized user may generate a list of valid SSIDs. Therefore, if the rogue AP 60 is manufactured by an authorized manufacturer but the SSID in the beacon is invalid, then the presence of the rogue AP 60 is detected. Those skilled in the art will understand that the network administrator may also insert other codes into the beacons of the authorized APs that may be used to identify authorized/unauthorized APs.
- a “set trap” procedure creates a data record of information that may be useful for tracking the rogue AP 60 .
- a data record may include, for example, the MAC and SSID addresses of the AP 10 , as well as the MAC and SSID addresses of the rogue AP 60 .
- the data record may also include the time and date when the data record was created and the criteria used to detect the rogue AP 60 (e.g., unverified manufacturers MAC address, no matching SSID, etc.).
- AP's that are situated within a predetermined proximity to the rogue AP 60 are instructed to track beacon signals emanating from the rogue AP 60 . For instance, assuming that all APs 10 - 30 detect the rogue AP 60 , all APs 10 - 30 also track the signals of the detected rogue AP 60 .
- the physical location of the rogue AP 60 may be determine by utilizing Received Signal Strength Indication (“RSSI” measured in dBm) data and/or Difference in Time Of Arrival (“DTOA” measured in ns) data as discussed in more detail below. While either the DTOA data or the RSSI data alone may be sufficient to calculate the location of the rogue AP 60 . It is preferred that both of the sets of data are used in order to provide the most accurate calculation of the rogue AP 60 's location.
- RSSI Received Signal Strength Indication
- DTOA Difference in Time Of Arrival
- the calibration procedure Prior to the set trap procedure, a calibration procedure needs to be performed, if RSSI is to be utilized.
- the calibration procedure is optional for DTOA.
- the calibration procedure may be accomplished by placing a computing device (e.g., MU 4 or any AP) at a number of particular locations within the WLAN 100 (i.e., a landmark).
- the landmark may be a reception area, a publication room, a storage room, a server room, etc.
- calibration data such as shown below, is generated.
- the Calibration Table shows exemplary calibration data including the RSSI data and the DTOA data as recorded by each AP 10 - 30 for four different landmarks within the WLAN 100 .
- each AP 10 - 30 obtains different data readings because of the different distance between each AP 10 - 30 and the MU 4 .
- the calibration process is preferably repeated a few times in order to obtain accurate calibration data.
- the APs 10 - 30 may record and analyze the beacon signals in order to generate the RSSI data. That RSSI data may be then transmitted to the server 70 for further analysis (step 140 ). Alternatively, the RSSI data may be stored by the corresponding AP and periodically retrieved by the server 70 or automatically forwarded to the server 70 .
- the system for handling communication of this RSSI data may be implemented with the common simple network management protocol (“SNMP”) or a similar protocol.
- At least three reference points are used.
- Three reference points e.g., APs 10 - 30
- APs 10 - 30 represent a minimum number of locations inside a three-dimensional space (i.e., a building where the WLAN 100 is located) that would be required to calculate the position of a fourth point (i.e., rogue AP 60 ). Since the rogue AP 60 continually transmits beacon signals, the APs 10 - 30 may continually receive and compile corresponding RSSI data. There is only one point in this three-dimensional space that correlates to all three RSSI data points collected from the rouge AP 60 by the AP 10 - 30 .
- DTOA data may be used to determine the location of the rogue AP 60 by triangulating the distance between the rogue AP 60 and three points of references: the APs 10 - 30 .
- the location may determine using the DTOA data along with the calibration data.
- the APs 10 - 30 either alone or in combination with RSSI data collection, generate DTOA data.
- the DTOA data may be generated by processing the received beacon signals from the rogue AP 60 and measuring the time that it takes for those beacon signal to arrive at the corresponding APs 10 - 30 .
- at least three reference points are necessary (e.g., APs 10 - 30 ).
- the server 70 analyzes the RSSI and/or DTOA data received from the APs 10 - 30 and compares to the RSSI data and/or the DTOA data generated during the calibration procedure.
- the RSSI data and/or DTOA data allow the server 70 to determine the distances between the rogue AP 60 and the corresponding APs 10 - 30 . For example, if the AP 20 records a stronger signal strength value than the AP 30 , it may be that the AP 60 is located closer to the AP 20 . This determination may be made with additional precision if either or both the AP 20 and the AP 30 use directional antennas.
- the RSSI data and/or DTOA data provide the server 70 with sufficient distance data to determine the location of the rogue AP 60 within the WLAN 100 .
- the server 70 since the server 70 has the distance data between each AP 10 - 30 and the rogue AP 60 obtained from the RSSI and/or DTOA data, it can calculate the location of the rogue AP 60 relative to those APs 10 - 30 .
- One exemplary method for determining the location of the rogue AP 60 is as follows. First, the location of the rogue AP 60 is determined using the RSSI data and the calibration data. Then, the location of the rogue AP 60 is further pinpointed by triangulating with the DTOA data.
- the server 70 may then display the results of the calculation on a map of the WLAN 100 , e.g. FIG. 1 , and overlay the APs 10 - 30 on the map, since the location of the APs 10 - 30 is known.
- the map of the WLAN 100 may be used in conjunction with a physical map of the organization's building (e.g., an architectural blueprint).
- the present invention has been described with reference to an embodiment having the WLAN 100 with the APs 10 - 30 , the single rogue AP 60 , the one authorized MU 1 , and the server 70 .
- One skilled in the art would understand that the present invention may also be successfully implemented, for example, for a plurality of rogue APs, a plurality of APs in a WLAN, etc. Accordingly, various modifications and changes may be made to the embodiments without departing from the broadest spirit and scope of the present invention as set forth in the claims that follow.
- the specification and drawings are accordingly to be regarded in an illustrative rather than restrictive sense.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
- Small-Scale Networks (AREA)
Abstract
Described are a method and system for determining a location of an unauthorized wireless access point (“AP”) accessing a communication network. The system may include at least three authorized wireless devices and a computing arrangement generating a tracking data record. The tracking record includes a location of each of the at least three authorized wireless devices and strength data corresponding to strengths of signals of the unauthorized AP as measured by each of the at least three authorized wireless devices. The computing arrangement determines the location of the unauthorized AP as a function of the tracking record.
Description
- The present application is a continuation of a U.S. patent application Ser. No. 10/699,257 filed Oct. 31, 2003, entitled “System and Method for Determining Location of Rogue Wireless Access Point”. The entire disclosure of the prior application, is considered as being part of the disclosure of the accompanying application and is hereby expressly incorporated by reference herein.
- With the proliferation of wireless networks, many organizations (e.g., enterprises, universities, hospitals, etc.) have installed or are planning to install wireless networks in additional or, in alternative, to wired networks. Such wireless networks are believed to increase efficiency and productivity. However, one of disadvantages of wireless networks is security of such networks. Unlike wired networks, which are usually enclosed in secure and protected premisses of the organization, elements of wireless networks (e.g., wireless access points [“AP”]) may be scattered throughout the organization's premises.
- One major threat to wireless network security is a rogue AP. A rogue AP is an unauthorized AP that allows a third party to access the organization's network without a permission of the organization. For instance, a rogue AP may be installed with malicious intentions (e.g., to obtain access to the organization's data stored on the network). Another example of utilization of a rogue AP is a less threatening scenario: a member of the organization (e.g., an employee) may connect a rogue AP to the organization's network without a proper authorization. In other words, the employee may be authorized to use the organization's network, but the use of that particular AP may be unauthorized. This situation may occur, for example, if the employee decided to use his personal AP for more convenient access to the organization's network. If the AP is not properly configured to provide a secure access to authorized users, then unauthorized users using compatible hardware may also gain access to the network. This may be of particular concern when the AP covers a physical area outside of the organization's premises. Then, unauthorized users may access the network without physically entering the organization's premises.
- To address the threat of a rogue AP, the network administrator monitors the traffic on the network. Once a rogue AP is detected, however, the problem is to locate this rogue AP so that it can be removed. Finding the rogue AP may be a difficult task as the AP may be hidden anywhere in the organization's premises. For example, the rogue AP may be hidden under ceilings or behind walls. There is, therefore, a need for a system and method that determines a particular location of a rogue AP with great accuracy (e.g., within two feet) within the organization's premises.
- Described are a method and system for determining a location of an unauthorized wireless access point (“AP”) accessing a communication network. Upon notification of existence of the unauthorized AP, at least three authorized APs of the communication network initiate tracking a beacon of the unauthorized AP.
- A tracking data record is generated partially based on information obtained during the tracking of the tracking beacon. The tracking record may include a location of each of the authorized APs and at least one of (i) a first strength data corresponding to a strength of the tracking beacon as measured by each of the authorized APs and (ii) a first time data corresponding to a time period that it takes for the tracking beacon to arrive at each of the authorized APs. The location of the unauthorized AP is determined as a function of at least one of (i) the tracking record and (ii) a calibrating record. The calibrating record may include (a) at least one of a second strength data corresponding to a strength of a calibrating beacon as transmitted from a predetermined location within the communication network and received by each of the authorized APs and a second time data corresponding to a time period that it takes for the calibrating beacon to arrive from the predetermined location to each of the authorized AP, (b) the predetermined location and (c) the location of each of the authorized AP.
-
FIG. 1 shows an exemplary embodiment of a system according to the present invention; and -
FIG. 2 shows an exemplary embodiment of a method according to the present invention. -
FIG. 1 shows an exemplary embodiment of a wireless network and, in particular, a wireless local area network (“WLAN”) 100 according to the present invention. TheWLAN 100 may include a plurality of authorized access points (“AP”s) 10, 20 and 30. The WLAN 100 may also include a plurality of authorized mobile units MUs (e.g., MU 1-5) and at least one server (e.g., a server 70). The APs 10-30 may be connected directly to theserver 70. The WLAN 100 includes adatabase 82 storing data regarding authorized devices, authorized users, locations of the WLAN's assets, etc. Thedatabase 82 may also include identification information about devices that are specifically prohibited from accessing theWLAN 100. - The MU 1 accesses various assets of the
WLAN 100 via the APs 10-30. Depending where the MU 1 is located at a particular time, the MU 1 may access the WLAN 100 via the closest AP. Every AP periodically transmits beacon signals which may be used to determine the closest AP. For example, the MU 1 may determine that the AP 20 is the closest AP. Therefore, the MU 1 establishes wireless communication with theWLAN 100 via the AP 20, rather than via the AP 10 or the AP 30. - If the user of the
MU 1 attempts to access theserver 70, theMU 1 first waits for a communication channel to the AP 20 to be available. Once the communication channel is available, theMU 1 transmits an authentication message to the AP 20 requesting an access to theWLAN 100. The authentication message may contain user's identification data (e.g., login name and password). When the AP 20 receives the authentication message from theMU 1, it initiates an authentication process. The authentication process may include verification of the identification data received from the user against the data stored in thedatabase 82. If the identification data is not verified, then theMU 1 is denied access to theWLAN 100. However, if the identification data is verified, then the AP 20 transmits a corresponding response authorizing theMU 1 to access theWLAN 100. Once theMU 1 receives authorization, theMU 1 may access theWLAN 100 via the AP 20. For example, the user of theMU 1 may then access theserver 70. - An unauthorized user may desire to obtain access to the
WLAN 100, and in particular, to theserver 70 utilizing an unauthorized, or rogue,AP 60. Therogue AP 60 may be configured to check its resident database before approving an access to theWLAN 100. The resident database of the AP 60, configured by the unauthorized user may contain, for example, a login name and/or password of the unauthorized user. Alternatively, the rogue AP 60 may be configured to approve an access without verifying the identification data from the authentication message. Therogue AP 60 may then provide access to theWLAN 100 by arogue MU 6. - The unauthorized user may use the
MU 6 to access theserver 70 via therogue AP 60. TheMU 6 transmits an authentication message to therogue AP 60, which is configured by the unauthorized user to allow theMU 6 to access theWLAN 100. The unauthorized user may gain access to theserver 70 by logging in in the same manner as the authorized user. -
FIG. 2 shows a method according to an exemplary embodiment of the present invention utilized to determine the location of therogue AP 60 with great accuracy (e.g., within two feet). Such location, or a specific area within which therough AP 60 may be located, may be determined in relationship to another know object or location (e.g., within a three feet radius of a printer in Mr. Smith's Alex's office; in a reception area—near a door, etc.). The method is described with reference toFIG. 1 . Those skilled in the art will understand that other systems having varying configurations, for example, different numbers of APs, WLANs or MUs may be used to implement the exemplary method. - In
step 110, therogue AP 60 is detected and identified as an unauthorized AP. A person skilled in the art will understand that the detection of therogue AP 60 may be accomplished in a variety of ways. For example, the network administrator may monitor the traffic on theWLAN 100 using a sniffer program to detect any rogue APs. - Another method of detecting the
rogue AP 60 may involve beacon signals. These beacons are periodically transmitted by every AP. The beacon signal may contain information including a MAC address of the transmitting AP, a service set identification (“SSID”), supported data rates, etc. The MAC address is an identifier assigned by the manufacturer and hence it is utilized as a manufacturer identification of the AP. The SSID identifies a virtual local area network (“VLAN”) that is served by a particular WLAN. The VLAN may encompass a single WLAN (e.g., WLAN 100) or a plurality of WLANs. Conversely, theWLAN 100 may serve a plurality of VLANs and a particular AP beacon, from an AP associated with theWLAN 100, contain a list of SSIDs. - Based on the information stored in the beacon signals, a determination is made as to whether the beacon signal received is from an authorized or unauthorized AP. This may be determined based on two exemplary criteria. These criteria may be used alternatively or in conjunction to determine if the particular AP is unauthorized. Those skilled in the art would understand that there may be a plurality of other criteria used to make such determination.
- The first exemplary criteria is based upon a verification of the manufacturer identification of the MAC address of the transmitting AP. The data stored in the beacon signal is compared to the data stored on the
database 82, which contains data of the authorized APs. - The second exemplary criteria is based upon a verification using the SSID stored in the beacon signal against the authorized SSIDs stored in the
database 82. If this criteria is utilized, the network administrator or another authorized user may generate a list of valid SSIDs. Therefore, if therogue AP 60 is manufactured by an authorized manufacturer but the SSID in the beacon is invalid, then the presence of therogue AP 60 is detected. Those skilled in the art will understand that the network administrator may also insert other codes into the beacons of the authorized APs that may be used to identify authorized/unauthorized APs. - In
step 120, once a determination is made that the beacon is received from the unauthorizedrogue AP 60, a “set trap” procedure is initiated. The “set trap” procedure creates a data record of information that may be useful for tracking therogue AP 60. Such a data record may include, for example, the MAC and SSID addresses of theAP 10, as well as the MAC and SSID addresses of therogue AP 60. The data record may also include the time and date when the data record was created and the criteria used to detect the rogue AP 60 (e.g., unverified manufacturers MAC address, no matching SSID, etc.). - After the “set trap” procedure has been initiated, AP's that are situated within a predetermined proximity to the rogue AP 60 (i.e., those AP's that detected the rogue AP) are instructed to track beacon signals emanating from the
rogue AP 60. For instance, assuming that all APs 10-30 detect therogue AP 60, all APs 10-30 also track the signals of the detectedrogue AP 60. - The physical location of the
rogue AP 60 may be determine by utilizing Received Signal Strength Indication (“RSSI” measured in dBm) data and/or Difference in Time Of Arrival (“DTOA” measured in ns) data as discussed in more detail below. While either the DTOA data or the RSSI data alone may be sufficient to calculate the location of therogue AP 60. It is preferred that both of the sets of data are used in order to provide the most accurate calculation of the rogue AP 60 's location. - Prior to the set trap procedure, a calibration procedure needs to be performed, if RSSI is to be utilized. The calibration procedure is optional for DTOA. The calibration procedure may be accomplished by placing a computing device (e.g., MU 4 or any AP) at a number of particular locations within the WLAN 100 (i.e., a landmark). The landmark may be a reception area, a publication room, a storage room, a server room, etc. During the calibration procedure calibration data, such as shown below, is generated.
Calibration Table AP 10 AP 20 AP 30Reception area −10 dBm 4 ns −20 dBm 3 ns −30 dBm 2 ns Publication −40 dBm 1 ns −20 dBm 3 ns −20 dBm 3 ns room Storage room −30 dBm 2 ns −10 dBm 4 ns −20 dBm 3 ns Server room −20 dBm 3 ns −30 dBm 2 ns −10 dBm 4 ns - The Calibration Table shows exemplary calibration data including the RSSI data and the DTOA data as recorded by each AP 10-30 for four different landmarks within the
WLAN 100. In particular, each AP 10-30 obtains different data readings because of the different distance between each AP 10-30 and the MU 4. The calibration process is preferably repeated a few times in order to obtain accurate calibration data. - In
step 132, the APs 10-30 may record and analyze the beacon signals in order to generate the RSSI data. That RSSI data may be then transmitted to theserver 70 for further analysis (step 140). Alternatively, the RSSI data may be stored by the corresponding AP and periodically retrieved by theserver 70 or automatically forwarded to theserver 70. The system for handling communication of this RSSI data may be implemented with the common simple network management protocol (“SNMP”) or a similar protocol. - In order to determine the location of the
rogue AP 60 using the RSSI data, preferably, at least three reference points (i.e., APs 10-30) are used. Three reference points (e.g., APs 10-30) represent a minimum number of locations inside a three-dimensional space (i.e., a building where theWLAN 100 is located) that would be required to calculate the position of a fourth point (i.e., rogue AP 60). Since therogue AP 60 continually transmits beacon signals, the APs 10-30 may continually receive and compile corresponding RSSI data. There is only one point in this three-dimensional space that correlates to all three RSSI data points collected from therouge AP 60 by the AP 10-30. - It is also possible to use DTOA data to determine the location of the
rogue AP 60 by triangulating the distance between therogue AP 60 and three points of references: the APs 10-30. In addition, or in alternative, the location may determine using the DTOA data along with the calibration data. Instep 130, the APs 10-30, either alone or in combination with RSSI data collection, generate DTOA data. The DTOA data may be generated by processing the received beacon signals from therogue AP 60 and measuring the time that it takes for those beacon signal to arrive at the corresponding APs 10-30. To determine the location of therogue AP 60 using the DTOA data, at least three reference points are necessary (e.g., APs 10-30). - In
step 150, theserver 70 analyzes the RSSI and/or DTOA data received from the APs 10-30 and compares to the RSSI data and/or the DTOA data generated during the calibration procedure. The RSSI data and/or DTOA data allow theserver 70 to determine the distances between therogue AP 60 and the corresponding APs 10-30. For example, if the AP 20 records a stronger signal strength value than theAP 30, it may be that theAP 60 is located closer to the AP 20. This determination may be made with additional precision if either or both the AP 20 and theAP 30 use directional antennas. - The RSSI data and/or DTOA data provide the
server 70 with sufficient distance data to determine the location of therogue AP 60 within theWLAN 100. In other words, since theserver 70 has the distance data between each AP 10-30 and therogue AP 60 obtained from the RSSI and/or DTOA data, it can calculate the location of therogue AP 60 relative to those APs 10-30. One exemplary method for determining the location of therogue AP 60 is as follows. First, the location of therogue AP 60 is determined using the RSSI data and the calibration data. Then, the location of therogue AP 60 is further pinpointed by triangulating with the DTOA data. - The
server 70 may then display the results of the calculation on a map of theWLAN 100, e.g.FIG. 1 , and overlay the APs 10-30 on the map, since the location of the APs 10-30 is known. The map of theWLAN 100 may be used in conjunction with a physical map of the organization's building (e.g., an architectural blueprint). - The present invention has been described with reference to an embodiment having the
WLAN 100 with the APs 10-30, the singlerogue AP 60, the one authorizedMU 1, and theserver 70. One skilled in the art would understand that the present invention may also be successfully implemented, for example, for a plurality of rogue APs, a plurality of APs in a WLAN, etc. Accordingly, various modifications and changes may be made to the embodiments without departing from the broadest spirit and scope of the present invention as set forth in the claims that follow. The specification and drawings are accordingly to be regarded in an illustrative rather than restrictive sense.
Claims (20)
1. A method for determining a location of an unauthorized wireless access point (“AP”) in a communications network, comprising:
generating a tracking data record which includes a location of each of at least three authorized wireless devices and strength data corresponding to a strength of signals of the unauthorized AP as measured by each of the at least three authorized wireless devices; and
determining the location of the unauthorized AP as a function of the tracking data record.
2. The method according to claim 1 , further comprising:
upon receiving notification of an existence of the unauthorized AP in the communications network, selecting the at least three authorized wireless devices from a plurality of authorized wireless devices to track the signals of the unauthorized AP.
3. The method according to claim 1 , wherein the tracking data record further includes time data corresponding to time periods that it takes for the signals to arrive at each of the at least three authorized wireless devices.
4. The method according to claim 3 , wherein the determining step includes the following substep:
determining the location of the unauthorized AP as a function of a calibrating record, the calibrating record including (a) at least one of (i) second strength data corresponding to a strength of a calibrating signal as transmitted from a predetermined location within the communications network and received by each of the at least three authorized wireless devices and (ii) second time data corresponding to a time period that it takes for the calibrating signal to arrive at each of the at least three authorized wireless devices from the predetermined location, (b) the predetermined location and (c) the location of each of the at least three authorized wireless devices.
5. The method according to claim 1 , wherein each of the at least three authorized wireless devices is one of an access point and a wireless mobile device.
6. The method according to claim 4 , wherein the determining step includes the substep of calculating the location of the unauthorized AP as a function of the strength data and the second strength data.
7. The method according to claim 4 , wherein the determining step includes at least one of (i) the substep of triangulating the location of the unauthorized AP using the time data and (ii) the substep of calculating the location of the unauthorized AP as a function of the time data and the second time data.
8. The method according to claim 4 , further comprising:
before the determining step, performing a calibration procedure including the following substeps:
placing a calibrating device at a plurality of predetermined locations within the communication network,
tracking a calibration signal from the calibrating device using each of the at least three authorized wireless devices, and
generating a calibration record based on data generated in the tracking substep.
9. A system for determining a location of an unauthorized wireless access point (“AP”) accessing a communications network, comprising:
at least three authorized wireless devices; and
a computing arrangement generating a tracking data record which includes a location of each of the at least three authorized wireless devices and strength data corresponding to strengths of signals of the unauthorized AP as measured by each of the at least three authorized wireless devices,
wherein the computing arrangement determines the location of the unauthorized AP as a function of the tracking record.
10. The system according to claim 9 , wherein, upon notification of existence of the unauthorized AP, the computing arrangement selects the at least three authorized wireless devices from a group of authorized wireless devices to track the signals of the unauthorized AP.
11. The system according to claim 9 , wherein the tracking data record further includes time data corresponding to time periods that it takes for the signals to arrive at each of the at least three authorized wireless devices.
12. The system according to claim 11 , wherein the computing arrangement further utilizes a calibrating data record to determine the location of the unauthorized AP, the calibrating record including (a) at least one of (i) second strength data corresponding to a strength of a calibrating signal as transmitted from a predetermined location within the communications network and received by each of the at least three wireless devices and (ii) second time data corresponding to a time period that it takes for the calibrating signal to arrive at each of the at least three authorized wireless devices, (b) the predetermined location and (c) the location of each of the at least three authorized wireless devices.
13. The system according to claim 12 , wherein the computing arrangement calculates the location of the unauthorized AP as a function of the strength data and the second strength data.
14. The system according to claim 12 , wherein the computing arrangement performs at least one of (i) triangulating the location of the unauthorized AP using the time data and (ii) calculating the location of the unauthorized AP as a function of the time data and the second time data.
15. The system according to claim 9 , wherein each of the at least three authorized wireless devices is one of an AP and a wireless mobile device.
16. A computing device for determining a location of an unauthorized wireless access point (“AP”) accessing a communications network, comprising:
a communication arrangement communicating with at least three authorized wireless devices in the communications network; and
a processor determining the location of the unauthorized AP as a function of a tracking data record,
wherein the tracking data record includes a location of each of the at least three authorized wireless devices and strength data corresponding to strengths of signals transmitted by the unauthorized AP as measured by each of the at least three authorized wireless devices.
17. The computing device according to claim 16 , wherein, upon receiving notification of an existence of the unauthorized AP, the processor selects the at least three authorized wireless devices from a group of authorized wireless devices to track the signals from the unauthorized AP.
18. The computing device according to claim 16 , wherein the data record further includes a time data corresponding to time periods that it takes for the signals to arrive at each of the at least three authorized wireless devices.
19. The computing device according to claim 18 , further comprising:
a memory arrangement storing a calibrating data record,
wherein the calibrating record includes (a) at least one of (i) second strength data corresponding to a strength of a calibrating signal as transmitted from a predetermined location within the communications network and received by each of the at least three authorized wireless devices and (ii) second time data corresponding to a time period that it takes for the calibrating signal to arrive at each of the at least three authorized wireless devices,(b) the predetermined location and (c) the location of each of the at least three authorized wireless devices, and
wherein the processor determines the location of the unauthorized AP as a function of the calibration record and the tracking record.
20. A device, comprising:
a communication means for communicating with at least three authorized wireless devices in a communications network; and
a processing means for determining a location of an unauthorized AP in the communications network as a function of a tracking data record,
wherein the tracking data record is generated by the at least three authorized wireless devices during tracking of signals of the unauthorized AP, the tracking data record including a location of each of the at least three authorized wireless devices and strength data corresponding to a strength of the signals transmitted by the unauthorized AP as measured by each of the at least three authorized wireless devices.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/414,018 US20060194568A1 (en) | 2003-10-31 | 2006-04-28 | System and method for determining location of rogue wireless access point |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10/699,257 US7069024B2 (en) | 2003-10-31 | 2003-10-31 | System and method for determining location of rogue wireless access point |
US11/414,018 US20060194568A1 (en) | 2003-10-31 | 2006-04-28 | System and method for determining location of rogue wireless access point |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/699,257 Continuation US7069024B2 (en) | 2003-10-31 | 2003-10-31 | System and method for determining location of rogue wireless access point |
Publications (1)
Publication Number | Publication Date |
---|---|
US20060194568A1 true US20060194568A1 (en) | 2006-08-31 |
Family
ID=34573279
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/699,257 Active 2025-02-14 US7069024B2 (en) | 2003-10-31 | 2003-10-31 | System and method for determining location of rogue wireless access point |
US11/414,018 Abandoned US20060194568A1 (en) | 2003-10-31 | 2006-04-28 | System and method for determining location of rogue wireless access point |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/699,257 Active 2025-02-14 US7069024B2 (en) | 2003-10-31 | 2003-10-31 | System and method for determining location of rogue wireless access point |
Country Status (6)
Country | Link |
---|---|
US (2) | US7069024B2 (en) |
EP (1) | EP1678960B1 (en) |
JP (1) | JP4747099B2 (en) |
CN (1) | CN101243697B (en) |
TW (1) | TWI345427B (en) |
WO (1) | WO2005046254A2 (en) |
Cited By (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050265286A1 (en) * | 2004-05-31 | 2005-12-01 | Canon Kabushiki Kaisha | Communication system for connecting a communication apparatus to a specific connecting apparatus |
US20060135189A1 (en) * | 2004-12-22 | 2006-06-22 | Shirish Nagaraj | Method of controlling a received signal strength target in a wireless communication system |
US20070021093A1 (en) * | 2005-07-21 | 2007-01-25 | Steve Chu | Network communications security enhancing |
US20090088132A1 (en) * | 2007-09-28 | 2009-04-02 | Politowicz Timothy J | Detecting unauthorized wireless access points |
US20120094625A1 (en) * | 2007-05-14 | 2012-04-19 | Compucat Research Pty Limited | Detecting unauthorised radio communications devices |
US8462745B2 (en) | 2008-06-16 | 2013-06-11 | Skyhook Wireless, Inc. | Methods and systems for determining location using a cellular and WLAN positioning system by selecting the best WLAN PS solution |
US8478297B2 (en) | 2004-10-29 | 2013-07-02 | Skyhook Wireless, Inc. | Continuous data optimization of moved access points in positioning systems |
US8549643B1 (en) * | 2010-04-02 | 2013-10-01 | Symantec Corporation | Using decoys by a data loss prevention system to protect against unscripted activity |
US8630664B2 (en) | 2004-10-29 | 2014-01-14 | Skyhook Wireless, Inc. | Access point database |
US8638256B2 (en) | 2009-09-29 | 2014-01-28 | Skyhook Wireless, Inc. | Accuracy and performance of a hybrid positioning system |
US8890746B2 (en) | 2010-11-03 | 2014-11-18 | Skyhook Wireless, Inc. | Method of and system for increasing the reliability and accuracy of location estimation in a hybrid positioning system |
US8983493B2 (en) | 2004-10-29 | 2015-03-17 | Skyhook Wireless, Inc. | Method and system for selecting and providing a relevant subset of Wi-Fi location information to a mobile client device so the client device may estimate its position with efficient utilization of resources |
US20180219869A1 (en) * | 2014-06-13 | 2018-08-02 | Philips Lighting Holding B.V. | Localization based on network of wireless nodes |
US10469443B2 (en) | 2017-06-23 | 2019-11-05 | Honeywell International Inc. | Systems and methods for resolving double address faults during the commissioning of a connected system |
Families Citing this family (40)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8483717B2 (en) | 2003-06-27 | 2013-07-09 | Qualcomm Incorporated | Local area network assisted positioning |
US8971913B2 (en) * | 2003-06-27 | 2015-03-03 | Qualcomm Incorporated | Method and apparatus for wireless network hybrid positioning |
US7069024B2 (en) * | 2003-10-31 | 2006-06-27 | Symbol Technologies, Inc. | System and method for determining location of rogue wireless access point |
US7260408B2 (en) * | 2004-02-20 | 2007-08-21 | Airespace, Inc. | Wireless node location mechanism using antenna pattern diversity to enhance accuracy of location estimates |
US7720461B2 (en) * | 2004-02-26 | 2010-05-18 | Research In Motion Limited | Mobile communications device with security features |
US7286833B2 (en) * | 2004-02-27 | 2007-10-23 | Airespace, Inc. | Selective termination of wireless connections to refresh signal information in wireless node location infrastructure |
US7205938B2 (en) * | 2004-03-05 | 2007-04-17 | Airespace, Inc. | Wireless node location mechanism responsive to observed propagation characteristics of wireless network infrastructure signals |
GB0406094D0 (en) * | 2004-03-17 | 2004-04-21 | Koninkl Philips Electronics Nv | Making time-of-flight measurements in master/slave and ad hoc networks by evesdropping on messages |
US7433696B2 (en) | 2004-05-18 | 2008-10-07 | Cisco Systems, Inc. | Wireless node location mechanism featuring definition of search region to optimize location computation |
US7319878B2 (en) | 2004-06-18 | 2008-01-15 | Qualcomm Incorporated | Method and apparatus for determining location of a base station using a plurality of mobile stations in a wireless mobile network |
US7317914B2 (en) | 2004-09-24 | 2008-01-08 | Microsoft Corporation | Collaboratively locating disconnected clients and rogue access points in a wireless network |
US7783756B2 (en) * | 2005-06-03 | 2010-08-24 | Alcatel Lucent | Protection for wireless devices against false access-point attacks |
US7257413B2 (en) * | 2005-08-24 | 2007-08-14 | Qualcomm Incorporated | Dynamic location almanac for wireless base stations |
JP4733488B2 (en) * | 2005-09-26 | 2011-07-27 | マイクロソフト コーポレーション | A method for cooperatively finding disconnected clients and rogue access points in a wireless network |
US7716740B2 (en) * | 2005-10-05 | 2010-05-11 | Alcatel Lucent | Rogue access point detection in wireless networks |
US7567822B2 (en) * | 2005-10-11 | 2009-07-28 | Cisco Technology, Inc. | Automated configuration of RF WLANs via selected sensors |
CA2744873C (en) * | 2005-11-07 | 2013-07-30 | Qualcomm Incorporated | Positioning for wlans and other wireless networks |
RU2390791C2 (en) * | 2005-11-07 | 2010-05-27 | Квэлкомм Инкорпорейтед | Positioning for wlan and other wireless networks |
US7889737B2 (en) * | 2005-12-02 | 2011-02-15 | Texas Instruments Incorporated | Locally administered MAC address based method for selectively and efficiently identifying enhanced version nodes of standards |
US9226257B2 (en) * | 2006-11-04 | 2015-12-29 | Qualcomm Incorporated | Positioning for WLANs and other wireless networks |
US8627470B2 (en) | 2007-11-13 | 2014-01-07 | Cisco Technology, Inc. | System and method for wireless network and physical system integration |
US8385913B2 (en) | 2008-09-08 | 2013-02-26 | Proxicom Wireless, Llc | Using a first wireless link to exchange identification information used to communicate over a second wireless link |
US8208454B2 (en) * | 2009-04-29 | 2012-06-26 | Hewlett-Packard Development Company, L.P. | Determining optimal locations for wireless access points in a wireless network |
US8694624B2 (en) * | 2009-05-19 | 2014-04-08 | Symbol Technologies, Inc. | Systems and methods for concurrent wireless local area network access and sensing |
EP2460321A1 (en) * | 2009-07-31 | 2012-06-06 | Hewlett-Packard Development Company, L. P. | Method for detection of a rogue wireless access point |
WO2012029409A1 (en) * | 2010-09-03 | 2012-03-08 | Nec Corporation | A control apparatus, a communication system, a communication method and a recording medium having recorded thereon a communication program |
CN102811481A (en) * | 2011-06-03 | 2012-12-05 | 北京千橡网景科技发展有限公司 | Method and equipment for determining positions of wireless access points |
US9198056B2 (en) | 2012-10-22 | 2015-11-24 | CenturyLink Itellectual Property LLC | Optimized distribution of wireless broadband in a building |
WO2015000158A1 (en) * | 2013-07-04 | 2015-01-08 | Hewlett-Packard Development Company, L.P. | Determining legitimate access point response |
AU2014410620B2 (en) * | 2014-11-05 | 2018-07-05 | Huawei Technologies Co., Ltd. | Method and apparatus for obtaining location information |
US10284584B2 (en) | 2014-11-06 | 2019-05-07 | International Business Machines Corporation | Methods and systems for improving beaconing detection algorithms |
US9591007B2 (en) * | 2014-11-06 | 2017-03-07 | International Business Machines Corporation | Detection of beaconing behavior in network traffic |
US9723588B1 (en) * | 2016-03-28 | 2017-08-01 | Google Inc. | Determining a location of a wireless transmitter |
WO2018053513A1 (en) * | 2016-09-19 | 2018-03-22 | Vector Flight LLC | Beacon detection system for locating a missing search subject. a search system configured to operate on a search vehicle and computer implemented method of determining a location of a search subject |
CN106412915A (en) * | 2016-10-31 | 2017-02-15 | 宇龙计算机通信科技(深圳)有限公司 | Pseudo-wireless access point identification method and system |
US11457362B2 (en) * | 2018-05-28 | 2022-09-27 | Samsung Electronics Co., Ltd. | Terminal device and method for identifying malicious AP by using same |
MX2021005347A (en) * | 2018-11-07 | 2021-06-30 | Commscope Technologies Llc | Wireless local area network with reliable backhaul between access points. |
US11463882B2 (en) | 2019-04-18 | 2022-10-04 | Sophos Limited | Endpoint-controlled rogue AP avoidance + rogue AP detection using synchronized security |
US11743738B2 (en) | 2020-03-05 | 2023-08-29 | Comcast Cable Communications, Llc | Evaluation of access point placement |
US20220377554A1 (en) * | 2021-05-19 | 2022-11-24 | Cisco Technology, Inc. | Access point verification using crowd-sourcing |
Citations (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030186679A1 (en) * | 2002-03-27 | 2003-10-02 | International Business Machines Corporation | Methods, apparatus and program product for monitoring network security |
US20030232598A1 (en) * | 2002-06-13 | 2003-12-18 | Daniel Aljadeff | Method and apparatus for intrusion management in a wireless network using physical location determination |
US20040003285A1 (en) * | 2002-06-28 | 2004-01-01 | Robert Whelan | System and method for detecting unauthorized wireless access points |
US20040023640A1 (en) * | 2002-08-02 | 2004-02-05 | Ballai Philip N. | System and method for detection of a rogue wireless access point in a wireless communication network |
US6754488B1 (en) * | 2002-03-01 | 2004-06-22 | Networks Associates Technologies, Inc. | System and method for detecting and locating access points in a wireless network |
US20040137915A1 (en) * | 2002-11-27 | 2004-07-15 | Diener Neil R. | Server and multiple sensor system for monitoring activity in a shared radio frequency band |
US20040198392A1 (en) * | 2003-04-03 | 2004-10-07 | Elaine Harvey | Method and system for locating a wireless access device in a wireless network |
US20040252937A1 (en) * | 2002-08-12 | 2004-12-16 | Neptec Optical Solutions, Inc. | Optical switch assembly |
US20040252837A1 (en) * | 2003-04-03 | 2004-12-16 | Elaine Harvey | Method and system for detecting characteristics of a wireless network |
US20050030929A1 (en) * | 2003-07-15 | 2005-02-10 | Highwall Technologies, Llc | Device and method for detecting unauthorized, "rogue" wireless LAN access points |
US20050114649A1 (en) * | 2002-03-27 | 2005-05-26 | Challener David C. | Methods apparatus and program products for wireless access points |
US7069024B2 (en) * | 2003-10-31 | 2006-06-27 | Symbol Technologies, Inc. | System and method for determining location of rogue wireless access point |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5613205A (en) * | 1995-03-31 | 1997-03-18 | Telefonaktiebolaget Lm Ericsson | System and method of locating a mobile terminal within the service area of a cellular telecommunication system |
DE60023155T2 (en) * | 2000-11-24 | 2006-07-06 | Telefonaktiebolaget Lm Ericsson (Publ) | Fraud detection procedure for mobile telecommunication networks |
JP3792154B2 (en) * | 2001-12-26 | 2006-07-05 | インターナショナル・ビジネス・マシーンズ・コーポレーション | Network security system, computer apparatus, access point recognition processing method, access point check method, program, and storage medium |
CN1191703C (en) * | 2001-12-31 | 2005-03-02 | 西安西电捷通无线网络通信有限公司 | Safe inserting method of wide-band wireless IP system mobile terminal |
-
2003
- 2003-10-31 US US10/699,257 patent/US7069024B2/en active Active
-
2004
- 2004-10-28 CN CN2004800314338A patent/CN101243697B/en active Active
- 2004-10-28 JP JP2006538228A patent/JP4747099B2/en not_active Expired - Fee Related
- 2004-10-28 EP EP04796584.3A patent/EP1678960B1/en active Active
- 2004-10-28 WO PCT/US2004/035714 patent/WO2005046254A2/en active Application Filing
- 2004-10-29 TW TW093133047A patent/TWI345427B/en not_active IP Right Cessation
-
2006
- 2006-04-28 US US11/414,018 patent/US20060194568A1/en not_active Abandoned
Patent Citations (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6754488B1 (en) * | 2002-03-01 | 2004-06-22 | Networks Associates Technologies, Inc. | System and method for detecting and locating access points in a wireless network |
US20030186679A1 (en) * | 2002-03-27 | 2003-10-02 | International Business Machines Corporation | Methods, apparatus and program product for monitoring network security |
US20050114649A1 (en) * | 2002-03-27 | 2005-05-26 | Challener David C. | Methods apparatus and program products for wireless access points |
US20030232598A1 (en) * | 2002-06-13 | 2003-12-18 | Daniel Aljadeff | Method and apparatus for intrusion management in a wireless network using physical location determination |
US20040003285A1 (en) * | 2002-06-28 | 2004-01-01 | Robert Whelan | System and method for detecting unauthorized wireless access points |
US20040023640A1 (en) * | 2002-08-02 | 2004-02-05 | Ballai Philip N. | System and method for detection of a rogue wireless access point in a wireless communication network |
US20040252937A1 (en) * | 2002-08-12 | 2004-12-16 | Neptec Optical Solutions, Inc. | Optical switch assembly |
US20040137915A1 (en) * | 2002-11-27 | 2004-07-15 | Diener Neil R. | Server and multiple sensor system for monitoring activity in a shared radio frequency band |
US20040198392A1 (en) * | 2003-04-03 | 2004-10-07 | Elaine Harvey | Method and system for locating a wireless access device in a wireless network |
US20040252837A1 (en) * | 2003-04-03 | 2004-12-16 | Elaine Harvey | Method and system for detecting characteristics of a wireless network |
US20050030929A1 (en) * | 2003-07-15 | 2005-02-10 | Highwall Technologies, Llc | Device and method for detecting unauthorized, "rogue" wireless LAN access points |
US7069024B2 (en) * | 2003-10-31 | 2006-06-27 | Symbol Technologies, Inc. | System and method for determining location of rogue wireless access point |
Cited By (26)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050265286A1 (en) * | 2004-05-31 | 2005-12-01 | Canon Kabushiki Kaisha | Communication system for connecting a communication apparatus to a specific connecting apparatus |
US7430183B2 (en) * | 2004-05-31 | 2008-09-30 | Canon Kabushiki Kaisha | Communication system for connecting a communication apparatus to a specific connecting apparatus |
US8837363B2 (en) | 2004-10-29 | 2014-09-16 | Skyhook Wireless, Inc. | Server for updating location beacon database |
US9918295B2 (en) | 2004-10-29 | 2018-03-13 | Skyhook Wireless, Inc. | Techniques for computing location of a mobile device using calculated locations of Wi-Fi access points from a reference database |
US9554247B2 (en) | 2004-10-29 | 2017-01-24 | Skyhook Wireless, Inc. | Techniques for computing location of a mobile device based on observed Wi-Fi access points |
US9369884B2 (en) | 2004-10-29 | 2016-06-14 | Skyhook Wireless, Inc. | Techniques for computing location of a mobile device based on observed Wi-Fi access points |
US8538457B2 (en) | 2004-10-29 | 2013-09-17 | Skyhook Wireless, Inc. | Continuous data optimization of moved access points in positioning systems |
US8478297B2 (en) | 2004-10-29 | 2013-07-02 | Skyhook Wireless, Inc. | Continuous data optimization of moved access points in positioning systems |
US8630664B2 (en) | 2004-10-29 | 2014-01-14 | Skyhook Wireless, Inc. | Access point database |
US8983493B2 (en) | 2004-10-29 | 2015-03-17 | Skyhook Wireless, Inc. | Method and system for selecting and providing a relevant subset of Wi-Fi location information to a mobile client device so the client device may estimate its position with efficient utilization of resources |
US8965412B2 (en) | 2004-10-29 | 2015-02-24 | Skyhook Wireless, Inc. | Location-based services that choose location algorithms based on number of detected access points within range of user device |
US20060135189A1 (en) * | 2004-12-22 | 2006-06-22 | Shirish Nagaraj | Method of controlling a received signal strength target in a wireless communication system |
US20070021093A1 (en) * | 2005-07-21 | 2007-01-25 | Steve Chu | Network communications security enhancing |
US7720462B2 (en) * | 2005-07-21 | 2010-05-18 | Cisco Technology, Inc. | Network communications security enhancing |
US20120094625A1 (en) * | 2007-05-14 | 2012-04-19 | Compucat Research Pty Limited | Detecting unauthorised radio communications devices |
US20090088132A1 (en) * | 2007-09-28 | 2009-04-02 | Politowicz Timothy J | Detecting unauthorized wireless access points |
US8638725B2 (en) | 2008-06-16 | 2014-01-28 | Skyhook Wireless, Inc. | Methods and systems for determining location using a cellular and WLAN positioning system by selecting the best WLAN PS solution |
US8462745B2 (en) | 2008-06-16 | 2013-06-11 | Skyhook Wireless, Inc. | Methods and systems for determining location using a cellular and WLAN positioning system by selecting the best WLAN PS solution |
US8638256B2 (en) | 2009-09-29 | 2014-01-28 | Skyhook Wireless, Inc. | Accuracy and performance of a hybrid positioning system |
US8549643B1 (en) * | 2010-04-02 | 2013-10-01 | Symantec Corporation | Using decoys by a data loss prevention system to protect against unscripted activity |
US8890746B2 (en) | 2010-11-03 | 2014-11-18 | Skyhook Wireless, Inc. | Method of and system for increasing the reliability and accuracy of location estimation in a hybrid positioning system |
US20180219869A1 (en) * | 2014-06-13 | 2018-08-02 | Philips Lighting Holding B.V. | Localization based on network of wireless nodes |
US11041933B2 (en) * | 2014-06-13 | 2021-06-22 | Signify Holding B.V. | Localization based on network of wireless nodes |
US10469443B2 (en) | 2017-06-23 | 2019-11-05 | Honeywell International Inc. | Systems and methods for resolving double address faults during the commissioning of a connected system |
US10951579B2 (en) | 2017-06-23 | 2021-03-16 | Honeywell International Inc. | Systems and methods for resolving double address faults during the commissioning of a connected system |
US11611531B2 (en) | 2017-06-23 | 2023-03-21 | Honeywell International Inc. | Systems and methods for resolving double address faults during the commissioning of a connected system |
Also Published As
Publication number | Publication date |
---|---|
WO2005046254A3 (en) | 2007-06-28 |
CN101243697A (en) | 2008-08-13 |
EP1678960A4 (en) | 2013-02-20 |
JP2007520915A (en) | 2007-07-26 |
TWI345427B (en) | 2011-07-11 |
US7069024B2 (en) | 2006-06-27 |
EP1678960A2 (en) | 2006-07-12 |
EP1678960B1 (en) | 2018-03-21 |
TW200525166A (en) | 2005-08-01 |
CN101243697B (en) | 2011-01-05 |
JP4747099B2 (en) | 2011-08-10 |
WO2005046254A2 (en) | 2005-05-19 |
US20050113090A1 (en) | 2005-05-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7069024B2 (en) | System and method for determining location of rogue wireless access point | |
US7676218B2 (en) | System and method for detection of a rouge wireless access point in a wireless communication network | |
CN106537963B (en) | Positioning based on wireless node network | |
US7346358B2 (en) | Logical boundaries in communications networks | |
JP6189538B2 (en) | Indoor location security and privacy | |
US8922344B2 (en) | Detecting rogue radio frequency based tags based on locationing | |
WO2014113882A1 (en) | Computer system and method for indoor geo-fencing and access control | |
US7810154B2 (en) | System and method for detection and location of rogue wireless access users in a computer network | |
US20120196621A1 (en) | Estimation of Position Using WLAN Access Point Radio Propagation Characteristics in a WLAN Positioning System | |
US7020476B2 (en) | Wireless network security | |
US20090210935A1 (en) | Scanning Apparatus and System for Tracking Computer Hardware | |
US20040267551A1 (en) | System and method of restricting access to wireless local area network based on client location | |
US20150138013A1 (en) | Apparatus and method for positioning wlan terminal | |
KR20160099182A (en) | Method for providing security service for wireless device and apparatus thereof | |
US20070091858A1 (en) | Method and apparatus for tracking unauthorized nodes within a network | |
KR101237877B1 (en) | Method for measuring position using access point and apparatus therefor and method for administering access | |
Alamleh et al. | Enforcing Location-based Access Policies Using the Existing IEEE 802.11 Infrastructure | |
Balbela et al. | Indoor Positioning: Comparing Different Techniques and Choosing the Best One for a User Authentication Real Scenario | |
Čapkun | Securing Localization in Wireless Networks (using Verifiable Multilateration and Covert Base Stations) | |
Chen et al. | Overview of Wireless Localization | |
Lim et al. | Secure wireless location services |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: SYMBOL TECHNOLOGIES, INC., NEW YORK Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:SHARONY, JACOB;REEL/FRAME:017826/0628 Effective date: 20040401 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |