WO2005081460A1 - 不正無線局検出システム、それに用いる装置及びその方法 - Google Patents
不正無線局検出システム、それに用いる装置及びその方法 Download PDFInfo
- Publication number
- WO2005081460A1 WO2005081460A1 PCT/JP2005/002494 JP2005002494W WO2005081460A1 WO 2005081460 A1 WO2005081460 A1 WO 2005081460A1 JP 2005002494 W JP2005002494 W JP 2005002494W WO 2005081460 A1 WO2005081460 A1 WO 2005081460A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- unauthorized
- wireless
- managed
- station
- wireless communication
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
- H04W12/121—Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
- H04W12/122—Counter-measures against attacks; Protection against rogue devices
Definitions
- Illegal radio station detection system device used therefor, and method therefor
- the present invention relates to an unauthorized wireless station detection system and an operation management device, a wireless base station, a wireless communication terminal, and a method therefor, and more particularly to monitoring of a wireless station appearing in an environment using a wireless LAN system and the wireless station. It relates to a method of preventing information leakage from stations.
- Patent Document 1 discloses a network security system, a computer device, an access point recognition processing method, an access point check method, a program, a storage medium, Techniques related to wireless LAN devices are disclosed.
- an SSID used as an identifier will be described.
- a group of terminals and base stations that communicate with each other is called a Basic Service Set, and the identifier of the group is called a BSSID.
- the physical address (MAC (Media Access Control) address) of the base station is used.
- the value is an arbitrary value assigned by the terminal (uniqueness is not strictly guaranteed because it is assigned by each terminal).
- ESS extended service set
- a regular (managed) wireless LAN client executes a scan process to identify a wireless LAN identifier from a packet of a surrounding access point (hereinafter, AP).
- AP access point
- SSID Service Set ID
- AP detection list that also includes the SSID power.
- comparing with the pre-registered AP permission list if there is an unregistered SSID, it is determined that there is an unauthorized AP, and the location of the unauthorized AP is notified to notify that location. Unauthorized APs can be removed.
- the router is operated to transfer data with the rogue AP. Prohibit transmission and reception.
- Patent Document 1 JP 2003-198571
- the disclosed invention has the following problems.
- the first problem is to use a wireless LAN system identifier that is not unique as an identifier of an unauthorized AP.
- the wireless LAN system identifier (SSID: Service Set ID) is an identifier that is set when the wireless LAN system is built, and is a value that can be easily changed by the user.
- the same wireless LAN system identifier can be assigned to the wireless LAN base station (AP).
- AP wireless LAN base station
- the second problem is to detect an unauthorized AP using only the wireless LAN system identifier (SSID)!
- devices that output wireless LAN system identifiers include wireless LAN base stations (APs) that operate in infrastructure mode and wireless LAN clients that operate in ad hoc mode. Therefore, it is necessary to search for both the wireless LAN base station (AP) and the wireless LAN client as candidates for unauthorized wireless stations, and the search efficiency is poor. .
- the third problem is that since a wireless LAN device having an SSID concealment function exists in the field, an unauthorized base station (AP) cannot detect the use of the function when the function is used. That is.
- the fourth problem is that there is no specific description prohibiting the transmission and reception of data with an unauthorized base station (AP).
- the present invention has been made to solve the above-mentioned problem, and it is an object of the present invention to improve security by detecting and notifying the presence of an unauthorized radio station and preventing the information leakage of the unauthorized radio station. It is an object of the present invention to provide an unauthorized wireless station detection system that realizes the efficiency of the security management work, an operation management device, a wireless base station, a wireless communication terminal, and a method thereof used for the system. Means for solving the problem
- a first invention for solving the above-mentioned problems is a wireless communication system including a managed wireless base station having a unique identifier, wherein the presence or absence of an unauthorized wireless station is detected based on the unique identifier included in a wireless frame. And an unauthorized radio station detecting means.
- the unauthorized radio station detecting means includes a comparing means for comparing the unique identifier with a previously registered unique identifier, Means for making a determination on the unauthorized radio station based on the comparison result.
- a third invention for solving the above-mentioned problems is characterized in that, in the above-mentioned first or second invention, when the group of a wireless communication terminal and a wireless base station communicating with each other is a basic service set, It is an identifier (BSS identifier) for identifying a basic service set.
- BSS identifier an identifier
- a fourth invention for solving the above-mentioned problem is the above-mentioned third invention, wherein the unauthorized radio station detecting means further comprises means for determining the type of the unauthorized radio station from the BSS identifier. It is characterized.
- the unauthorized radio station detecting means further comprises means for determining a manufacturer of the unauthorized radio station from the BSS identifier. It is characterized by having.
- a sixth invention for solving the above-mentioned problem is the managed wireless device according to any one of the first to fifth inventions, wherein the managed wireless device is managed by a system and has means for acquiring a radio frame and obtaining the unique identifier. Including a base station, the unauthorized wireless station detecting means further includes means for obtaining the unique identifier from the managed wireless base station.
- a seventh invention for solving the above-mentioned problems is the managed wireless device according to any one of the first to fifth inventions, wherein the managed wireless device is managed by a system and has means for acquiring a radio frame and obtaining the unique identifier. Including a communication terminal, the unauthorized radio station detecting means further includes means for obtaining the unique identifier from the managed wireless communication terminal.
- An eighth invention for solving the above-mentioned problems is the invention according to any one of the first to sixth inventions, wherein the unauthorized wireless station detecting means comprises a managed wireless communication terminal connected to the unauthorized wireless station. A means for notifying the terminal that the use of the unauthorized radio station is prohibited.
- a ninth invention for solving the above-mentioned problems is the invention according to any one of the first to sixth inventions, further comprising a switch device, wherein the unauthorized radio station detecting means is connected to the unauthorized radio station.
- the apparatus further comprises means for detecting an address of an unauthorized wireless communication terminal and notifying the switch apparatus of the address, wherein the switch apparatus has means for discarding a wireless frame including the address.
- a tenth invention for solving the above-mentioned problems is the invention according to any one of the first to sixth inventions, wherein the unauthorized wireless station detecting means is configured to communicate with the managed wireless base station with the unauthorized wireless communication terminal. And a means for notifying the managed wireless communication terminal connected to the managed wireless base station of the unauthorized wireless station.
- An eleventh invention for solving the above-mentioned problems is characterized in that, in any one of the first to sixth inventions, the unauthorized radio station detecting means comprises an unauthorized radio communication terminal connected to the managed radio base station. Further, there is provided a means for controlling so as to disable the communication.
- a twelfth invention for solving the above-mentioned problems is the invention according to any one of the first to sixth inventions, wherein the unauthorized radio station detecting means is provided for a managed radio base station around the unauthorized radio station.
- the radio frame power further comprises means for notifying an identifier (SS identifier) for identifying a service set of the unauthorized radio station acquired, and the managed radio base station receiving the notification of the SS identifier includes the When a wireless frame is received from a wireless communication terminal connected using the same value as the SS identifier, the wireless communication terminal has means for discarding the wireless frame.
- SS identifier an identifier
- a thirteenth invention for solving the above problems is an operation management device in a wireless communication system including a wireless base station to be managed having a unique identifier, wherein the unauthorized wireless station is configured based on a unique identifier included in a wireless frame. It is characterized by including an unauthorized radio station detecting means for detecting the presence / absence of a radio station.
- the unauthorized radio station detecting means comprises: comparing means for comparing the unique identifier with a previously registered unique identifier; Means for making a determination on the unauthorized radio station based on the result. It is characterized by.
- a fifteenth invention for solving the above-mentioned problems is characterized in that, in the thirteenth or fourteenth invention, the unique identifier is a group of wireless communication terminals and wireless base stations that communicate with each other as a basic service set. It is characterized by being an identifier (BSS identifier) for identifying the basic service set.
- BSS identifier an identifier
- a sixteenth invention for solving the above-mentioned problems is characterized in that, in the above-mentioned fifteenth invention, means for judging the type of said unauthorized radio station from said BSS identifier is further included.
- a seventeenth invention for solving the above-mentioned problems is characterized in that, in the fifteenth or sixteenth invention, further comprises means for determining a manufacturer of the unauthorized radio station from the BSS identifier.
- An eighteenth invention for solving the above-mentioned problems is the management target radio according to any one of the thirteenth to seventeenth inventions, wherein the managed radio is managed by a system to acquire a radio frame and obtain the unique identifier.
- the base station power further comprises means for obtaining the unique identifier.
- a nineteenth invention for solving the above-mentioned problems is the management target radio according to any one of the thirteenth to seventeenth inventions, wherein the managed radio is managed by a system to acquire a radio frame and obtain the unique identifier. It is characterized by further including means for obtaining the unique identifier from the communication terminal.
- a twentieth invention for solving the above-mentioned problems is the invention according to any one of the thirteenth to eighteenth inventions, wherein the management-target wireless communication terminal connected to the unauthorized radio station has the unauthorized radio station. It is characterized by further including means for giving a notice of prohibition of use.
- the switch according to any of the thirteenth to eighteenth inventions, wherein an address of an unauthorized wireless communication terminal connected to the unauthorized wireless station is detected, and
- the apparatus further comprises means for notifying the device of the address.
- a twenty-second invention for solving the above-mentioned problems is the invention according to any one of the thirteenth to eighteenth inventions, wherein the management-target wireless base station is notified of the unauthorized wireless communication terminal.
- the wireless communication apparatus further includes means for notifying the managed wireless communication terminal connected to the managed wireless base station of the unauthorized radio station.
- a twenty-third invention for solving the above-mentioned problems is characterized in that, in any one of the thirteenth to eighteenth inventions, communication of an unauthorized wireless communication terminal connected to said managed wireless base station is disabled. It is characterized by further including a means for performing such control.
- a twenty-fourth invention for solving the above-mentioned problems is the invention according to any one of the thirteenth to eighteenth inventions, wherein the radio frame power acquisition is performed for a managed radio base station around the unauthorized radio station. Means for notifying the identified identifier (SS identifier) for identifying the service set of the unauthorized radio station.
- SS identifier identified identifier
- a twenty-fifth invention for solving the above problems is a radio base station in a radio communication system including a radio base station to be managed having a unique identifier, and an operation management device for operating and managing the system. And means for notifying the operation management device of the unique identifier to detect the presence or absence of an unauthorized radio station.
- a twenty-sixth invention for solving the above-mentioned problems is characterized in that, in the twenty-fifth invention, the means for receiving the notification of the unauthorized wireless communication terminal from the operation management device and disabling the communication of the unauthorized wireless communication terminal is provided. It is further characterized by including.
- the operation management apparatus receives a notification of an identifier (SS identifier) for identifying a service set of the unauthorized radio station.
- SS identifier an identifier
- the wireless communication terminal further includes means for discarding the wireless frame.
- a twenty-eighth invention for solving the above-mentioned problems is a wireless communication terminal in a wireless communication system including a managed wireless base station having a unique identifier and an operation management device for operating and managing the system. And means for notifying the operation management device of the unique identifier to detect the presence or absence of an unauthorized radio station.
- a twenty-ninth invention for solving the above-mentioned problems is characterized in that, in the above-mentioned twenty-eighth invention, further includes means for prohibiting use of the unauthorized radio station notified from the operation management device.
- a thirtieth invention for solving the above-mentioned problem is a method for detecting an unauthorized radio station in a wireless communication system including a managed radio base station having a unique identifier, wherein the unauthorized radio is detected based on the unique identifier included in a radio frame. A step of detecting the presence or absence of a station.
- a thirty-first invention for solving the above-mentioned problem is an operation control method of a wireless base station in a wireless communication system including a managed wireless base station having a unique identifier and an operation management device for operating and managing the system.
- a thirty-second invention for solving the above-mentioned problem is an operation control method of a wireless communication terminal in a wireless communication system including a managed wireless base station having a unique identifier and an operation management device for operating and managing the system. And a step of notifying the operation management device of the unique identifier to detect the presence or absence of an unauthorized wireless station.
- a thirty-third invention for solving the above-mentioned problem is a program for causing a computer to execute an unauthorized wireless station detection method in a wireless communication system including a managed wireless base station having a unique identifier. It is characterized by including a process of detecting the presence or absence of an unauthorized radio station based on the included unique identifier.
- a thirty-fourth invention for solving the above-mentioned problems relates to a computer-controlled operation method of a wireless base station in a wireless communication system including a managed wireless base station having a unique identifier and an operation management device for operating and managing the system.
- a thirty-fifth invention for solving the above-mentioned problems is directed to a method for controlling the operation of a wireless communication terminal in a wireless communication system including a managed wireless base station having a unique identifier and an operation management device for operating and managing the system.
- the operation of the present invention will be described.
- the wireless station to be managed searches the wireless space over multiple frequency channels, and also obtains the BSS identifier and the frame source identifier, which are IDs unique to each base station, for the frame power propagating in the space, and manages the operation.
- the device detects an illegal wireless station by comparing the obtained BSS identifier with the BSS identifier of a base station registered as a base station to be managed. Also, the type and the manufacturer are determined using the acquired frame source identifier. In addition, the operation management device notifies the presence of the unauthorized wireless station to the managed (regular) wireless base station, the managed terminal, the switch device, and the like, and instructs the unauthorized wireless station to discard a frame or disconnect the communication. Measures to prevent communication with unauthorized radio stations.
- a BSS identifier that is a unique identifier of each wireless station is obtained from a frame transmitted by the unauthorized wireless station to the wireless space, and the unauthorized wireless station is identified based on the BSS identifier. Therefore, it is possible to detect an unauthorized base station without allowing spoofing by an unauthorized user or the like.
- the organization name indicating the manufacturer of the unauthorized radio station is determined from a part of the BSS identifier, and the organization name is determined, it is possible to narrow down the unauthorized radio station and perform a power search.
- the frame source identifier of the terminal connected to the unauthorized radio station is obtained, the frame source identifier is set in the wired LAN switch, and the source of the frame passing through the wired LAN switch is set. If the identifiers match, discarding the frame can prevent communication between the terminal connected to the unauthorized radio station and the node in the wired network.
- FIG. 1 is a wireless LAN monitoring system to which the present invention is applied.
- FIG. 2 is a functional block diagram of each component of the wireless LAN monitoring systems according to the first and second embodiments.
- FIG. 3 is a processing flow of the wireless LAN monitoring systems of Examples 1 and 2.
- FIG. 4 is a processing flow of the operation management device in the processing flow of the wireless LAN monitoring systems of the first and second embodiments.
- FIG. 5 is a processing flow of the operation management device in the processing flow of the wireless LAN monitoring systems of the first and second embodiments.
- FIG. 6 This is an example showing connection between a managed AP, a rogue AP and a terminal.
- FIG. 7 is an example showing installation locations of managed APs and SWs.
- FIG. 8 is an example of various information lists held by the operation management device.
- FIG. 9 is an example showing the locations of managed APs and SWs and the vicinity of unauthorized APs.
- FIG. 10 is a processing flow of the wireless LAN monitoring system according to the third embodiment.
- FIG. 11 is a functional block diagram of each component of the wireless LAN monitoring system according to the third embodiment.
- FIG. 12 is a processing flow of the operation management device in the processing flow of the wireless LAN monitoring system of the third embodiment.
- FIG. 13 is a processing flow of the operation management device in the processing flow of the wireless LAN monitoring system of the third embodiment.
- FIG. 14 is an example of various information lists held by the operation management device of the third embodiment.
- FIG. 15 is a functional block diagram of each component of the wireless LAN monitoring system according to the fourth embodiment.
- FIG. 16 is an example of a Campaign ID list held in the operation management device of the fourth embodiment.
- FIG. 17 is a processing flow of the wireless LAN monitoring system according to the fifth embodiment.
- FIG. 18 is a functional block diagram of each component of the wireless LAN monitoring system according to the fifth embodiment.
- FIG. 19 is an example of a receivable BSS identifier list B held in the operation management device of the fifth embodiment.
- FIG. 20 is a processing flow of the operation management device in the processing flow of the wireless LAN monitoring system of the fifth embodiment.
- FIG. 21 is a processing flow of the operation management device in the processing flow of the wireless LAN monitoring system of the fifth embodiment. Explanation of symbols
- Unauthorized AP User List 106 Management target AP list (AP identifier)
- Receivable BSS identifier list 404 frame sender identifier list
- FIG. 1 is a diagram showing a configuration of a wireless LAN monitoring system to which the present invention is applied.
- the operation management device 100 that manages the operation of the wireless LAN, the display device 200 that displays the operation management information, the AP 300 to be managed (access point, wireless base station), the wireless communication terminal to be managed (hereinafter simply referred to as the terminal 400), a switch (SW) 600 that connects the AP and the wired network, and an unauthorized wireless station 500 that is not managed.
- SW switch
- the unauthorized wireless station 500 is connected to an ad hoc network in which managed client terminals 501 and 502 are connected, an unmanaged AP 503 operating in infrastructure mode (hereinafter referred to as an unauthorized AP), and a wired network operating in ad hoc mode.
- the terminal 504 has a!, Offset, or combination.
- FIG. 2 is a diagram showing functional blocks related to the present invention of each component of the wireless LAN monitoring system.
- the operation management device 100 includes a management target AP list (BSS identifier) 101 for storing information for identifying an individual wireless interface of the management target AP, and a reception for storing a receivable BSS identifier obtained from a non-management terminal.
- BSS identifier management target AP list
- AP identifier identifier
- the display device 200 includes a display unit 201 that displays operation management information, and a transmission / reception unit 202 that communicates with other components.
- the AP 300 includes a wired transmission / reception unit 301 that communicates with other components on the wired side, a BSS identifier storage unit 302 that stores a BSS identifier assigned to the AP 300, an unauthorized wireless station list 303 that stores information on unauthorized wireless stations, It comprises a wireless transmission / reception unit 304 that communicates with other components on the side.
- the managed client terminal 400 has a wireless transmission / reception unit 401 that communicates with the AP, a search processing execution unit 402 that searches for a wireless LAN existing around the managed client terminal, and a reception unit that stores BSS identifier information of the search result.
- BSS identifier list A403 frame source identifier list 404 storing frame source identifiers of search results, receiving / displaying messages notified / displayed from other components / display unit 405, the client terminal belongs to BSS identifier storage unit 406 for storing the BSS identifier of the AP to be connected, and unauthorized radio station list 407 for storing an identifier list for exclusion from the connection destination.
- the SW 600 includes a transmitting / receiving unit 601 for communicating with other components, an arithmetic processing unit 602 for performing arithmetic processing, and a filtering identifier storage unit for storing an identifier for identifying a filtering target when performing packet filtering. It consists of 603.
- FIG. 3 is a diagram showing a processing flow of the wireless LAN monitoring system to which the present invention is applied.
- FIGS. 4 and 5 are diagrams showing the operation in the operation management apparatus during the processing flow.
- Figure 6 shows the management target This is an example of a case where an AP (triangle), an unauthorized AP (star), and a terminal (square) coexist.
- the line drawn between the terminal and the managed AP or rogue AP indicates the connection relationship between the terminal and the AP.
- FIG. 7 (a) is a diagram showing the physical arrangement of managed APs and SWs, where the area is divided into multiple blocks (B4-1-1-B4-24), (b), (C) is a diagram showing the installation positions of the SW and the AP in block units.
- the search processing execution unit 402 of the client terminal to be managed periodically starts information acquisition of the surrounding wireless environment via the wireless transmission / reception unit 401.
- the information acquisition is performed by the client terminal to be managed at that time, and is performed not only for a certain frequency channel but also for other channels.
- the managed APs and unauthorized radio stations transmit frames for management and data (701 in Fig. 3), and the managed client terminal acquires these frames, and the BSS identifiers that have acquired the frame power can be received.
- BSS identifier list Store it in A403.
- the BSS identifier that also obtained the frame power, the identifier of the frame transmission source device, and the information that identifies whether the frame is a frame from the terminal to the AP or a frame to the AP power terminal are included in the frame transmission source identifier Jis 404. I do.
- the operation management apparatus acquires the BSS identifier of the AP to be managed (702 in FIG. 3, 801 in FIG. 4 (detailed description of this 801 will be described later in the embodiment section)).
- the managed AP is shown as a regular AP, and the same applies to other figures.
- the monitoring process execution unit 113 requests the AP described in the management target AP list (AP identifier) 106 (FIG. 8A) for the BSS identifier.
- the AP responds the information in the BSS identifier storage unit 302 to the operation management device, and the operation management device stores the obtained information in the management target AP list (BSS identifier) 101.
- the management target AP list (BSS identifier) may be created in advance and held by the operation management device.
- a receivable BSS identifier is obtained (703 in FIG. 3, 802 in FIG. 4 (detailed description of this 802 will be described later in the embodiment section)).
- the monitoring processing execution unit 113 requests the terminals described in the management target terminal list (terminal identifier) 107 for a receivable BSS identifier.
- the management target terminal responds to the operation management device with the information of the receivable BSS identifier list A403 and the information of the belonging BSS identifier storage unit 406, and the operation management device can receive the obtained information.
- BSS identifier list B102 (Fig. 8 (b) ).
- the monitoring process execution unit 113 includes an unauthorized AP list, an unauthorized Ad-hoc list, and an unauthorized AP detection terminal list. (803 in FIG. 4 (detailed description of this 803 will be described later in the embodiment section)).
- the BSS identifier in the managed AP list (BSS identifier) 101 is compared with the BSS identifier in the receivable BSS identifier list B102, and a BSS identifier that does not exist in the managed AP list (BSS identifier) 101 is extracted. If the BSS type included in the BSS identifier is AP, the unauthorized AP list 103 (Fig. 8
- the receivable BSS identifier and the BSS identifier of the AP to which the terminal that detected the unauthorized AP belongs are stored as the unauthorized AP BSS identifier and the detected BSS identifier, respectively.
- information on the managed terminal that detected the unauthorized AP is stored in the unauthorized AP detection terminal list 112 (FIG. 8).
- the monitoring process execution unit 113 notifies the managed AP to which the managed terminal that has detected the unauthorized AP belongs the information described in the unauthorized AP list 103 (704 in FIG. 3, and 901 in FIG. 5).
- the managed AP Upon receiving the notification, stores the information in the unauthorized wireless station list 303, and notifies the connected managed client terminal of the information of the unauthorized wireless station periodically or by an external instruction (705 in FIG. 3). .
- the managed terminal displays the information of the unauthorized radio station on the message reception 'display section 405, notifies the user of the presence of the unauthorized radio station, and displays the unauthorized radio station list 407 with the unauthorized radio station. Stores station information.
- the terminal to be managed should not be connected to a wireless station (base station or terminal) on the unauthorized wireless station list registered during the subsequent connection.
- the monitoring process execution unit 113 sends the identifier of the source of the frame flowing to the terminal AP (using the unauthorized AP) to the managed terminals listed in the unauthorized AP detection terminal list 112 ((d) in FIG. 8).
- Terminal identifier below, an unauthorized terminal identifier
- the management target terminal obtains desired information from the frame transmission source identifier list 404 and responds to the operation management device.
- the operation management device sends the acquired information to the frame It is stored in the source identifier list Bl 14 ((e) in Fig. 8).
- the unauthorized AP BSS identifier in the frame source identifier list B114 ((e) in Fig. 8) and the unauthorized AP list ((c) in Fig. 8) are also used to determine the BSS identifier to which the managed terminal that has detected the unauthorized AP belongs. From the AP installation location list 109 ((c) in FIG. 7) and the managed AP list (BSS identifier) 101, the unauthorized user identifier and the managed AP to which the managed terminal that detected the unauthorized terminal belongs belong. Is stored in the unauthorized AP use terminal list 105 ((f) in FIG. 8).
- the unauthorized terminal identifier is the identifier of the managed terminal from the managed terminal list 107 and stores it in the unauthorized AP using terminal list 105 ((f) in FIG. 8).
- terminal list 105 (f) in FIG. 8).
- R-STA-2 is a terminal to be managed.
- the monitoring process execution unit 113 takes countermeasures against an unauthorized AP use terminal (903 in FIG. 5 (the details of this 903 will be described later in the embodiment section)). If the number of consecutive detections is less than N (N is a natural number) when an unauthorized AP user terminal is managed, a message to prohibit the use of an unauthorized AP is sent to the unauthorized AP user terminal (707 in FIG. 3). ). If the unauthorized AP-using terminal is managed and the number of consecutive detections is N or more, or if it is not managed, search for SW near the unauthorized AP-using terminal and use the unauthorized AP for this SW. The terminal identifier is notified (708 in FIG. 3).
- B4-2 and B4-21 are acquired from the position information of the unauthorized AP use terminal list ((f) in FIG. 8), and the vicinity of the position in FIG.
- the blocks (B4-1-3, B4-7-19, B4-14-16, B4-20-22) are located in the vicinity, and SW1,2,4,8 installed in them (the hatched area in Fig. 9) , 10, 11 powers Subject to S notification.
- the message received by the managed terminal that has received the unauthorized AP use prohibition message is received.
- the display unit 405 displays a message of the operation management device.
- the SW that has received the identifier of the unauthorized AP using terminal stores the identifier in the filtering identifier storage unit 603, compares the identifier with the transmission source identifier of the frame passing through the transmission / reception unit 601 and then stores the identifier in the filtering identifier storage unit 603. If the value matches the stored value, the frame is discarded.
- the display device 200 periodically obtains the unauthorized AP list 103, the unauthorized ad-hoc list 104, and the unauthorized AP use terminal list 105 of the operation management device (709 in FIG. 3), and displays the unauthorized radio on the display unit 201. Displays station information.
- the display of unauthorized radio stations is classified by BSS type, and Show the BSS identifier below.
- the identifier of the terminal using the unauthorized AP is described by further hierarchizing below the BSS identifier.
- a symbol ( ⁇ X) for identifying whether the terminal is a monitoring target is added (Fig. 2).
- Example 1 is an example in which a terminal detects an unauthorized radio station.
- the configuration of the wireless LAN monitoring system and each component is as described above.
- FIG. 3 is a diagram showing a processing flow of the wireless LAN monitoring system to which the present invention is applied. It can be divided into two independent processes: information acquisition by the managed terminal and monitoring and control based on information from the operation management device. It is possible to perform cooperative processing in which the managed terminal operates according to an instruction from the operation management device, but it is described below as an independent process.
- FIG. 4 and FIG. 5 are diagrams showing the operation in the operation management apparatus during the processing flow.
- Figure 6 shows an example where managed APs, rogue APs and terminals are mixed.
- Fig. 7 (a) is a diagram showing the physical arrangement of managed APs and SWs, where the area is divided into multiple blocks (B4-1—B4-24), (b), (b) c) is a diagram showing the installation positions of the SW and the AP in block units.
- the search processing execution unit 402 of the managed client terminal periodically starts acquiring information on the surrounding wireless environment via the wireless transmission / reception unit 401.
- the information acquisition is performed by the client terminal to be managed at that time, and is performed not only for a certain frequency channel but also for other channels.
- the managed APs and unauthorized radio stations transmit beacon frames, probe frames, and data frames (701 in Fig. 3), and the managed client terminals acquire these frames and can receive the BSSID acquired from the frames.
- BSS identifier list Store it in A403.
- the area and the “From DS” area are stored in the frame source identifier list 404.
- the operation management device first obtains the BSSID of the managed AP (702 in FIG. 3, 801 in FIG. 4).
- the monitoring processing execution unit 113 manages the management target AP list (AP identifier) 106 It requests the BSSID for the IP address of the target AP (8011 in Fig. 4).
- the managed AP responds to the operation management device with the BSSID stored in the BSS identifier storage unit 302, and the operation management device stores the obtained BSSID in the managed AP list (BSS identifier) 101 (8012 in FIG. 4).
- the management target AP list (BSS identifier) may be created in advance and held by the operation management device.
- a receivable BSSID is obtained (703 in FIG. 3, 802 in FIG. 4).
- the monitoring process execution unit 113 requests the receivable BSSID for the managed terminal described in the managed terminal list (terminal identifier) 107.
- the managed terminal responds to the operation management device with the B SSID of the BSS identifier list A403 and the BSSID of the belonging BSS identifier storage unit 406 (8021 in Fig. 4), and the operation management device can receive the two acquired BSSIDs. Stored in identifier list B102 (8022 in Fig. 4).
- the monitoring process execution unit 113 creates an unauthorized AP list, an unauthorized Ad-hoc list, and an unauthorized AP detection terminal list (803 in FIG. 4).
- the BSSID of the management target AP list (BSS identifier) 101 is compared with the receivable BSSID described in the BSS identifier list B102 (8031 in Fig. 4), and it does not exist in the management target AP list (BSS identifier) 101! Extract the BSSID (8032 in Fig. 4).
- the "universal / local,” bit (IEEE802 standard) included in this BSSID is 0 ("AP" of 8033 in Fig. 4)
- the BSSID of the unauthorized AP and the unauthorized AP are listed in the unauthorized AP list 103.
- the BSSID of the AP to which the detected managed terminal belongs is stored (8034, 8035 in Fig. 4)
- "universal / local ', bit is 1 (" adhoc "in 8033 in Fig. 4)
- an illegal Ad -Store the receivable BSSID and the BSSID of the AP to which the managed terminal that detected the unauthorized Ad-hoc belongs in the hoc list 104 8036 in Fig. 4).
- the above four cases are (1) a case where a managed terminal is connected to a managed AP, (2) a case where a managed terminal is connected to a rogue AP, and (3) a case where a rogue AP is connected.
- Unauthorized terminal (4) A case where an unauthorized terminal is connected to the managed AP.
- the monitoring process execution unit 113 notifies the AP to which the managed terminal that has detected the unauthorized AP belongs, the BSSID of the unauthorized AP described in the unauthorized AP list 103 (704 in FIG. 3, 901 and 9 in FIG. 5). 011).
- the managed AP that has received the notification stores the BSSID of the unauthorized AP in the unauthorized wireless station list 303, and notifies the connected managed client terminal of the BSSID of the unauthorized AP periodically or by an external instruction (see FIG. 3 of 705).
- the notified terminal receives the message.Displays the BSSID of the unauthorized AP on the display unit 405, notifies the user of the presence of the unauthorized AP, and stores the BSSID of the unauthorized AP in the unauthorized wireless station list 407. .
- the managed terminal shall not connect to the wireless station on the registered unauthorized wireless station list during the subsequent connection.
- a frame transmission source identifier is obtained (706 in FIG. 3, 902 in FIG. 5).
- the monitoring processing execution unit 113 checks the source MAC address of the frame flowing from the terminal to the AP (for the unauthorized AP) for the managed terminal listed in the unauthorized AP detection terminal list 112 ((d) in FIG. 8).
- Request the MAC address of the terminal using V The following is the MAC address of the unauthorized terminal.
- the managed terminal obtains the “To DS,” the source MAC address of the frame whose area value is 1 from the frame source identifier list 404, and responds to the operation management device.
- the operation management apparatus stores the obtained MAC address in the frame transmission source identifier list B114 (9021 in FIG. 5). Unauthorized AP B SSID in frame source identifier list B114 ((e) in Fig. 8) and Unauthorized AP list ((c) in Fig. 8) also acquire the BSSID of the managed terminal that detected the unauthorized AP, and installed the AP. From the location list 109 ((c) in Fig. 7) and the managed AP list (BSS identifier) 101, the relationship between the MAC address of the unauthorized terminal and the location of the AP to which the managed terminal that detected the unauthorized terminal belongs is illegal. It is stored in the AP use terminal list 105 ((f) in Fig. 8) (9022 in Fig.
- the monitoring processing execution unit 113 takes countermeasures against the unauthorized AP using terminal (903 in FIG. 5). If the unauthorized AP-using terminal is managed ("Yes" in 9031 of Fig. 5: case (2)), if the number of consecutive detections is less than N, the unauthorized AP-using terminal is unauthorized. Notify the AP use prohibition message (707 in Fig. 3, 9032, 9033 in Fig. 5).
- the SW near the unauthorized AP-using terminal is searched. (9034 in FIG. 5), and notifies the SW of the MAC address of the unauthorized AP using terminal (708 in FIG. 3) (9035 in FIG. 5).
- B4-2 and B4-21 are acquired from the position information of the unauthorized AP use terminal list ((f) in FIG. 8), and in FIG. Blocks (B4-1-3, B4-7-19, B4-14-16, B4-20-22) are in the vicinity, and SW1,2,4 installed in them (the mesh part in Fig. 9) 8, 10, 11 powers Subject to S notification.
- the message reception / display unit 405 of the managed terminal that has received the unauthorized AP use prohibition message displays the message of the operation management device.
- the SW that has received the MAC address of the terminal using the unauthorized AP stores the MAC address in the filtering identifier storage unit 603, and thereafter compares the MAC address with the source MAC address of the frame passing through the transmission / reception unit 601 to determine the filtering identifier. If the value matches the value stored in the storage unit 603, the frame is discarded.
- the display device 200 periodically obtains the unauthorized AP list 103, the unauthorized ad-hoc list 104, and the unauthorized AP use terminal list 105 of the operation management device (709 in FIG. 3), and displays the unauthorized radio on the display unit 201. Displays the station's BSSID. Unauthorized radio stations are classified by BSS type, and the BSSID is displayed under each type. In the case of an AP, the MAC address of the terminal using the unauthorized AP is described by hierarchizing under the BSSID. At this time, a symbol ( ⁇ X) for identifying whether the terminal is a monitoring target is added (Fig. 2).
- the above-mentioned management target AP can be determined by using the BSSID, which is a unique identifier.
- BSSID which is a unique identifier.
- an unauthorized AP or a terminal cannot be specified. Therefore, it is difficult to prevent information leakage corresponding to each of the above (1) and (4), and the method using the SSID in Patent Document 1 is not practical.
- the BSSID is acquired as the information of the unauthorized radio station, and is displayed on the display device and notified to the management target AP.
- the SSID is also acquired along with the BSSID, displayed, and notified. Is also good.
- the operation management device may directly notify the managed terminal.
- the detection result is displayed on the display device.
- the communication means may be, for example, a telephone or an e-mail.
- a part of processing such as detection of an unauthorized radio station, notification of a detected result, and control based on the detected result is performed. It may be a system that executes only. Further, a function that can selectively execute some or all of the processes according to the user's settings may be provided.
- FIG. 10 is a diagram showing a processing flow of the present embodiment. The difference from the processing flow of the first embodiment is that acquisition of a receivable BSS identifier (710 in FIG. 10) and acquisition of a frame transmission source identifier (711 in FIG. 10) are performed between the operation management device and the managed AP. This is the point.
- FIG. 11 is a diagram showing functional blocks related to Embodiment 3 of each component of the wireless LAN monitoring system.
- the search processing execution unit 402 the receivable BSS identifier list A and the frame source identifier list 404 that existed in the managed terminal become unnecessary, and the managed AP
- FIGS. 12 and 13 are diagrams showing the operation of the operation management device during the processing flow, and the same parts as in FIGS. 4 and 5 are denoted by the same reference numerals.
- the differences from the first embodiment are 804 and 803 in FIG. 12 and 905 in FIG. 804 in Fig. 12 requests the receivable BSSID and the BSSID of the AP for all IP addresses of the managed APs listed in the managed AP list (8041 in Fig. 12), and can receive the acquired BSSID Output to BSS identifier list B102 (8042 in Fig. 12).
- Reference numeral 803 in Fig. 12 compares the BSSID of the receivable BSS identifier list B with the list of managed APs (BSS identifiers). If the BSS type is determined to be AP (8033 in Fig. 12), the BSSID is written to the rogue AP (8034 in Fig. 12), and the rogue AP is detected in the rogue AP detection AP list. Write down the BSSID of the AP (8037 in Figure 12).
- FIG. 14 is an example of a receivable BSS identifier list B and an unauthorized AP detection AP list.
- FIG. 13 shows the operation of the information leakage prevention processing in this embodiment, which is the same as FIG. 5, but different points will be described.
- the operation management device notifies the managed AP of the BSSID of the unauthorized AP (904 in Fig. 13).
- the AP also acquires the frame source identifier (9051 in FIG. 13), and acquires the AP position from the BSSID of the AP and the AP installation position list (9052 in FIG. 13).
- the source identifier, the position of the detected AP, and the registered force are written out (9054 in Fig. 13). Processing 903 is the same as that of FIG.
- FIG. 15 is a diagram showing functional blocks related to Embodiment 4 of each component of the wireless LAN monitoring system.
- the functional block difference from the first embodiment is that a campaign ID list 116 is added to the operation management device.
- Figure 16 shows an example of a Campaign ID list.
- the Campaign ID is a 3-byte hexadecimal value
- the organization name is a character string representing the manufacturer.
- the display device 200 acquires a power company ID list from the operation management device in addition to the unauthorized AP list and the unauthorized ad-hoc list. Since the first three bytes of the BSSID are a Campaign ID, an entry that matches the first three bytes of the BSSID of the obtained unauthorized AP list is searched from the Campaign ID list. Add the vendor name obtained by searching when displaying the rogue AP after the BSSID.
- the BSSID of the rogue AP displayed in Fig. 15 is 01: 23: 45: 67: 89: ab,
- the manufacturer of each rogue AP is determined to be compnayl, company2, and company3 using each company ID as a key, and the organization name is displayed on the display.
- the correspondence between the BSSID and the organization name is described as being performed in the display device, it may be performed on the operation management device side.
- FIG. 17 is a diagram depicting a processing flow of the fifth embodiment.
- the difference from the processing flow of the first embodiment is that the acquisition of the frame source identifier performed between the operation management device and the managed terminal 706, the unauthorized operation performed between the operation management device and the managed terminal connected to the unauthorized AP Radio service Notification 707 of the use prohibition message and notification 708 of the unauthorized terminal identifier performed between the operation management device and the SW were deleted, and notification of the unauthorized radio station SSID713 performed between the operation management device and the managed AP was added. It was done.
- FIG. 18 is a diagram showing functional blocks related to Embodiment 4 of each component of the wireless LAN monitoring system.
- the difference between the first embodiment and the first embodiment is that the frame source identifier list of the managed terminal is unnecessary, and that the receivable BSS identifier list A403 of the managed terminal includes an invalid BSSID in addition to the receivable BSSID.
- the SSID of the wireless station is also stored.
- the SSID of the unauthorized wireless station is stored in the receivable BSS identifier list B of the operation management device ( Figure 19).
- the SSID of the unauthorized wireless station is stored in the managed AP. This is the point that the unauthorized radio station SSID storage unit 309 and the filtering identifier storage unit 308 that stores the MAC address of the unmanaged terminal connected using the SSID stored in the unauthorized radio station SSID storage unit were added. .
- FIG. 20 and FIG. 21 are diagrams showing the operation of the operation management apparatus during the processing flow.
- the same parts as those in FIG. 4 are denoted by the same reference numerals.
- the difference from the first embodiment is that the processes 805 and 906 in FIG. 20 and 906 in FIG. 21 have been changed in additional weight, and 902 and 903 in FIG. 5 have been deleted.
- the operation management device acquires the SSID in addition to the receivable BSSID (8051 in FIG. 20) and stores it in the receivable BSS identifier list B (8052 in FIG. 20).
- the operation management device notifies the managed terminal to which the managed terminal that has detected the rogue AP belongs to the SSID of the rogue AP that has been detected by the terminal connected to the managed AP (see FIG. 20, 9061, 9062).
- a terminal that intends to use a wireless LAN generally searches the surrounding area to obtain a receivable SSID, and attempts to connect to a wireless LAN of a desired SSID. Therefore, unauthorized entry into a wired network using an unauthorized AP involves installing an unauthorized AP, connecting to the unauthorized AP, and entering the wired network.
- the operation management device also acquires the SSID of the rogue AP (712 in Fig. 17) and sets the acquired SSID of the rogue AP as the management target AP (713 in Fig. 17; Fig. 21). Of 9 062). Since the managed AP transmits the SSID in a beacon, an environment is created in which there are multiple APs with different BSSIDs but the same SSID, and it is possible to connect to rogue APs. The frequency with which a terminal trying to connect to a rogue AP decreases. In some cases, the terminal is connected to the managed AP, in which case the communication between the terminal and the wired network is cut off.
- an access point that spoofed an SS identifier or an access point that conceals an SS identifier can be obtained. It can be detected and displayed as an unauthorized radio station.
- the targets to be searched can be narrowed down, and the search for and removal of the unauthorized radio stations can be improved.
- the information is leaked by accessing the wired network via the unauthorized AP Security can be improved.
- an operation procedure can be stored in a recording medium in advance as a program, and can be read and executed by a computer.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
- Small-Scale Networks (AREA)
Abstract
Description
Claims
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2006510229A JPWO2005081460A1 (ja) | 2004-02-19 | 2005-02-17 | 不正無線局検出システム、それに用いる装置及びその方法 |
EP05710344A EP1720290A1 (en) | 2004-02-19 | 2005-02-17 | Unauthorized wireless station detecting system, apparatus used therein, and method therefor |
US10/589,861 US20070165571A1 (en) | 2004-02-19 | 2005-02-17 | Unauthorized wireless station detecting system, apparatus used therein, and method therefor |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2004-042303 | 2004-02-19 | ||
JP2004042303 | 2004-02-19 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2005081460A1 true WO2005081460A1 (ja) | 2005-09-01 |
Family
ID=34879254
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2005/002494 WO2005081460A1 (ja) | 2004-02-19 | 2005-02-17 | 不正無線局検出システム、それに用いる装置及びその方法 |
Country Status (6)
Country | Link |
---|---|
US (1) | US20070165571A1 (ja) |
EP (1) | EP1720290A1 (ja) |
JP (1) | JPWO2005081460A1 (ja) |
KR (1) | KR20060132701A (ja) |
CN (1) | CN1930822A (ja) |
WO (1) | WO2005081460A1 (ja) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2010141404A (ja) * | 2008-12-09 | 2010-06-24 | Sumitomo Electric Ind Ltd | 不正装置検知システムおよび不正装置の検知方法 |
JP2010239572A (ja) * | 2009-03-31 | 2010-10-21 | Toshiba Corp | 端末、及び端末の制御プログラム |
JP2014057232A (ja) * | 2012-09-13 | 2014-03-27 | Nec Access Technica Ltd | 無線lan親機のリモート判別方法およびシステム |
JP2017212518A (ja) * | 2016-05-24 | 2017-11-30 | サイバートラスト株式会社 | ビーコン装置管理システム、ビーコン装置、ビーコン装置管理方法、およびビーコン装置管理プログラム |
JP2019511861A (ja) * | 2016-02-26 | 2019-04-25 | ニュー・エイチ・3・シィ・テクノロジーズ・カンパニー・リミテッドNew H3C Technologies Co., Ltd. | 基本サービスセット識別子bssid更新 |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4829635B2 (ja) * | 2006-02-17 | 2011-12-07 | キヤノン株式会社 | 通信装置、通信方法、ネットワークを構成する方法、通信システム |
US20110053614A1 (en) * | 2008-03-07 | 2011-03-03 | Hitachi, Ltd. | Position information system |
CA2782730C (en) * | 2009-12-03 | 2015-06-23 | Lg Electronics Inc. | Method and apparatus for transmitting a frame in a wireless ran system |
US9538385B2 (en) | 2011-06-07 | 2017-01-03 | Nokia Technologies Oy | Method and apparatus for the detection of unlicensed user equipment |
WO2013046849A1 (ja) * | 2011-09-30 | 2013-04-04 | インターナショナル・ビジネス・マシーンズ・コーポレーション | 不正なアクセスポイントを監視する監視システム、監視サーバ、方法およびプログラム |
CN110518704B (zh) * | 2019-07-23 | 2021-05-07 | 杭州电子科技大学 | 一种授权式无线输电方法 |
KR20210108034A (ko) * | 2020-02-25 | 2021-09-02 | 삼성전자주식회사 | 통신 네트워크에서 위장 기지국의 공격을 방어하는 방법, 관리 서버 및 기지국 |
CN116699464B (zh) * | 2023-08-01 | 2023-09-26 | 中国铁塔股份有限公司云南省分公司 | 无线站点漏电监测系统 |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2003110570A (ja) * | 2001-09-28 | 2003-04-11 | Maspro Denkoh Corp | 無線中継装置及び双方向catvシステム |
JP2003198571A (ja) * | 2001-12-26 | 2003-07-11 | Internatl Business Mach Corp <Ibm> | ネットワークセキュリティシステム、コンピュータ装置、アクセスポイントの認識処理方法、アクセスポイントのチェック方法、プログラム、記憶媒体および無線lan用デバイス |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030200455A1 (en) * | 2002-04-18 | 2003-10-23 | Chi-Kai Wu | Method applicable to wireless lan for security control and attack detection |
US20040078598A1 (en) * | 2002-05-04 | 2004-04-22 | Instant802 Networks Inc. | Key management and control of wireless network access points at a central server |
US7327690B2 (en) * | 2002-08-12 | 2008-02-05 | Harris Corporation | Wireless local or metropolitan area network with intrusion detection features and related methods |
-
2005
- 2005-02-17 KR KR1020067016614A patent/KR20060132701A/ko not_active Application Discontinuation
- 2005-02-17 EP EP05710344A patent/EP1720290A1/en not_active Withdrawn
- 2005-02-17 WO PCT/JP2005/002494 patent/WO2005081460A1/ja active Application Filing
- 2005-02-17 JP JP2006510229A patent/JPWO2005081460A1/ja not_active Withdrawn
- 2005-02-17 US US10/589,861 patent/US20070165571A1/en not_active Abandoned
- 2005-02-17 CN CNA2005800055450A patent/CN1930822A/zh active Pending
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2003110570A (ja) * | 2001-09-28 | 2003-04-11 | Maspro Denkoh Corp | 無線中継装置及び双方向catvシステム |
JP2003198571A (ja) * | 2001-12-26 | 2003-07-11 | Internatl Business Mach Corp <Ibm> | ネットワークセキュリティシステム、コンピュータ装置、アクセスポイントの認識処理方法、アクセスポイントのチェック方法、プログラム、記憶媒体および無線lan用デバイス |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2010141404A (ja) * | 2008-12-09 | 2010-06-24 | Sumitomo Electric Ind Ltd | 不正装置検知システムおよび不正装置の検知方法 |
JP2010239572A (ja) * | 2009-03-31 | 2010-10-21 | Toshiba Corp | 端末、及び端末の制御プログラム |
JP2014057232A (ja) * | 2012-09-13 | 2014-03-27 | Nec Access Technica Ltd | 無線lan親機のリモート判別方法およびシステム |
JP2019511861A (ja) * | 2016-02-26 | 2019-04-25 | ニュー・エイチ・3・シィ・テクノロジーズ・カンパニー・リミテッドNew H3C Technologies Co., Ltd. | 基本サービスセット識別子bssid更新 |
US10667306B2 (en) | 2016-02-26 | 2020-05-26 | New H3C Technologies Co., Ltd. | BSSID updating |
JP2017212518A (ja) * | 2016-05-24 | 2017-11-30 | サイバートラスト株式会社 | ビーコン装置管理システム、ビーコン装置、ビーコン装置管理方法、およびビーコン装置管理プログラム |
Also Published As
Publication number | Publication date |
---|---|
JPWO2005081460A1 (ja) | 2008-01-17 |
CN1930822A (zh) | 2007-03-14 |
EP1720290A1 (en) | 2006-11-08 |
KR20060132701A (ko) | 2006-12-21 |
US20070165571A1 (en) | 2007-07-19 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2005081460A1 (ja) | 不正無線局検出システム、それに用いる装置及びその方法 | |
US7969950B2 (en) | System and method for monitoring and enforcing policy within a wireless network | |
JP4284192B2 (ja) | 無線ローカルエリアネットワーク中の偽造アクセスポイントの検出 | |
JP4287289B2 (ja) | 無線ローカルエリアネットワークにおける非認可ステーションの検出 | |
TWI481225B (zh) | 在無線網路中之掃描程序、支援相同程序之站台以及其訊框格式 | |
KR100980152B1 (ko) | 근거리 통신망을 모니터링하는 방법 및 시스템 | |
KR100694219B1 (ko) | 무선 단말에서의 액세스 포인트 데이터 전송 모드 감지장치 및 그 방법 | |
US9019911B2 (en) | System and method for centralized station management | |
US9019944B2 (en) | Diagnosing and resolving wireless network malfunctions | |
US7710933B1 (en) | Method and system for classification of wireless devices in local area computer networks | |
JP2005522132A5 (ja) | ||
US9374711B2 (en) | Monitoring unauthorized access point | |
JP2007520939A (ja) | 探知すべきサービス・セット識別子を示すための方法及び装置 | |
US20080046719A1 (en) | Access point and method for supporting multiple authentication policies | |
US20140282905A1 (en) | System and method for the automated containment of an unauthorized access point in a computing network | |
US20150139211A1 (en) | Method, Apparatus, and System for Detecting Rogue Wireless Access Point | |
KR20070054067A (ko) | 무선 액세스 포인트 장치 및 그를 이용한 네트워크 트래픽침입탐지 및 차단방법 | |
US8145131B2 (en) | Wireless ad hoc network security | |
JP2006217198A (ja) | 複数のレイヤ2機能を備える無線基地局 | |
US20210219216A1 (en) | Identification of wireless transmissions carried by a wireless network | |
JP5175898B2 (ja) | 無線通信装置、接続解除方法、およびプログラム | |
JP2004128613A (ja) | 無線ネットワークにおける基地局監視装置、基地局監視方法、およびプログラム | |
KR20130044842A (ko) | 단말기 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
DPEN | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed from 20040101) | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2006510229 Country of ref document: JP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2007165571 Country of ref document: US Ref document number: 10589861 Country of ref document: US Ref document number: 1020067016614 Country of ref document: KR |
|
WWE | Wipo information: entry into national phase |
Ref document number: 200580005545.0 Country of ref document: CN |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWW | Wipo information: withdrawn in national office |
Country of ref document: DE |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2005710344 Country of ref document: EP |
|
WWP | Wipo information: published in national office |
Ref document number: 2005710344 Country of ref document: EP |
|
WWP | Wipo information: published in national office |
Ref document number: 1020067016614 Country of ref document: KR |
|
WWP | Wipo information: published in national office |
Ref document number: 10589861 Country of ref document: US |