WO2014081205A1 - Système de détection d'ap illégaux et procédé de détection associé - Google Patents
Système de détection d'ap illégaux et procédé de détection associé Download PDFInfo
- Publication number
- WO2014081205A1 WO2014081205A1 PCT/KR2013/010597 KR2013010597W WO2014081205A1 WO 2014081205 A1 WO2014081205 A1 WO 2014081205A1 KR 2013010597 W KR2013010597 W KR 2013010597W WO 2014081205 A1 WO2014081205 A1 WO 2014081205A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- data packet
- packet
- illegal
- sensor
- specific length
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
- H04W12/121—Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
- H04W12/122—Counter-measures against attacks; Protection against rogue devices
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/22—Arrangements for preventing the taking of data from a data transmission channel without authorisation
Definitions
- the present invention relates to an illegal AP detection system and a detection method thereof. More specifically, the present invention relates to an illegal AP detection system and a detection method thereof, which can detect whether an unauthorized illegal AP is connected to its own network even when the wireless environment is a security mode and a router mode.
- Rapidly expanding wireless networks support the exchange of data by wirelessly connecting user terminals to the network in accordance with the IEEE802.11 standard.
- Wireless network environment is convenient because it enables users to move easily and exchange data through network connection, while access user terminal is physically separated from the network equipment and transmission data is exposed in the air. / The possibility of leakage can be said to be greater compared to wired networks, especially wired LANs.
- the most fundamental and fundamental vulnerabilities of the wireless environment are first, the unauthorized person or unauthorized terminal that makes FW, IDS, etc., which is a security device in the wired gateway section obsolete, by easily accessing the wireless AP inside the building from outside the building. It is possible to bypass the network.
- an external wireless LAN AP using a laptop equipped with a wireless LAN, etc. to which an employee is not authorized, such as a network connected to an internal wired network, an information leakage accident may occur through this.
- the wireless section data can be easily eavesdropped through air sniffing, so that confidential and personal information of the company can be leaked.
- the largest area of security vulnerabilities such as wireless APs or routers in Korea, is caused by wireless devices such as wireless LANs that have been left unauthenticated and password-free.
- security infrastructures such as authentication and encryption are being applied.
- the conventional techniques for detecting unauthorized AP has a problem that it is not possible to confirm whether the collected unauthorized AP is connected to the internal network by collecting only the information about the unauthorized AP without performing data traffic (data traffic) processing . That is, even if an unauthorized AP is detected, there is a problem that such unauthorized AP cannot check whether it is an AP connected to its network and cannot block it without permission.
- the present invention was created to solve the above problems, and an object of the present invention is to identify an unauthorized illegal AP connected to its own network regardless of whether the wireless environment is a bridge mode, a router mode, an open mode, and a secure mode.
- the present invention provides a detection system and a detection method capable of detecting the same.
- An object of the present invention as described above is a sensor for detecting a data packet that is wirelessly transmitted to a user terminal through at least one AP; And a wireless intrusion prevention system (WIPS) server that receives the detected data packet from a sensor and determines whether the AP is an unauthorized and illegal AP connected to an internal network, wherein the WIPS server includes a specific length of a specific length to be transmitted to a user terminal through the AP.
- WIPS wireless intrusion prevention system
- a packet generator for generating a data packet and transmitting the predetermined number of times for a predetermined time;
- a packet analyzer configured to analyze whether the data packet having a specific length is detected by the sensor for a predetermined time and determine whether the AP is an AP connected to the internal network;
- a database unit storing MAC address information of the AP.
- the packet generation unit may generate data packets having different lengths corresponding to the number of APs and transmit the same to the user terminal through each AP.
- the packet analyzer may determine that the AP is an AP connected to an internal network when the AP determines that the data packet having a specific length is transmitted to the user terminal more than a predetermined number of times for a predetermined time. .
- the WIPS server may determine that the AP is an unauthorized illegal AP when the packet analyzer determines that the MAC address of the AP determined to be connected to the internal network is not included in the MAC address information of the authorized AP. You can do
- the sensor may further include a communication unit for transmitting the detected data packet to the WIPS server.
- an object of the present invention is another category, the sensor step A for detecting a data packet that is wirelessly transmitted to the user terminal through at least one AP; Transmitting, by the sensor, the detected data packet to a wireless intrusion prevention system (WIPS) server; A step C of generating a data packet having a specific length by the packet generation unit provided in the WIPS server and transmitting the data packet to the user terminal through the AP a specific number of times for a predetermined time; A step D for checking whether a packet analyzer provided in the WIPS server has a data packet having a specific length among the data packets transmitted from the sensor; An E step of checking, by the packet analyzer, the number of times a data packet having a specific length among the data packets transmitted from the sensor is detected for a predetermined time; A step F of determining, by the packet analyzer, whether the AP is an AP connected to the internal network based on the presence and the number of detections of the data packet having a specific length; And a G step of determining, by the
- the packet generation unit may generate data packets having different lengths corresponding to the number of APs and transmit the number of data packets to the user terminal through each AP.
- the packet analyzer may determine that the AP is an AP connected to the internal network when a data packet having a specific length is detected more than a predetermined number of times for a predetermined time.
- step G the packet analyzer determines that the MAC address of the AP determined to be connected to the internal network is not included in the MAC address information of the authorized AP stored in the database unit provided in the WIPS server.
- the AP may be determined to be an unauthorized and illegal AP.
- the present invention has the effect of identifying and detecting whether an unauthorized illegal AP is connected to its network.
- FIG. 1 is a block diagram showing the configuration of an unauthorized illegal AP detection system according to an embodiment of the present invention
- FIG. 2 is a block diagram showing the configuration of a WIPS server according to an embodiment of the present invention.
- FIG. 3 is a flowchart sequentially illustrating a method for detecting an unauthorized illegal AP according to an embodiment of the present invention.
- FIG. 1 is a block diagram of a system for detecting an illegal AP of a network communication network according to an embodiment of the present invention
- FIG. 2 is a block diagram showing a configuration of a WIPS server according to an embodiment of the present invention.
- the present inventors have an illegal AP detection system (hereinafter, referred to as a 'detection system') of a wireless intrusion prevention system (WIPS) server 100, a sensor 200, a communication unit 300, and an AP 400. ) And a user terminal 500.
- the WIPS server 100 includes a packet generation unit 110, a packet analysis unit 120, and a packet storage unit 130 therein.
- the unauthorized illegal AP in the present invention refers to an AP (Acess Point) that is unauthorized by an administrator
- the authorized AP refers to an AP authorized by the administrator
- the user terminal 500 refers to various devices capable of transmitting and receiving data through the AP 400 connected to the WIPS server 100 such as a laptop or a smartphone equipped with a wireless LAN.
- the sensor 200 detects a data packet wirelessly transmitted to the user terminal 500 through the AP 400.
- the sensor 200 and the AP 400 are connected to the WIPS server 100 by wire.
- the AP 400 may be configured as one or a plurality.
- a data packet refers to a unit of information transmitted from one device to another device through a communication network in a block.
- the data packet may include various element fields such as a service set identification address (SSID), a support rate, a timestamp, an indication interval, capacity information, channels, and the like.
- SSID service set identification address
- the data packet detected by the sensor 200 is transmitted to the WIPS server 100.
- the sensor 200 may be provided with a communication unit 300, and the data packet detected through the communication unit 300 may be transmitted to the WIPS server 100.
- the WIPS server 100 determines whether the AP 400 is an unauthorized illegal AP connected to the internal network based on the data packet transmitted from the sensor 200. Specifically, it is determined whether the AP 400 is an AP connected to the internal network through the packet generator 110 and the packet analyzer 120 provided in the WIPS server 100, and then the WIPS server 100 It is determined whether the AP 400 connected to the internal network is an authorized AP 400a or 400c or an unauthorized illegal AP 400b or 400d.
- the packet generator 110 and the packet analyzer 120 provided in the WIPS server 100 will be described in detail below. Meanwhile, the data packet transmitted from the sensor 200 may be stored in the packet storage unit 130 provided in the WIPS server 100.
- the packet generator 110 generates a data packet of a specific length to be transmitted to the user terminal 500 through the AP 400 and transmits the data packet a specific number of times for a predetermined time.
- the packet generator 110 may periodically generate a data packet having a specific length and transmit the data packet to the user terminal 500.
- the packet generator 100 a probe capable of searching for and verifying a computer and a running service on a network in a security field may be used.
- the data packet of a specific length generated by the packet generator 110 may be generated by various known packet conversion methods.
- a predetermined time may be set by an administrator, and preferably set in seconds.
- the number of times of transmitting the data packet can also be adjusted by the administrator. For example, an administrator may set whether to transmit a data packet of a specific length 10 times in 1 second or 100 times in 1 second.
- the packet generator 110 when there are a plurality of APs 400, the packet generator 110 generates data packets having different lengths corresponding to the number of APs 400 so as to generate a user terminal 500 through each AP 400. Can be sent to. That is, when several APs 400 are connected to the internal network, the APs 400 may simultaneously detect multiple APs 400 connected to the internal network by transmitting data packets having different lengths. . For example, if there are four APs 400, four types of data packets having different lengths may be generated and transmitted separately for each AP.
- the packet analyzer 120 determines whether the AP 400 is connected to the internal network by analyzing the number of times a data packet having a specific length is detected by the sensor 200. That is, when the packet analyzer 120 determines that the AP 400 transmits a data packet having a specific length to the user terminal 500 more than a preset number of times, the AP 400 transmits the AP 400 to the internal network. It is determined by the AP 400 connected. In this case, the preset number of times may be set in consideration of the number of times the packet generator 110 generates and transmits a data packet having a specific length.
- the WIPS server 100 determines that the MAC address of the AP 400 determined to be connected to the internal network by the packet analyzer 120 is not included in the MAC address information of the authorized AP, the AP 400b, 400d) is determined to be an unauthorized illegal AP. That is, the WIPS server 100 is provided therein, and searches for a database unit (not shown) that stores MAC address information of the authorized APs 400a and 400b and determines that the AP 400 determined to be connected to the internal network is unauthorized. It is determined whether or not the illegal AP (400b, 400d) or the authorized AP (400a, 400c).
- FIG. 3 is a flowchart sequentially illustrating a method for detecting an unauthorized illegal AP according to an embodiment of the present invention.
- a method of detecting an unauthorized AP hereinafter, referred to as a 'detection method'
- a 'detection method' a method of detecting an unauthorized AP
- the sensor 200 refers to a step of detecting a data packet wirelessly transmitted to the user terminal 500 through the at least one AP 400 (S610).
- the sensor 200 transmits the detected data packet to the WIPS server 100.
- the data packet detected by the sensor 200 may be transmitted to the WIPS server 100 through the communication unit 300.
- the data packet transmitted to the WIPS server 100 may be stored in the packet storage unit 300 provided in the WIPS server 100 (S625).
- the packet generation unit 110 included in the WIPS server 100 generates a data packet having a specific length and transmits the data packet to the user terminal 500 through the AP 400 a predetermined number of times for a predetermined time (S630). .
- the packet generation unit 110 when there are a plurality of APs 400, the packet generation unit 110 generates data packets having different lengths corresponding to the number of APs 400 and through each AP 400a, 400b, 400c, 400d.
- a data packet having a length of 64 bits (Bit) is generated for the first unlicensed AP 400b among the AP 400 and transmitted 10 times for 1 second, and 640 for the second unlicensed AP 400d.
- a predetermined number of times of a 64-bit long data packet and a number of 640-bit long data packets detected by the sensor for one second are set in advance. If it is confirmed that the number of times or more, it can be determined simultaneously that the first unlicensed AP (400b) and the second unlicensed AP (400d) is connected to the internal network.
- the packet analyzer 120 of the WIPS server 100 refers to a step of checking whether a data packet having a specific length is present among the data packets transmitted from the sensor 200 (S640).
- the packet analyzer 120 of the WIPS server 100 refers to a step of checking the number of times a data packet having a specific length among the data packets transmitted from the sensor 200 is detected for a predetermined time (S650).
- the predetermined time may be set differently from the predetermined time set in the data packet transmission step (S630) of the specific length, but is preferably set to the same time.
- the packet analysis unit 120 included in the WIPS server 100 refers to a step of determining whether the AP 400 is connected to the internal network based on the presence and detection frequency of a data packet having a specific length (S660). ).
- the packet analyzer 120 determines that the AP 400 is an AP connected to the internal network when a data packet having a specific length is detected more than a preset number of times for a predetermined time.
- the set number of times refers to the number of times preset by the administrator in consideration of the number of times that the packet generation unit 110 generates and transmits a data packet having a specific length.
- the packet generator 110 transmits ten data packets of a specific length for one second, eight data packets of a specific length transmitted to the user terminal 500 through the AP 500 are detected.
- the AP 500 may be configured to determine that the AP 500 is connected to the internal network.
- the WIPS server 100 refers to a step of determining whether the AP 400 is an unauthorized illegal AP by searching a database unit that stores MAC address information of the authorized AP (S670).
- the packet analysis unit 120 is MAC address information of the authorized AP is stored in the database unit (not shown) provided in the WIPS server 100 MAC address of the AP 400 is determined to be connected to the internal network If not determined to be included in, the AP (400b, 400d) is determined to be an unauthorized illegal AP.
- the prior art can detect the unauthorized AP (400b, 400d), it is not confirmed whether the detected unauthorized AP (400b, 400d) is an AP connected to its network communication network, AP (400)
- AP 400
- the data packet transmitted and received between the terminal 500 and the terminal 500 is encrypted
- the data packet generated by the packet generator 110 and transmitted is detected through the number of times that the data packet of a specific length is detected. Since the AP 400 can determine whether the AP 400 is connected, there is an advantage of detecting an unauthorized illegal AP in all wireless environments in both open and secure modes.
- Bridge mode refers to a method in which two medium access control (MAC) devices having the same logical connection control protocol (LLC protocol) but having the same or different interconnection information networks (LANs) can exchange data.
- the bridge includes a local bridge (LB) that connects LANs in the same premises or local area, and a remote bridge that connects LANs in remote areas. Data is exchanged by sending frames by MAC addresses (MACA) between bridges.
- MACA MAC addresses
- a router is a device that extracts the location of a packet and specifies the best path for that location, and redirects the data packet to the next device along the path.
- Routers connect two or more logical subnets, which do not match the physical interface of the router.
- the MAC address is changed in the router mode. That is, the conventional technology has a limitation in detecting unauthorized APs 400b and 400d in the case of the router mode in which the MAC address is continuously changed.
- the AP 400 connected to the WIPS server 100 is changed. Through detecting the unauthorized AP by using the number of times the data packet of a specific length transmitted to the user terminals 500 through the advantage that can be used in router mode.
Abstract
La présente invention a pour avantages de confirmer et de détecter si un AP illégal non autorisé est connecté au réseau de communication d'un utilisateur, même dans un environnement radioélectrique d'un mode sécurisé et d'un mode de routeur. À cette fin, l'invention concerne un système de détection d'AP illégaux comportant: un capteur servant à détecter un paquet de données transmis par voie radioélectrique à un terminal d'utilisateur via au moins un AP; et un serveur de système de prévention d'intrusion radioélectrique (WIPS) destiné à déterminer si l'AP est un AP illégal non autorisé connecté à un réseau interne en recevant le paquet de données détecté en provenance du capteur, le serveur WIPS comportant: une unité de génération de paquets qui génère un paquet de données d'une longueur spécifique destiné à être envoyé au terminal d'utilisateur via l'AP de façon à envoyer le paquet de données un nombre spécifique de fois pendant un temps prédéterminé; une unité d'analyse de paquets servant à déterminer si l'AP est un AP connecté au réseau interne en analysant le nombre de fois où le paquet de données de longueur spécifique a été détecté par le capteur pendant un temps prédéterminé; et une unité de base de données servant à conserver des informations d'adresse MAC de l'AP.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR10-2012-0133371 | 2012-11-23 | ||
KR1020120133371A KR101429177B1 (ko) | 2012-11-23 | 2012-11-23 | 불법 ap 검출 시스템 및 그의 검출 방법 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2014081205A1 true WO2014081205A1 (fr) | 2014-05-30 |
Family
ID=50776316
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/KR2013/010597 WO2014081205A1 (fr) | 2012-11-23 | 2013-11-21 | Système de détection d'ap illégaux et procédé de détection associé |
Country Status (2)
Country | Link |
---|---|
KR (1) | KR101429177B1 (fr) |
WO (1) | WO2014081205A1 (fr) |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106686580A (zh) * | 2015-11-06 | 2017-05-17 | 北京金山安全软件有限公司 | 一种无线热点名称展示方法及装置 |
US10039174B2 (en) | 2014-08-11 | 2018-07-31 | RAB Lighting Inc. | Systems and methods for acknowledging broadcast messages in a wireless lighting control network |
US10085328B2 (en) | 2014-08-11 | 2018-09-25 | RAB Lighting Inc. | Wireless lighting control systems and methods |
US10531545B2 (en) | 2014-08-11 | 2020-01-07 | RAB Lighting Inc. | Commissioning a configurable user control device for a lighting control system |
CN111479271A (zh) * | 2020-04-03 | 2020-07-31 | 北京锐云通信息技术有限公司 | 基于资产属性标记分组的无线安全检测与防护方法及系统 |
CN111479273A (zh) * | 2020-05-25 | 2020-07-31 | 北京字节跳动网络技术有限公司 | 一种网络接入安全性的检测方法、装置、设备及存储介质 |
CN112105029A (zh) * | 2020-08-07 | 2020-12-18 | 新华三技术有限公司 | 一种反制非法设备的方法及设备 |
CN113207125A (zh) * | 2021-04-25 | 2021-08-03 | 深圳市科信网安科技有限公司 | 一种非法无线ap检测装置 |
CN113438653A (zh) * | 2021-06-01 | 2021-09-24 | 紫光华山科技有限公司 | 一种设备分类方法及装置 |
CN115085979A (zh) * | 2022-05-30 | 2022-09-20 | 浙江大学 | 一种基于流量分析的网络摄像头非法安装及占用检测方法 |
Families Citing this family (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101626567B1 (ko) * | 2014-09-24 | 2016-06-01 | 주식회사 코닉글로리 | 무선 보안 장치 및 방법 |
CN107431971A (zh) * | 2015-03-27 | 2017-12-01 | 泛网安全株式会社 | 无线入侵防御系统传感器及利用该传感器断开终端的方法 |
KR102285257B1 (ko) * | 2017-08-14 | 2021-08-02 | 주식회사 케이티 | 와이파이 액세스 포인트를 이용한 무선 침입감지 시스템 검출 장치 및 방법 |
KR102220877B1 (ko) * | 2019-07-05 | 2021-02-26 | 빅오 주식회사 | 무선 침입 방지 시스템의 성능 검사 장치 및 기록매체 |
KR102067046B1 (ko) * | 2019-10-15 | 2020-01-17 | 주식회사 윅스콘 | 머신러닝 기반 네트워크 영상 데이터 송출패턴 분석을 이용한 변형 카메라 인지 시스템과 그 방법 |
KR102374657B1 (ko) * | 2019-11-29 | 2022-03-14 | 주식회사 케이티 | 무선 침입방지 시스템 검출 장치 및 이를 이용한 무선 침입방지 시스템 신호 회피 방법 |
KR102168780B1 (ko) * | 2019-12-31 | 2020-10-22 | 충남대학교 산학협력단 | 기계학습을 이용한 ap 식별 방법 및 시스템 |
KR102215390B1 (ko) * | 2020-06-23 | 2021-02-16 | 공경남 | 무선 공유기를 이용한 몰래 카메라 탐지 방법 및 그 시스템 |
KR102366574B1 (ko) * | 2021-11-29 | 2022-02-23 | 주식회사 심플솔루션 | 무선 침입 방지 방법 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060189298A1 (en) * | 2003-03-06 | 2006-08-24 | Maurizio Marcelli | Method and software program product for mutual authentication in a communications network |
JP2011097437A (ja) * | 2009-10-30 | 2011-05-12 | Toshiba Corp | 通信システム、当該システムの携帯端末、および当該システムのセンタ |
KR20110106125A (ko) * | 2010-03-22 | 2011-09-28 | 아주대학교산학협력단 | 무선 통신망을 운용하는 시스템 및 그 방법 |
KR20110114615A (ko) * | 2009-01-05 | 2011-10-19 | 퀄컴 인코포레이티드 | 위조된 무선 액세스 포인트들의 검출 |
-
2012
- 2012-11-23 KR KR1020120133371A patent/KR101429177B1/ko active IP Right Grant
-
2013
- 2013-11-21 WO PCT/KR2013/010597 patent/WO2014081205A1/fr active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060189298A1 (en) * | 2003-03-06 | 2006-08-24 | Maurizio Marcelli | Method and software program product for mutual authentication in a communications network |
KR20110114615A (ko) * | 2009-01-05 | 2011-10-19 | 퀄컴 인코포레이티드 | 위조된 무선 액세스 포인트들의 검출 |
JP2011097437A (ja) * | 2009-10-30 | 2011-05-12 | Toshiba Corp | 通信システム、当該システムの携帯端末、および当該システムのセンタ |
KR20110106125A (ko) * | 2010-03-22 | 2011-09-28 | 아주대학교산학협력단 | 무선 통신망을 운용하는 시스템 및 그 방법 |
Cited By (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11398924B2 (en) | 2014-08-11 | 2022-07-26 | RAB Lighting Inc. | Wireless lighting controller for a lighting control system |
US10039174B2 (en) | 2014-08-11 | 2018-07-31 | RAB Lighting Inc. | Systems and methods for acknowledging broadcast messages in a wireless lighting control network |
US10085328B2 (en) | 2014-08-11 | 2018-09-25 | RAB Lighting Inc. | Wireless lighting control systems and methods |
US10219356B2 (en) | 2014-08-11 | 2019-02-26 | RAB Lighting Inc. | Automated commissioning for lighting control systems |
US10531545B2 (en) | 2014-08-11 | 2020-01-07 | RAB Lighting Inc. | Commissioning a configurable user control device for a lighting control system |
US10855488B2 (en) | 2014-08-11 | 2020-12-01 | RAB Lighting Inc. | Scheduled automation associations for a lighting control system |
US11722332B2 (en) | 2014-08-11 | 2023-08-08 | RAB Lighting Inc. | Wireless lighting controller with abnormal event detection |
CN106686580A (zh) * | 2015-11-06 | 2017-05-17 | 北京金山安全软件有限公司 | 一种无线热点名称展示方法及装置 |
CN111479271A (zh) * | 2020-04-03 | 2020-07-31 | 北京锐云通信息技术有限公司 | 基于资产属性标记分组的无线安全检测与防护方法及系统 |
CN111479271B (zh) * | 2020-04-03 | 2023-07-25 | 北京锐云通信息技术有限公司 | 基于资产属性标记分组的无线安全检测与防护方法及系统 |
CN111479273A (zh) * | 2020-05-25 | 2020-07-31 | 北京字节跳动网络技术有限公司 | 一种网络接入安全性的检测方法、装置、设备及存储介质 |
CN111479273B (zh) * | 2020-05-25 | 2023-04-07 | 北京字节跳动网络技术有限公司 | 一种网络接入安全性的检测方法、装置、设备及存储介质 |
CN112105029A (zh) * | 2020-08-07 | 2020-12-18 | 新华三技术有限公司 | 一种反制非法设备的方法及设备 |
CN112105029B (zh) * | 2020-08-07 | 2022-07-12 | 新华三技术有限公司 | 一种反制非法设备的方法及设备 |
CN113207125B (zh) * | 2021-04-25 | 2021-12-14 | 深圳市科信网安科技有限公司 | 一种非法无线ap检测装置 |
CN113207125A (zh) * | 2021-04-25 | 2021-08-03 | 深圳市科信网安科技有限公司 | 一种非法无线ap检测装置 |
CN113438653A (zh) * | 2021-06-01 | 2021-09-24 | 紫光华山科技有限公司 | 一种设备分类方法及装置 |
CN115085979A (zh) * | 2022-05-30 | 2022-09-20 | 浙江大学 | 一种基于流量分析的网络摄像头非法安装及占用检测方法 |
Also Published As
Publication number | Publication date |
---|---|
KR101429177B1 (ko) | 2014-08-12 |
KR20140066312A (ko) | 2014-06-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2014081205A1 (fr) | Système de détection d'ap illégaux et procédé de détection associé | |
US7970894B1 (en) | Method and system for monitoring of wireless devices in local area computer networks | |
WO2012153913A1 (fr) | Procédé de défense contre une attaque par usurpation d'identité à l'aide d'un serveur de blocage | |
WO2012108687A2 (fr) | Procédé de détection d'attaques par usurpation arp à l'aide d'un verrouillage arp et support d'enregistrement lisible par ordinateur stockant un programme servant à exécuter le procédé | |
WO2015129934A1 (fr) | Procédé et dispositif de détection de canal de contrôle de commande | |
WO2019146956A1 (fr) | Appareil et procédé d'acquisition d'informations de dispositif | |
WO2014038737A1 (fr) | Système de gestion de trafic de réseau utilisant une politique de surveillance et une politique de filtrage, et procédé correspondant | |
WO2021261883A1 (fr) | Procédé de détection d'une caméra cachée à l'aide d'un routeur sans fil et système associé | |
WO2015102446A1 (fr) | Procédé de détection de connexion de dérivation par l'intermédiaire d'un réseau anonyme à l'aide des changements dans les temps de propagation aller-retour | |
WO2013024986A2 (fr) | Système de détermination de position d'identifiant de réseau et procédé associé | |
KR100980147B1 (ko) | 무선 근거리 통신망에서 스테이션의 상태를 결정하기 위한 방법 및 장치 | |
WO2017026840A1 (fr) | Dispositif de connexion internet, serveur de gestion central, et procédé de connexion internet | |
WO2022255619A1 (fr) | Système de prévention d'intrusion sans fil et son procédé de fonctionnement | |
WO2019231215A1 (fr) | Dispositif terminal et procédé d'identification d'un ap malveillant à l'aide dudit terminal | |
WO2016159396A1 (fr) | Capteur de système de prévention d'intrusion sans fil (wips) et procédé pour bloquer un terminal l'utilisant | |
KR20120132086A (ko) | 비인가 ap 탐지 시스템 및 그의 탐지 방법 | |
WO2016035954A1 (fr) | Terminal dédié pour mesurer une qualité de ligne internet et son procédé de fonctionnement | |
WO2012057533A2 (fr) | Système et procédé d'allocation dynamique de canal permettant d'éviter un brouillage de fréquence | |
WO2024029658A1 (fr) | Système de contrôle d'accès dans un réseau et procédé associé | |
WO2019182219A1 (fr) | Système de réseau de confiance basé sur une chaîne de blocs | |
WO2023017952A1 (fr) | Dispositif de détection, système de prévention d'intrusion sans fil comprenant un dispositif de détection, et son procédé de fonctionnement | |
WO2018056582A1 (fr) | Procédé d'inspection de paquet à l'aide d'une communication ssl | |
WO2018088680A1 (fr) | Système de sécurité et procédé de traitement de demande d'accès à un site bloqué | |
WO2016047843A1 (fr) | Appareil et procédé de sécurité sans fil | |
KR101335293B1 (ko) | 내부 네트워크 침입 차단 시스템 및 그 방법 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 13857434 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 13857434 Country of ref document: EP Kind code of ref document: A1 |