WO2014081205A1 - Système de détection d'ap illégaux et procédé de détection associé - Google Patents

Système de détection d'ap illégaux et procédé de détection associé Download PDF

Info

Publication number
WO2014081205A1
WO2014081205A1 PCT/KR2013/010597 KR2013010597W WO2014081205A1 WO 2014081205 A1 WO2014081205 A1 WO 2014081205A1 KR 2013010597 W KR2013010597 W KR 2013010597W WO 2014081205 A1 WO2014081205 A1 WO 2014081205A1
Authority
WO
WIPO (PCT)
Prior art keywords
data packet
packet
illegal
sensor
specific length
Prior art date
Application number
PCT/KR2013/010597
Other languages
English (en)
Korean (ko)
Inventor
이상준
함성윤
Original Assignee
유넷시스템주식회사
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 유넷시스템주식회사 filed Critical 유넷시스템주식회사
Publication of WO2014081205A1 publication Critical patent/WO2014081205A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/121Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
    • H04W12/122Counter-measures against attacks; Protection against rogue devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • H04L12/22Arrangements for preventing the taking of data from a data transmission channel without authorisation

Definitions

  • the present invention relates to an illegal AP detection system and a detection method thereof. More specifically, the present invention relates to an illegal AP detection system and a detection method thereof, which can detect whether an unauthorized illegal AP is connected to its own network even when the wireless environment is a security mode and a router mode.
  • Rapidly expanding wireless networks support the exchange of data by wirelessly connecting user terminals to the network in accordance with the IEEE802.11 standard.
  • Wireless network environment is convenient because it enables users to move easily and exchange data through network connection, while access user terminal is physically separated from the network equipment and transmission data is exposed in the air. / The possibility of leakage can be said to be greater compared to wired networks, especially wired LANs.
  • the most fundamental and fundamental vulnerabilities of the wireless environment are first, the unauthorized person or unauthorized terminal that makes FW, IDS, etc., which is a security device in the wired gateway section obsolete, by easily accessing the wireless AP inside the building from outside the building. It is possible to bypass the network.
  • an external wireless LAN AP using a laptop equipped with a wireless LAN, etc. to which an employee is not authorized, such as a network connected to an internal wired network, an information leakage accident may occur through this.
  • the wireless section data can be easily eavesdropped through air sniffing, so that confidential and personal information of the company can be leaked.
  • the largest area of security vulnerabilities such as wireless APs or routers in Korea, is caused by wireless devices such as wireless LANs that have been left unauthenticated and password-free.
  • security infrastructures such as authentication and encryption are being applied.
  • the conventional techniques for detecting unauthorized AP has a problem that it is not possible to confirm whether the collected unauthorized AP is connected to the internal network by collecting only the information about the unauthorized AP without performing data traffic (data traffic) processing . That is, even if an unauthorized AP is detected, there is a problem that such unauthorized AP cannot check whether it is an AP connected to its network and cannot block it without permission.
  • the present invention was created to solve the above problems, and an object of the present invention is to identify an unauthorized illegal AP connected to its own network regardless of whether the wireless environment is a bridge mode, a router mode, an open mode, and a secure mode.
  • the present invention provides a detection system and a detection method capable of detecting the same.
  • An object of the present invention as described above is a sensor for detecting a data packet that is wirelessly transmitted to a user terminal through at least one AP; And a wireless intrusion prevention system (WIPS) server that receives the detected data packet from a sensor and determines whether the AP is an unauthorized and illegal AP connected to an internal network, wherein the WIPS server includes a specific length of a specific length to be transmitted to a user terminal through the AP.
  • WIPS wireless intrusion prevention system
  • a packet generator for generating a data packet and transmitting the predetermined number of times for a predetermined time;
  • a packet analyzer configured to analyze whether the data packet having a specific length is detected by the sensor for a predetermined time and determine whether the AP is an AP connected to the internal network;
  • a database unit storing MAC address information of the AP.
  • the packet generation unit may generate data packets having different lengths corresponding to the number of APs and transmit the same to the user terminal through each AP.
  • the packet analyzer may determine that the AP is an AP connected to an internal network when the AP determines that the data packet having a specific length is transmitted to the user terminal more than a predetermined number of times for a predetermined time. .
  • the WIPS server may determine that the AP is an unauthorized illegal AP when the packet analyzer determines that the MAC address of the AP determined to be connected to the internal network is not included in the MAC address information of the authorized AP. You can do
  • the sensor may further include a communication unit for transmitting the detected data packet to the WIPS server.
  • an object of the present invention is another category, the sensor step A for detecting a data packet that is wirelessly transmitted to the user terminal through at least one AP; Transmitting, by the sensor, the detected data packet to a wireless intrusion prevention system (WIPS) server; A step C of generating a data packet having a specific length by the packet generation unit provided in the WIPS server and transmitting the data packet to the user terminal through the AP a specific number of times for a predetermined time; A step D for checking whether a packet analyzer provided in the WIPS server has a data packet having a specific length among the data packets transmitted from the sensor; An E step of checking, by the packet analyzer, the number of times a data packet having a specific length among the data packets transmitted from the sensor is detected for a predetermined time; A step F of determining, by the packet analyzer, whether the AP is an AP connected to the internal network based on the presence and the number of detections of the data packet having a specific length; And a G step of determining, by the
  • the packet generation unit may generate data packets having different lengths corresponding to the number of APs and transmit the number of data packets to the user terminal through each AP.
  • the packet analyzer may determine that the AP is an AP connected to the internal network when a data packet having a specific length is detected more than a predetermined number of times for a predetermined time.
  • step G the packet analyzer determines that the MAC address of the AP determined to be connected to the internal network is not included in the MAC address information of the authorized AP stored in the database unit provided in the WIPS server.
  • the AP may be determined to be an unauthorized and illegal AP.
  • the present invention has the effect of identifying and detecting whether an unauthorized illegal AP is connected to its network.
  • FIG. 1 is a block diagram showing the configuration of an unauthorized illegal AP detection system according to an embodiment of the present invention
  • FIG. 2 is a block diagram showing the configuration of a WIPS server according to an embodiment of the present invention.
  • FIG. 3 is a flowchart sequentially illustrating a method for detecting an unauthorized illegal AP according to an embodiment of the present invention.
  • FIG. 1 is a block diagram of a system for detecting an illegal AP of a network communication network according to an embodiment of the present invention
  • FIG. 2 is a block diagram showing a configuration of a WIPS server according to an embodiment of the present invention.
  • the present inventors have an illegal AP detection system (hereinafter, referred to as a 'detection system') of a wireless intrusion prevention system (WIPS) server 100, a sensor 200, a communication unit 300, and an AP 400. ) And a user terminal 500.
  • the WIPS server 100 includes a packet generation unit 110, a packet analysis unit 120, and a packet storage unit 130 therein.
  • the unauthorized illegal AP in the present invention refers to an AP (Acess Point) that is unauthorized by an administrator
  • the authorized AP refers to an AP authorized by the administrator
  • the user terminal 500 refers to various devices capable of transmitting and receiving data through the AP 400 connected to the WIPS server 100 such as a laptop or a smartphone equipped with a wireless LAN.
  • the sensor 200 detects a data packet wirelessly transmitted to the user terminal 500 through the AP 400.
  • the sensor 200 and the AP 400 are connected to the WIPS server 100 by wire.
  • the AP 400 may be configured as one or a plurality.
  • a data packet refers to a unit of information transmitted from one device to another device through a communication network in a block.
  • the data packet may include various element fields such as a service set identification address (SSID), a support rate, a timestamp, an indication interval, capacity information, channels, and the like.
  • SSID service set identification address
  • the data packet detected by the sensor 200 is transmitted to the WIPS server 100.
  • the sensor 200 may be provided with a communication unit 300, and the data packet detected through the communication unit 300 may be transmitted to the WIPS server 100.
  • the WIPS server 100 determines whether the AP 400 is an unauthorized illegal AP connected to the internal network based on the data packet transmitted from the sensor 200. Specifically, it is determined whether the AP 400 is an AP connected to the internal network through the packet generator 110 and the packet analyzer 120 provided in the WIPS server 100, and then the WIPS server 100 It is determined whether the AP 400 connected to the internal network is an authorized AP 400a or 400c or an unauthorized illegal AP 400b or 400d.
  • the packet generator 110 and the packet analyzer 120 provided in the WIPS server 100 will be described in detail below. Meanwhile, the data packet transmitted from the sensor 200 may be stored in the packet storage unit 130 provided in the WIPS server 100.
  • the packet generator 110 generates a data packet of a specific length to be transmitted to the user terminal 500 through the AP 400 and transmits the data packet a specific number of times for a predetermined time.
  • the packet generator 110 may periodically generate a data packet having a specific length and transmit the data packet to the user terminal 500.
  • the packet generator 100 a probe capable of searching for and verifying a computer and a running service on a network in a security field may be used.
  • the data packet of a specific length generated by the packet generator 110 may be generated by various known packet conversion methods.
  • a predetermined time may be set by an administrator, and preferably set in seconds.
  • the number of times of transmitting the data packet can also be adjusted by the administrator. For example, an administrator may set whether to transmit a data packet of a specific length 10 times in 1 second or 100 times in 1 second.
  • the packet generator 110 when there are a plurality of APs 400, the packet generator 110 generates data packets having different lengths corresponding to the number of APs 400 so as to generate a user terminal 500 through each AP 400. Can be sent to. That is, when several APs 400 are connected to the internal network, the APs 400 may simultaneously detect multiple APs 400 connected to the internal network by transmitting data packets having different lengths. . For example, if there are four APs 400, four types of data packets having different lengths may be generated and transmitted separately for each AP.
  • the packet analyzer 120 determines whether the AP 400 is connected to the internal network by analyzing the number of times a data packet having a specific length is detected by the sensor 200. That is, when the packet analyzer 120 determines that the AP 400 transmits a data packet having a specific length to the user terminal 500 more than a preset number of times, the AP 400 transmits the AP 400 to the internal network. It is determined by the AP 400 connected. In this case, the preset number of times may be set in consideration of the number of times the packet generator 110 generates and transmits a data packet having a specific length.
  • the WIPS server 100 determines that the MAC address of the AP 400 determined to be connected to the internal network by the packet analyzer 120 is not included in the MAC address information of the authorized AP, the AP 400b, 400d) is determined to be an unauthorized illegal AP. That is, the WIPS server 100 is provided therein, and searches for a database unit (not shown) that stores MAC address information of the authorized APs 400a and 400b and determines that the AP 400 determined to be connected to the internal network is unauthorized. It is determined whether or not the illegal AP (400b, 400d) or the authorized AP (400a, 400c).
  • FIG. 3 is a flowchart sequentially illustrating a method for detecting an unauthorized illegal AP according to an embodiment of the present invention.
  • a method of detecting an unauthorized AP hereinafter, referred to as a 'detection method'
  • a 'detection method' a method of detecting an unauthorized AP
  • the sensor 200 refers to a step of detecting a data packet wirelessly transmitted to the user terminal 500 through the at least one AP 400 (S610).
  • the sensor 200 transmits the detected data packet to the WIPS server 100.
  • the data packet detected by the sensor 200 may be transmitted to the WIPS server 100 through the communication unit 300.
  • the data packet transmitted to the WIPS server 100 may be stored in the packet storage unit 300 provided in the WIPS server 100 (S625).
  • the packet generation unit 110 included in the WIPS server 100 generates a data packet having a specific length and transmits the data packet to the user terminal 500 through the AP 400 a predetermined number of times for a predetermined time (S630). .
  • the packet generation unit 110 when there are a plurality of APs 400, the packet generation unit 110 generates data packets having different lengths corresponding to the number of APs 400 and through each AP 400a, 400b, 400c, 400d.
  • a data packet having a length of 64 bits (Bit) is generated for the first unlicensed AP 400b among the AP 400 and transmitted 10 times for 1 second, and 640 for the second unlicensed AP 400d.
  • a predetermined number of times of a 64-bit long data packet and a number of 640-bit long data packets detected by the sensor for one second are set in advance. If it is confirmed that the number of times or more, it can be determined simultaneously that the first unlicensed AP (400b) and the second unlicensed AP (400d) is connected to the internal network.
  • the packet analyzer 120 of the WIPS server 100 refers to a step of checking whether a data packet having a specific length is present among the data packets transmitted from the sensor 200 (S640).
  • the packet analyzer 120 of the WIPS server 100 refers to a step of checking the number of times a data packet having a specific length among the data packets transmitted from the sensor 200 is detected for a predetermined time (S650).
  • the predetermined time may be set differently from the predetermined time set in the data packet transmission step (S630) of the specific length, but is preferably set to the same time.
  • the packet analysis unit 120 included in the WIPS server 100 refers to a step of determining whether the AP 400 is connected to the internal network based on the presence and detection frequency of a data packet having a specific length (S660). ).
  • the packet analyzer 120 determines that the AP 400 is an AP connected to the internal network when a data packet having a specific length is detected more than a preset number of times for a predetermined time.
  • the set number of times refers to the number of times preset by the administrator in consideration of the number of times that the packet generation unit 110 generates and transmits a data packet having a specific length.
  • the packet generator 110 transmits ten data packets of a specific length for one second, eight data packets of a specific length transmitted to the user terminal 500 through the AP 500 are detected.
  • the AP 500 may be configured to determine that the AP 500 is connected to the internal network.
  • the WIPS server 100 refers to a step of determining whether the AP 400 is an unauthorized illegal AP by searching a database unit that stores MAC address information of the authorized AP (S670).
  • the packet analysis unit 120 is MAC address information of the authorized AP is stored in the database unit (not shown) provided in the WIPS server 100 MAC address of the AP 400 is determined to be connected to the internal network If not determined to be included in, the AP (400b, 400d) is determined to be an unauthorized illegal AP.
  • the prior art can detect the unauthorized AP (400b, 400d), it is not confirmed whether the detected unauthorized AP (400b, 400d) is an AP connected to its network communication network, AP (400)
  • AP 400
  • the data packet transmitted and received between the terminal 500 and the terminal 500 is encrypted
  • the data packet generated by the packet generator 110 and transmitted is detected through the number of times that the data packet of a specific length is detected. Since the AP 400 can determine whether the AP 400 is connected, there is an advantage of detecting an unauthorized illegal AP in all wireless environments in both open and secure modes.
  • Bridge mode refers to a method in which two medium access control (MAC) devices having the same logical connection control protocol (LLC protocol) but having the same or different interconnection information networks (LANs) can exchange data.
  • the bridge includes a local bridge (LB) that connects LANs in the same premises or local area, and a remote bridge that connects LANs in remote areas. Data is exchanged by sending frames by MAC addresses (MACA) between bridges.
  • MACA MAC addresses
  • a router is a device that extracts the location of a packet and specifies the best path for that location, and redirects the data packet to the next device along the path.
  • Routers connect two or more logical subnets, which do not match the physical interface of the router.
  • the MAC address is changed in the router mode. That is, the conventional technology has a limitation in detecting unauthorized APs 400b and 400d in the case of the router mode in which the MAC address is continuously changed.
  • the AP 400 connected to the WIPS server 100 is changed. Through detecting the unauthorized AP by using the number of times the data packet of a specific length transmitted to the user terminals 500 through the advantage that can be used in router mode.

Abstract

La présente invention a pour avantages de confirmer et de détecter si un AP illégal non autorisé est connecté au réseau de communication d'un utilisateur, même dans un environnement radioélectrique d'un mode sécurisé et d'un mode de routeur. À cette fin, l'invention concerne un système de détection d'AP illégaux comportant: un capteur servant à détecter un paquet de données transmis par voie radioélectrique à un terminal d'utilisateur via au moins un AP; et un serveur de système de prévention d'intrusion radioélectrique (WIPS) destiné à déterminer si l'AP est un AP illégal non autorisé connecté à un réseau interne en recevant le paquet de données détecté en provenance du capteur, le serveur WIPS comportant: une unité de génération de paquets qui génère un paquet de données d'une longueur spécifique destiné à être envoyé au terminal d'utilisateur via l'AP de façon à envoyer le paquet de données un nombre spécifique de fois pendant un temps prédéterminé; une unité d'analyse de paquets servant à déterminer si l'AP est un AP connecté au réseau interne en analysant le nombre de fois où le paquet de données de longueur spécifique a été détecté par le capteur pendant un temps prédéterminé; et une unité de base de données servant à conserver des informations d'adresse MAC de l'AP.
PCT/KR2013/010597 2012-11-23 2013-11-21 Système de détection d'ap illégaux et procédé de détection associé WO2014081205A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR10-2012-0133371 2012-11-23
KR1020120133371A KR101429177B1 (ko) 2012-11-23 2012-11-23 불법 ap 검출 시스템 및 그의 검출 방법

Publications (1)

Publication Number Publication Date
WO2014081205A1 true WO2014081205A1 (fr) 2014-05-30

Family

ID=50776316

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2013/010597 WO2014081205A1 (fr) 2012-11-23 2013-11-21 Système de détection d'ap illégaux et procédé de détection associé

Country Status (2)

Country Link
KR (1) KR101429177B1 (fr)
WO (1) WO2014081205A1 (fr)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106686580A (zh) * 2015-11-06 2017-05-17 北京金山安全软件有限公司 一种无线热点名称展示方法及装置
US10039174B2 (en) 2014-08-11 2018-07-31 RAB Lighting Inc. Systems and methods for acknowledging broadcast messages in a wireless lighting control network
US10085328B2 (en) 2014-08-11 2018-09-25 RAB Lighting Inc. Wireless lighting control systems and methods
US10531545B2 (en) 2014-08-11 2020-01-07 RAB Lighting Inc. Commissioning a configurable user control device for a lighting control system
CN111479271A (zh) * 2020-04-03 2020-07-31 北京锐云通信息技术有限公司 基于资产属性标记分组的无线安全检测与防护方法及系统
CN111479273A (zh) * 2020-05-25 2020-07-31 北京字节跳动网络技术有限公司 一种网络接入安全性的检测方法、装置、设备及存储介质
CN112105029A (zh) * 2020-08-07 2020-12-18 新华三技术有限公司 一种反制非法设备的方法及设备
CN113207125A (zh) * 2021-04-25 2021-08-03 深圳市科信网安科技有限公司 一种非法无线ap检测装置
CN113438653A (zh) * 2021-06-01 2021-09-24 紫光华山科技有限公司 一种设备分类方法及装置
CN115085979A (zh) * 2022-05-30 2022-09-20 浙江大学 一种基于流量分析的网络摄像头非法安装及占用检测方法

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101626567B1 (ko) * 2014-09-24 2016-06-01 주식회사 코닉글로리 무선 보안 장치 및 방법
CN107431971A (zh) * 2015-03-27 2017-12-01 泛网安全株式会社 无线入侵防御系统传感器及利用该传感器断开终端的方法
KR102285257B1 (ko) * 2017-08-14 2021-08-02 주식회사 케이티 와이파이 액세스 포인트를 이용한 무선 침입감지 시스템 검출 장치 및 방법
KR102220877B1 (ko) * 2019-07-05 2021-02-26 빅오 주식회사 무선 침입 방지 시스템의 성능 검사 장치 및 기록매체
KR102067046B1 (ko) * 2019-10-15 2020-01-17 주식회사 윅스콘 머신러닝 기반 네트워크 영상 데이터 송출패턴 분석을 이용한 변형 카메라 인지 시스템과 그 방법
KR102374657B1 (ko) * 2019-11-29 2022-03-14 주식회사 케이티 무선 침입방지 시스템 검출 장치 및 이를 이용한 무선 침입방지 시스템 신호 회피 방법
KR102168780B1 (ko) * 2019-12-31 2020-10-22 충남대학교 산학협력단 기계학습을 이용한 ap 식별 방법 및 시스템
KR102215390B1 (ko) * 2020-06-23 2021-02-16 공경남 무선 공유기를 이용한 몰래 카메라 탐지 방법 및 그 시스템
KR102366574B1 (ko) * 2021-11-29 2022-02-23 주식회사 심플솔루션 무선 침입 방지 방법

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060189298A1 (en) * 2003-03-06 2006-08-24 Maurizio Marcelli Method and software program product for mutual authentication in a communications network
JP2011097437A (ja) * 2009-10-30 2011-05-12 Toshiba Corp 通信システム、当該システムの携帯端末、および当該システムのセンタ
KR20110106125A (ko) * 2010-03-22 2011-09-28 아주대학교산학협력단 무선 통신망을 운용하는 시스템 및 그 방법
KR20110114615A (ko) * 2009-01-05 2011-10-19 퀄컴 인코포레이티드 위조된 무선 액세스 포인트들의 검출

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060189298A1 (en) * 2003-03-06 2006-08-24 Maurizio Marcelli Method and software program product for mutual authentication in a communications network
KR20110114615A (ko) * 2009-01-05 2011-10-19 퀄컴 인코포레이티드 위조된 무선 액세스 포인트들의 검출
JP2011097437A (ja) * 2009-10-30 2011-05-12 Toshiba Corp 通信システム、当該システムの携帯端末、および当該システムのセンタ
KR20110106125A (ko) * 2010-03-22 2011-09-28 아주대학교산학협력단 무선 통신망을 운용하는 시스템 및 그 방법

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11398924B2 (en) 2014-08-11 2022-07-26 RAB Lighting Inc. Wireless lighting controller for a lighting control system
US10039174B2 (en) 2014-08-11 2018-07-31 RAB Lighting Inc. Systems and methods for acknowledging broadcast messages in a wireless lighting control network
US10085328B2 (en) 2014-08-11 2018-09-25 RAB Lighting Inc. Wireless lighting control systems and methods
US10219356B2 (en) 2014-08-11 2019-02-26 RAB Lighting Inc. Automated commissioning for lighting control systems
US10531545B2 (en) 2014-08-11 2020-01-07 RAB Lighting Inc. Commissioning a configurable user control device for a lighting control system
US10855488B2 (en) 2014-08-11 2020-12-01 RAB Lighting Inc. Scheduled automation associations for a lighting control system
US11722332B2 (en) 2014-08-11 2023-08-08 RAB Lighting Inc. Wireless lighting controller with abnormal event detection
CN106686580A (zh) * 2015-11-06 2017-05-17 北京金山安全软件有限公司 一种无线热点名称展示方法及装置
CN111479271A (zh) * 2020-04-03 2020-07-31 北京锐云通信息技术有限公司 基于资产属性标记分组的无线安全检测与防护方法及系统
CN111479271B (zh) * 2020-04-03 2023-07-25 北京锐云通信息技术有限公司 基于资产属性标记分组的无线安全检测与防护方法及系统
CN111479273A (zh) * 2020-05-25 2020-07-31 北京字节跳动网络技术有限公司 一种网络接入安全性的检测方法、装置、设备及存储介质
CN111479273B (zh) * 2020-05-25 2023-04-07 北京字节跳动网络技术有限公司 一种网络接入安全性的检测方法、装置、设备及存储介质
CN112105029A (zh) * 2020-08-07 2020-12-18 新华三技术有限公司 一种反制非法设备的方法及设备
CN112105029B (zh) * 2020-08-07 2022-07-12 新华三技术有限公司 一种反制非法设备的方法及设备
CN113207125B (zh) * 2021-04-25 2021-12-14 深圳市科信网安科技有限公司 一种非法无线ap检测装置
CN113207125A (zh) * 2021-04-25 2021-08-03 深圳市科信网安科技有限公司 一种非法无线ap检测装置
CN113438653A (zh) * 2021-06-01 2021-09-24 紫光华山科技有限公司 一种设备分类方法及装置
CN115085979A (zh) * 2022-05-30 2022-09-20 浙江大学 一种基于流量分析的网络摄像头非法安装及占用检测方法

Also Published As

Publication number Publication date
KR101429177B1 (ko) 2014-08-12
KR20140066312A (ko) 2014-06-02

Similar Documents

Publication Publication Date Title
WO2014081205A1 (fr) Système de détection d'ap illégaux et procédé de détection associé
US7970894B1 (en) Method and system for monitoring of wireless devices in local area computer networks
WO2012153913A1 (fr) Procédé de défense contre une attaque par usurpation d'identité à l'aide d'un serveur de blocage
WO2012108687A2 (fr) Procédé de détection d'attaques par usurpation arp à l'aide d'un verrouillage arp et support d'enregistrement lisible par ordinateur stockant un programme servant à exécuter le procédé
WO2015129934A1 (fr) Procédé et dispositif de détection de canal de contrôle de commande
WO2019146956A1 (fr) Appareil et procédé d'acquisition d'informations de dispositif
WO2014038737A1 (fr) Système de gestion de trafic de réseau utilisant une politique de surveillance et une politique de filtrage, et procédé correspondant
WO2021261883A1 (fr) Procédé de détection d'une caméra cachée à l'aide d'un routeur sans fil et système associé
WO2015102446A1 (fr) Procédé de détection de connexion de dérivation par l'intermédiaire d'un réseau anonyme à l'aide des changements dans les temps de propagation aller-retour
WO2013024986A2 (fr) Système de détermination de position d'identifiant de réseau et procédé associé
KR100980147B1 (ko) 무선 근거리 통신망에서 스테이션의 상태를 결정하기 위한 방법 및 장치
WO2017026840A1 (fr) Dispositif de connexion internet, serveur de gestion central, et procédé de connexion internet
WO2022255619A1 (fr) Système de prévention d'intrusion sans fil et son procédé de fonctionnement
WO2019231215A1 (fr) Dispositif terminal et procédé d'identification d'un ap malveillant à l'aide dudit terminal
WO2016159396A1 (fr) Capteur de système de prévention d'intrusion sans fil (wips) et procédé pour bloquer un terminal l'utilisant
KR20120132086A (ko) 비인가 ap 탐지 시스템 및 그의 탐지 방법
WO2016035954A1 (fr) Terminal dédié pour mesurer une qualité de ligne internet et son procédé de fonctionnement
WO2012057533A2 (fr) Système et procédé d'allocation dynamique de canal permettant d'éviter un brouillage de fréquence
WO2024029658A1 (fr) Système de contrôle d'accès dans un réseau et procédé associé
WO2019182219A1 (fr) Système de réseau de confiance basé sur une chaîne de blocs
WO2023017952A1 (fr) Dispositif de détection, système de prévention d'intrusion sans fil comprenant un dispositif de détection, et son procédé de fonctionnement
WO2018056582A1 (fr) Procédé d'inspection de paquet à l'aide d'une communication ssl
WO2018088680A1 (fr) Système de sécurité et procédé de traitement de demande d'accès à un site bloqué
WO2016047843A1 (fr) Appareil et procédé de sécurité sans fil
KR101335293B1 (ko) 내부 네트워크 침입 차단 시스템 및 그 방법

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13857434

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 13857434

Country of ref document: EP

Kind code of ref document: A1