Systems and methods for detecting illegitimate devices on wireless networks
First Claim
1. A computer-implemented method for detecting illegitimate devices on wireless networks, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
- recording, by a security system on the computing device and based on a connection of the computing device to a wireless network, an initial set of hops that;
represent devices on the wireless network that relay network traffic between the computing device and a destination;
are recorded from information about replies from the devices to messages sent by the computing device to each device in the initial set of hops; and
comprise a subset of the devices that are a predetermined number of hops counting outward from the computing device;
identifying, by the security system and after identifying the initial set of hops, a new set of hops that relay the network traffic between the computing device and the destination based on a subsequent connection of the computing device to the wireless network;
comparing the initial set of hops to the new set of hops;
determining, based on the comparison and based on identifying a change between the initial set of hops and the new set of hops, that the new set of hops comprises an abnormality that indicates an illegitimate device is intercepting the network traffic on the wireless network between the computing device and the destination; and
preventing, by the security system, a user from sending sensitive information over the wireless network.
6 Assignments
0 Petitions
Accused Products
Abstract
The disclosed computer-implemented method for detecting illegitimate devices on wireless networks may include (1) identifying an initial set of hops that represent devices on a wireless network that relay network traffic between the computing device and a destination, (2) identifying, after identifying the initial set of hops, a new set of hops that relay the network traffic between the computing device and the destination, (3) comparing the initial set of hops to the new set of hops, and (4) determining, based on the comparison, that the new set of hops comprises an abnormality that indicates an illegitimate device is intercepting the network traffic on the wireless network between the computing device and the destination. Various other methods, systems, and computer-readable media are also disclosed.
40 Citations
20 Claims
-
1. A computer-implemented method for detecting illegitimate devices on wireless networks, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
-
recording, by a security system on the computing device and based on a connection of the computing device to a wireless network, an initial set of hops that; represent devices on the wireless network that relay network traffic between the computing device and a destination; are recorded from information about replies from the devices to messages sent by the computing device to each device in the initial set of hops; and comprise a subset of the devices that are a predetermined number of hops counting outward from the computing device; identifying, by the security system and after identifying the initial set of hops, a new set of hops that relay the network traffic between the computing device and the destination based on a subsequent connection of the computing device to the wireless network; comparing the initial set of hops to the new set of hops; determining, based on the comparison and based on identifying a change between the initial set of hops and the new set of hops, that the new set of hops comprises an abnormality that indicates an illegitimate device is intercepting the network traffic on the wireless network between the computing device and the destination; and preventing, by the security system, a user from sending sensitive information over the wireless network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for detecting illegitimate devices on wireless networks, the system comprising:
-
an identification module, stored in memory, that; records, by a security system on a computing device and based on a connection of the computing device to a wireless network, an initial set of hops that; represent devices on the wireless network that relay network traffic between a computing device and a destination; are recorded from information about replies from the devices to sequential messages sent by the computing device to each device in the initial set of hops; and comprise a subset of the devices that are a predetermined number of hops counting outward from the computing device; and identifies, by the security system and after identifying the initial set of hops, a new set of hops that relay the network traffic between the computing device and the destination based on a subsequent connection of the computing device to the wireless network; a comparison module, stored in memory, that compares the initial set of hops to the new set of hops; a determination module, stored in memory, that; determines, based on the comparison and based on identifying a change between the initial set of hops and the new set of hops, that the new set of hops comprises an abnormality that indicates an illegitimate device is intercepting the network traffic on the wireless network between the computing device and the destination; and prevents, by the security system, a user from sending sensitive information over the wireless network; and at least one physical processor configured to execute the identification module, the comparison module, and the determination module. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A non-transitory computer-readable medium comprising one or more computer-readable instructions that, when executed by at least one processor of a computing device, cause the computing device to:
-
record, by a security system on the computing device and based on a connection of the computing device to a wireless network, an initial set of hops that; represent devices on the wireless network that relay network traffic between the computing device and a destination; are recorded from information about replies from the devices to messages sent by the computing device to each device in the initial set of hops; and comprise a subset of the devices that are a predetermined number of hops counting outward from the computing device; identify, by the security system and after identifying the initial set of hops, a new set of hops that relay the network traffic between the computing device and the destination; compare the initial set of hops to the new set of hops; determine, based on the comparison and based on identifying a change between the initial set of hops and the new set of hops, that the new set of hops comprises an abnormality that indicates an illegitimate device is intercepting the network traffic on the wireless network between the computing device and the destination; and prevent, by the security system, a user from sending sensitive information over the wireless network.
-
Specification