Method and apparatus for intrusion management in a wireless network using physical location determination

US 20030232598A1
Filed: 06/13/2002
Published: 12/18/2003
Est. Priority Date: 06/13/2002
Status: Abandoned Application

First Claim

Patent Images

1. A method for managing a wireless network, comprising:

receiving radio-frequency signals emitted from a first wireless device communicating with said wireless network and at least one other wireless device coupled to said wireless network;

computing an indication of physical location of said first wireless device with respect to said at least one other wireless device in conformity with characteristics of said received signals; and

evaluating a connection between said first wireless device to said wireless network to determine whether or not said connection is undesirable in conformity with said indication of physical location.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for intrusion management in a wireless network uses distance measurement or location finding techniques to permit an administrator to manage security within a wireless network. A distance measurement or location-finding is performed between devices by transmitting and receiving one or more signals and computing an indication of physical location of a device attempting to connect or communicating within a wireless network. The resulting computed distance or location can be used to alert an administrator, provide a map of connected devices and/or automatically disconnect one or more suspect devices. Alternatively or in combination, changes in received signal amplitudes, time delays and/or other signal characteristics can be used to detect changes in the network due to intrusions.

179 Citations

46 Claims

1. A method for managing a wireless network, comprising:
- receiving radio-frequency signals emitted from a first wireless device communicating with said wireless network and at least one other wireless device coupled to said wireless network;
  
  computing an indication of physical location of said first wireless device with respect to said at least one other wireless device in conformity with characteristics of said received signals; and
  
  evaluating a connection between said first wireless device to said wireless network to determine whether or not said connection is undesirable in conformity with said indication of physical location.
- View Dependent Claims (2, 3, 4, 5, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 2. The method of claim 1, further comprising displaying said indication of physical location to an administrator, and wherein said evaluating is performed by said administrator in conformity with said displayed indication of physical location.
  - 3. The method of claim 2, further comprising:
    - receiving a user input from said administrator for disconnecting said first wireless device in response to said displaying; and
      
      in response to said user input, disconnecting said first wireless device from said wireless network.
  - 4. The method of claim 1, wherein said wireless device is connected to said wireless network, and wherein said method further comprises automatically disconnecting said first wireless device in response to said evaluating determining that said connection is undesirable.
  - 5. The method of claim 1, wherein said first wireless device is connected to said wireless network, and wherein said method further comprises communicating an alert to other wireless devices coupled to said wireless network.
  - 8. The method of claim 1, and wherein said method further comprises generating an alert to a network administrator in response to said evaluating determining that said connection is undesirable.
  - 9. The method of claim 1, wherein said method further comprises generating a graphical display of said wireless network configuration, whereby information associated with said first wireless device including results of said evaluating and said computing are displayed to an administrator.
  - 10. The method of claim 9, wherein said graphical display is a graphical map of a network facility, whereby physical location of said first wireless device is displayed on said graphical map.
  - 11. The method of claim 9, wherein physical location of said first wireless device is displayed in conformity with said indication of physical location, whereby said graphical map is updated to reflect a current position of said first wireless device.
  - 12. The method of claim 9, wherein said graphical display is a list of other wireless devices connected to said network and said wireless device, wherein a list item corresponding to said wireless device includes said indication of physical location and an indication that said connection is undesirable.
  - 13. The method of claim 9, further comprising a user input mechanism for disconnecting said wireless device from said wireless network associated with said associated wireless device and evaluating and computing results information.
  - 14. The method of claim 1, further comprising detecting a change in topology of said wireless network, and wherein said measuring, computing and evaluating are performed in response to said detecting.
  - 15. The method of claim 14, wherein said wireless device is a device connected to said wireless network and said detecting detects that said indication of physical location has changed.
  - 16. The method of claim 1, further comprising determining whether or not said wireless'"'"' device is within a security perimeter, and wherein said evaluating is performed selectively in response to whether or not said wireless device is within said security perimeter.
  - 17. The method of claim 1, further comprising transmitting a distance measuring signal from said at least one other wireless device to said first wireless device, wherein said receiving receives a response from said first wireless device to said distance measuring signal, and wherein said computing computes a distance between said first wireless device and said at least one other wireless device in conformity with a communications time delay between said transmitting and said receiving.
  - 18. The method of claim 17, wherein said first wireless device does not generate a response to said distance measuring signal, wherein said received response is a null response, and wherein said evaluating evaluates said connection as undesirable.
  - 19. The method of claim 1, wherein said at least one other wireless device comprises multiple wireless devices, wherein said receiving receives signals from said first wireless device at said multiple wireless devices, and wherein said computing computes a location of said first wireless device in conformity with communications time delay differences between receipt of said signals at said multiple wireless devices, whereby position of said first wireless device is triangulated from said time delay differences.
  - 20. The method of claim 19, wherein said at least one other wireless device comprises two wireless devices, wherein said receiving receives signals from said first wireless device at said two wireless devices, and wherein said computing computes a location curve intersecting a location of said first wireless device in conformity with communications time delay differences between receipt of said signals at said multiple wireless devices, whereby position of said first wireless device is determined as lying on said curve.
  - 21. The method of claim 1, wherein said at least one other wireless device comprises multiple wireless devices, wherein said receiving receives signals from said first wireless device at said multiple wireless devices, and wherein said computing computes a location of said first wireless device in conformity with differences in signal strengths of said received signals.

6. The method of claim 6, wherein said method further comprises in response to said other wireless devices receiving said alert, restricting communications within said wireless network.
- View Dependent Claims (7)
- - 7. The method of claim 6, wherein said method further comprises in response to said other wireless devices receiving said alert, generating a local warning on at least one of said other wireless devices.

22. A wireless network, comprising:
- a first wireless communications device coupled to said wireless network;
  
  at least one other wireless communications device coupled to said wireless network, and wherein said at least one other wireless communications device comprises a measurement sub-system for measuring characteristics of signals received at said at least one other wireless device;
  
  a processing sub-system for computing an indication of a physical location of said first wireless device in conformity with said measured characteristics; and
  
  a security sub-system for evaluating a connection between said first wireless device and said wireless network to determine that said connection is undesirable in conformity with said indication of physical location.
- View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
- - 23. The wireless network of claim 22, further comprising a graphical display for displaying said indication of physical location to an administrator, and wherein said evaluating is performed by said administrator in conformity with said displayed indication of physical location.
  - 24. The wireless network of claim 23, further comprising a user input device for receiving a user input from said administrator for disconnecting said first wireless device in response to said displaying, and wherein said security subsystem disconnects said first wireless device from said wireless network in response to said user input.
  - 25. The wireless network of claim 22, wherein said security subsystem automatically disconnects said first wireless device in response to said evaluating determining that said connection is undesirable.
  - 26. The wireless network of claim 22, wherein said first wireless device is connected to said wireless network, and wherein said security subsystem generates an alert to other wireless devices coupled to said wireless network.
  - 27. The wireless network of claim 26, wherein said security subsystem further communicates an alert for restricting communications within said wireless network.
  - 28. The wireless network of claim 22, wherein said security subsystem generates an alert to a network administrator in response to determining that said connection is undesirable.
  - 29. The wireless network of claim 22, further comprising a graphical display for displaying a configuration of said first wireless network, whereby information associated with said first wireless device including results of said evaluating and said computing are displayed to an administrator.
  - 30. The wireless network of claim 29, wherein said graphical display displays a graphical map of a network facility, whereby physical location of said first wireless device is displayed on said graphical map.
  - 31. The wireless network of claim 30, wherein said physical location of said first wireless device is displayed in conformity with said indication of physical location, whereby said graphical map is updated with a current position of said first wireless device.
  - 32. The wireless network of claim 29, wherein said graphical display displays a list of other wireless devices connected to said network and said wireless device, wherein a list item corresponding to said first wireless device includes said indication of physical location and an indication that said connection is undesirable.
  - 33. The wireless network of claim 29, further comprising a user input device for receiving a user input for disconnecting said first wireless device from said wireless network, said user input associated with said information via a positional link between said graphical display and said user input device.
  - 34. The wireless network of claim 22, wherein said security subsystem further detects a change in topology of said wireless network, and wherein said security subsystem evaluates said connection in response to said detecting.
  - 35. The wireless network of claim 34, wherein said first wireless device is a device connected to said wireless network and said security subsystem detects that said indication of physical location has changed.
  - 36. The wireless network of claim 22, wherein said security subsystem determines whether or not said first wireless device is within a security perimeter, and selectively evaluates desirability of said connection in response to whether or not said first wireless device is within said security perimeter.
  - 37. The wireless network of claim 22, wherein said at least one other wireless device transmits a distance measuring signal and receives a response from said first wireless device to said distance measuring signal, and wherein said measuring subsystem measures a communications time delay from a transmitting said distance measuring signal to a receiving of said response, whereby said processing subsystem computes a distance between said first wireless device and said at least one other wireless device in conformity with said communications time delay.
  - 38. The wireless network of claim 22, wherein said at least one other wireless device comprises multiple wireless devices, and wherein said at least one other wireless device receives signals from said first wireless device, and wherein said measuring subsystem within each at of said multiple wireless devices measures a communications time of receipt of said signals, and wherein said wireless network further comprises a master processor for receiving said measured times of receipt from said multiple wireless devices and computes a location of said first wireless device in conformity with differences between said times of receipt.
  - 39. The wireless network of claim 38, wherein said at least one other wireless device comprises two wireless devices, wherein said processing subsystem computes a location curve intersecting a location of said first wireless device in conformity with communications time delay differences between receipt of said signals at said multiple wireless devices, whereby position of said first wireless device is determined as lying on said curve.
  - 40. The wireless network of claim 22, wherein said at least one other wireless device comprises multiple wireless devices, and wherein said at least one other wireless device receives signals from said first wireless device, and wherein said measuring subsystem within each at of said multiple wireless devices measures a signal strength of said received signals, and wherein said wireless network further comprises a master processor for receiving indications of said amplitude from said multiple wireless devices and computes a location of said first wireless device in conformity with relative strengths of said received signals.

41. A method for managing a wireless network, comprising:
- receiving radio-frequency signals emitted from a first wireless device connected to said wireless network and at least one other wireless device coupled to said wireless network;
  
  determining that a characteristic of said received signal deviates from an expected characteristic of said received signal; and
  
  evaluating a connection between said first wireless device to said wireless network to determine that said connection is undesirable in conformity with said determination.
- View Dependent Claims (42, 43)
- - 42. The method of claim 41, further comprising transmitting a distance measuring signal from said at least one other wireless device to said first wireless device, wherein said receiving receives a response from said first wireless device to said distance measuring signal, and wherein said determining determines that a communications time delay between said transmitting and said receiving deviates from an expected time delay.
  - 43. The method of claim 41, wherein said receiving receives signals from said first wireless device at said at least one other wireless device, and wherein said determining determines that a signal strength of said received signals deviates from an expected signal strength.

44. A wireless network, comprising:
- a first wireless communications device coupled to said wireless network;
  
  at least one other wireless communications device coupled to said wireless network, and wherein said at least one other wireless communications device comprises a measurement sub-system for measuring characteristics of signals received at said at least one other wireless device;
  
  a processing sub-system for determining that a characteristic of said received signal deviates from an expected characteristic of said received signal; and
  
  a security sub-system for evaluating a connection between said first wireless device and said wireless network to determine that said connection is undesirable in conformity with said determination by said processing subsystem.
- View Dependent Claims (45, 46)
- - 45. The wireless network of claim 44, wherein said at least one other wireless device transmits a distance measuring signal to said first wireless device, wherein said receiving receives a response from said first wireless device to said distance measuring signal, and wherein said processing subsystem determines that a communications time delay between said transmitting and said receiving deviates from an expected time delay.
  - 46. The wireless network of claim 44, wherein said at least one other wireless device receives signals from said first wireless device at said at least one other wireless device, and wherein said processing subsystem determines that a signal strength of said received signals deviates from an expected signal strength.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bluesoft, Ltd.
Original Assignee
Bluesoft, Ltd.
Inventors
Bar-Gil, Yuval, Aljadeff, Daniel, Sullivan, Michael James, Overy, Michael Robert

Application Number

US10/171,427
Publication Number

US 20030232598A1
Time in Patent Office

Days
Field of Search
US Class Current

455/41.2
CPC Class Codes

G01S 13/878   Combination of several spac...

G01S 5/06   Position of source determin...

H04L 63/0492   by using a location-limited...

H04L 63/1408   by monitoring network traff...

H04W 12/121   Wireless intrusion detectio...

H04W 12/122   Counter-measures against at...

H04W 24/04   Arrangements for maintainin...

H04W 64/003   locating network equipment

H04W 88/08   Access point devices

Method and apparatus for intrusion management in a wireless network using physical location determination

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

179 Citations

46 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for intrusion management in a wireless network using physical location determination

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

179 Citations

46 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links