System and method for detection of a rogue wireless access point in a wireless communication network

US 20040023640A1
Filed: 08/02/2002
Published: 02/05/2004
Est. Priority Date: 08/02/2002
Status: Active Grant

First Claim

Patent Images

1. A method for detecting an unauthorized access point accessing a communication network, comprising the steps of:

(a) detecting a beacon generated by a transmitting access point, the beacon including corresponding identification information of the transmitting access point;

(b) verifying the identification information of the transmitting access point with a preexisting database of the communication network, the preexisting database including corresponding identification information of a plurality of access points authorized to access the communication network; and

(c) initiating a tracking procedure to determine a location of the unauthorized access point where the verification of the transmitting access point identification information with the preexisting database fails.

View all claims

11 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Described are a system and method for detecting an unauthorized access point accessing a communication network. An authorized access point and/or an authorized mobile unit detects a beacon generated by a transmitting access point. The beacon includes identification information of the transmitting access point. A computing arrangement verifies the identification information of the transmitting access point with a preexisting database of the communication network. The preexisting database includes data corresponding to identification information of a plurality of authorized access points. The computing arrangement initiates a tracking procedure to determine a location of the unauthorized access point where the verification of the transmitting access point identification information with the preexisting database fails.

Citations

24 Claims

1. A method for detecting an unauthorized access point accessing a communication network, comprising the steps of:
- (a) detecting a beacon generated by a transmitting access point, the beacon including corresponding identification information of the transmitting access point;
  
  (b) verifying the identification information of the transmitting access point with a preexisting database of the communication network, the preexisting database including corresponding identification information of a plurality of access points authorized to access the communication network; and
  
  (c) initiating a tracking procedure to determine a location of the unauthorized access point where the verification of the transmitting access point identification information with the preexisting database fails.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method according to claim 1, wherein the step (a) is performed utilizing at least one of (a) at least one of the plurality of authorized access points and (b) a mobile unit which is authorized to access the communication network.
  - 3. The method according to claim 2, wherein the plurality of authorized access points, the unauthorized access point and the mobile unit communicate using 802.11 wireless protocol.
  - 4. The method according to claim 1, wherein the identification information includes at least one of a manufacturer serial number of the corresponding access point and a virtual private network identifier.
  - 5. The method according to claim 1, wherein the step (c) includes the substep of:
    - notifying a network administrator of the communication network of the detection of the unauthorized access point.
  - 6. The method according to claim 2, wherein the step (c) includes the substep of:
    - generating an activity record of the unauthorized access point.
  - 7. The method according to claim 6, wherein the record includes at least one of a manufacturer serial number, a virtual private network number, a time and date of the unauthorized access and a signal strength of the beacons.
  - 8. The method according to claim 7, wherein the step (a) is performed by the mobile unit and the step (c) includes a substep of:
    - determining the location of the unauthorized access point as the function of the activity record and a geographic location of the mobile unit.
  - 9. The method according to claim 8, wherein the mobile unit performs the step (a) in a geographical area which is outside of an area reachable by the plurality of authorized access points.
  - 10. The method according to claim 7, wherein the step (a) is performed by at least three authorized access points and the step (c) includes the substep of:
    - determining the location of the unauthorized access point as a function of the activity record and a geographic location of each of the at least three authorized access points.
  - 11. The method according to claim 10, wherein the step (a) is performed by the mobile unit in the location and the method further comprising the step of:
    - (d) determining a further location of the unauthorized access point as a function of the activity record, the location and a geographic location of the mobile unit.
  - 12. The method according to claim 1, further comprising the step of:
    - (d) terminating an access to the communication network of the unauthorized access point.
  - 13. The method according to claim 1, further comprising the step of:
    - (d) allowing an access to the communication network of the unauthorized access point.

14. A system for detecting an unauthorized access point accessing a communication network, the unauthorized access point generating a beacon including corresponding identification information, the system comprising:
- a plurality of access points which are authorized to access the communication network, at least one authorized access point receiving beacons generated by a transmitting access point, the beacons including corresponding identification information of the transmitting access point; and
  
  a computing arrangement performing a verification procedure by comparing the identification information of the transmitting access point to a preexisting database of the communication network, the preexisting database including identification information of the plurality of authorized access points, wherein if the verification procedure fails, the transmitting access point is the unauthorized access point and the computing arrangement initiates a tracking procedure to determine a location of the unauthorized access point.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
- - 15. The system according to claim 14, further comprising:
    - a mobile unit being authorized to access the communication network.
  - 16. The system according to claim 15, wherein the plurality of authorized access points, the unauthorized access point and the mobile unit communicate using 802.11 wireless protocol
  - 17. The system according to claim 14, wherein the identification information includes at least one of a manufacturer serial number of the corresponding access point and a virtual private network identifier.
  - 18. The system according to claim 14, wherein the computing arrangement notifying a network administrator of the communication network of the detection of the unauthorized access point.
  - 19. The system according to claim 15, wherein the computing arrangement generates an activity record of the unauthorized access point.
  - 20. The system according to claim 19, wherein the record includes at least one of a manufacturer serial number, a virtual private network number, a time and date of the unauthorized access and a signal strength of the beacon.
  - 21. The system according to claim 20, wherein the mobile unit receives the beacon and transmits the beacon to the at least one authorized access point, the computing arrangement determining the location of the unauthorized access point as the function of the activity record and a geographic location of the mobile unit.
  - 22. The system according to claim 21, wherein the mobile unit listens for the beacons in a geographical area which is outside of an area reachable by the plurality of authorized access points.
  - 23. The system according to claim 15, wherein at least three authorized access points listen for the beacon and the computing arrangement determines the location of the unauthorized access point as the function of the activity record and a geographic location of each of the at least three authorized access points.
  - 24. The system according to claim 23, wherein the mobile unit is situated in the location to listen for the beacon and the computing arrangement determines a further location of the unauthorized access point as a function of the activity record, the location and a geographic location of the mobile unit.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Extreme Networks, Inc.
Original Assignee
Symbol Technologies, Inc. (Zebra Technologies Corporation)
Inventors
Ballai, Philip N.

Granted Patent

US 7,068,999 B2
Time in Patent Office

Days
Field of Search
US Class Current

455/411
CPC Class Codes

H04L 63/10   for controlling access to d...

H04L 63/1441   Countermeasures against mal...

H04L 63/1466   Active attacks involving in...

H04W 12/122   Counter-measures against at...

H04W 24/04   Arrangements for maintainin...

H04W 4/02   Services making use of loca...

H04W 64/003   locating network equipment

H04W 88/08   Access point devices

System and method for detection of a rogue wireless access point in a wireless communication network

First Claim

11 Assignments

0 Petitions

Accused Products

Abstract

Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for detection of a rogue wireless access point in a wireless communication network

First Claim

11 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links