Wireless local or metropolitan area network with intrusion detection features and related methods
First Claim
1. A wireless local or metropolitan area network comprising:
- a plurality of stations for transmitting data therebetween; and
a policing station for detecting intrusions into the wireless network by monitoring transmissions among said plurality of stations to detect transmissions during an unauthorized period; and
generating an intrusion alert based upon detecting transmissions during the unauthorized period.
7 Assignments
0 Petitions
Accused Products
Abstract
A wireless local or metropolitan area network may include a plurality of stations for transmitting data therebetween and a policing station. The policing station may detect intrusions into the wireless network by monitoring transmissions among the plurality of stations to detect transmissions during an unauthorized period and generate an intrusion alert based thereon. The policing station may also detect intrusions based upon one or more of integrity check values which do not correspond with respective data packets, usage of non-consecutive media access control (MAC) sequence numbers by a station, and collisions of packet types and/or MAC addresses.
-
Citations
84 Claims
-
1. A wireless local or metropolitan area network comprising:
-
a plurality of stations for transmitting data therebetween; and
a policing station for detecting intrusions into the wireless network by monitoring transmissions among said plurality of stations to detect transmissions during an unauthorized period; and
generating an intrusion alert based upon detecting transmissions during the unauthorized period. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A wireless local or metropolitan area network comprising:
-
a plurality of stations for transmitting data in packets and generating respective integrity check values for transmission with each packet; and
a policing station for detecting intrusions into the wireless network by monitoring transmissions among said plurality of stations to detect integrity check values which do not correspond with their respective data packets; and
generating an intrusion alert based upon detecting an integrity check value which does not correspond with its respective data packet. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. A wireless local or metropolitan area network comprising:
-
a plurality of stations for transmitting data in packets via a medium access control (MAC) layer and also for transmitting a respective MAC sequence number with each data packet data; and
a policing station for detecting intrusions into the wireless network by monitoring transmissions among said plurality of stations to detect usage of non-consecutive MAC sequence numbers by a station; and
generating an intrusion alert based upon detecting usage of non-consecutive MAC sequence numbers by a station. - View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33)
-
-
34. A wireless local or metropolitan area network comprising:
-
a plurality of stations for transmitting data in packets each having a packet type associated therewith; and
a policing station for detecting intrusions into the wireless network by monitoring transmissions among said plurality of stations to detect collisions of packets having a predetermined packet type; and
generating an intrusion alert based upon detecting a threshold number of collisions of packets having the predetermined packet type. - View Dependent Claims (35, 36, 37, 38, 39, 40, 41)
-
-
42. A wireless local or metropolitan area network comprising:
-
a plurality of stations for transmitting data via a medium access control (MAC) layer, each station having a MAC address associated therewith to be transmitted with data sent therefrom; and
a policing station for detecting intrusions into the wireless network by monitoring transmissions among said plurality of stations to detect collisions of a same MAC address; and
generating an intrusion alert based upon detecting a threshold number of collisions of a same MAC address. - View Dependent Claims (43, 44, 45)
-
-
46. An intrusion detection method for a wireless local or metropolitan area network comprising a plurality of stations, the method comprising:
-
transmitting data between the plurality of stations;
monitoring transmissions among the plurality of stations to detect transmissions during an unauthorized period; and
generating an intrusion alert based upon detecting transmissions during the unauthorized period. - View Dependent Claims (47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57)
-
-
58. An intrusion detection method for a wireless local or metropolitan area network comprising a plurality of stations, the method comprising:
-
transmitting data between the plurality of stations in packets and generating respective integrity check values for transmission with each packet;
monitoring transmissions among the plurality of stations to detect integrity check values which do not correspond with their respective data packets; and
generating an intrusion alert based upon detecting an integrity check value which does not correspond with its respective data packet. - View Dependent Claims (59, 60, 61, 62, 63, 64, 65, 66)
-
-
67. An intrusion detection method for a wireless local or metropolitan area network comprising a plurality of stations, the method comprising:
-
transmitting data in packets via a medium access control (MAC) layer and transmitting a respective MAC sequence number with each data packet data;
monitoring transmissions among the plurality of stations to detect usage of non-consecutive MAC sequence numbers by a station; and
generating an intrusion alert based upon detecting usage of non-consecutive MAC sequence numbers by a station. - View Dependent Claims (68, 69, 70, 71, 72, 73, 74)
-
-
75. An intrusion detection method for a wireless local or metropolitan area network comprising a plurality of stations, the method comprising:
-
transmitting data in packets between the plurality of stations, each packet having a packet type associated therewith;
monitoring transmissions among the plurality of stations to detect collisions of packets having a predetermined packet type; and
generating an intrusion alert based upon detecting a threshold number of collisions of packets having the predetermined packet type. - View Dependent Claims (76, 77, 78, 79, 80, 81)
-
-
82. An intrusion detection method for a wireless local or metropolitan area network comprising a plurality of stations, the method comprising:
-
transmitting data via a medium access control (MAC) layer between the plurality of stations, each station having a MAC address associated therewith to be transmitted with data sent therefrom;
monitoring transmissions among the plurality of stations to detect collisions of a same MAC address; and
generating an intrusion alert based upon detecting a threshold number of collisions of a same MAC address. - View Dependent Claims (83, 84)
-
Specification