Anti-spoofing system and method

US 20040213172A1
Filed: 04/24/2003
Published: 10/28/2004
Est. Priority Date: 04/24/2003
Status: Abandoned Application

First Claim

Patent Images

1. A method for preventing network address spoofing in respect of a plurality of mobile units within a wireless network, said wireless network including an access controller and first and second radio units, said method comprising:

(a) associating a first mobile unit to the first radio unit, determining the network address of said first mobile unit and maintaining a connectivity record that contains said network address and that indicates an association with said first radio unit;

(b) receiving an associate request from a second mobile unit to associate with the second radio unit and determining the network address of said second mobile unit;

(c) determining if the network address of the second mobile unit is the same as the network address of the first mobile unit;

(d) if the determination in (c) is true then retrieving the connectivity record associated with the network address of said first and mobile units and determining whether said connectivity record indicates an association with the first radio unit; and

(e) if the determination in (d) is true then executing an anti-spoofing protocol.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for preventing network address spoofing within a wireless local area network (LAN) that includes an access controller and first and second radio units. The method first associates a first mobile unit to the first radio unit, determines the network address of the first mobile unit and maintains a connectivity record that contains the network address and identifies that the first radio unit has been associated with. If a second mobile unit requests association with the second radio unit then the network address of the second mobile unit is determined. If the network address of the second mobile unit is the same as the network address of the first mobile unit then the connectivity record associated with the network address of said first and second mobile units is checked. If the connectivity record indicates an association with the first radio unit then an anti-spoofing protocol is executed.

108 Citations

View as Search Results

20 Claims

1. A method for preventing network address spoofing in respect of a plurality of mobile units within a wireless network, said wireless network including an access controller and first and second radio units, said method comprising:
- (a) associating a first mobile unit to the first radio unit, determining the network address of said first mobile unit and maintaining a connectivity record that contains said network address and that indicates an association with said first radio unit;
  
  (b) receiving an associate request from a second mobile unit to associate with the second radio unit and determining the network address of said second mobile unit;
  
  (c) determining if the network address of the second mobile unit is the same as the network address of the first mobile unit;
  
  (d) if the determination in (c) is true then retrieving the connectivity record associated with the network address of said first and mobile units and determining whether said connectivity record indicates an association with the first radio unit; and
  
  (e) if the determination in (d) is true then executing an anti-spoofing protocol.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the anti-spoofing protocol includes the step of generating a spoofing log indicating that a spoofing incident has occurred.
  - 3. The method of claim 1, wherein the anti-spoofing protocol includes the step of sending a SNMP trap of the event to a network management station indicating that a spoofing incident has occurred.
  - 4. The method of claim 1, wherein the anti-spoofing protocol includes the step of un-authenticating said first and second mobile units such that said first mobile unit is disconnected from the wireless network and such that said second mobile unit is prevented from connecting to the wireless network.
  - 5. The method of claim 1, wherein the anti-spoofing protocol includes the step of preventing said second mobile unit from connecting to the network.
  - 6. The method of claim 1, wherein the anti-spoofing protocol includes the steps of un-authenticating said first mobile unit such that said first mobile unit is disconnected from said wireless network and preventing any mobile unit with the network address of said first and second mobile units from connecting to the wireless network.
  - 7. The method of claim 1, wherein the network address is the MAC address.
  - 8. The method of claim 1, herein the network address is the IP address.
  - 9. The method of claim 1, wherein the connectivity record for said first mobile unit is periodically updated to reflect the association status of said first mobile unit with said first and second radio units.
  - 10. The method of claim 1, wherein the connectivity record is indexed by MAC address.

11. A wireless network for preventing network address spoofing of a first mobile unit by a second mobile unit, said network comprising:
- (a) first and second radio units;
  
  (b) an access controller coupled to said first and second radio units and being adapted to;
  
  (i) associate the first mobile unit to the first radio unit, determine the network address of said first mobile unit and maintain a connectivity record that contains said network address and that indicates an association with said first radio unit;
  
  (ii) receive an associate request from a second mobile unit to associate with the second radio unit and determine the network address of said second mobile unit;
  
  (iii) determine if the network address of the second mobile unit is the same as the network address of the first mobile unit;
  
  (iv) retrieve the connectivity record associated with the network address of said first and mobile units if the determination in (iii) is true and determine whether said connectivity record indicates an association with the first radio unit; and
  
  (v) execute an anti-spoofing protocol if the determination if (iv) is true.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The network of claim 11, wherein the access controller is adapted to execute the anti-spoofing protocol by generating a spoofing log indicating that a spoofing incident has occurred.
  - 13. The network of claim 11, wherein said network includes a network management station coupled to said access controller, wherein the access controller is adapted to execute the anti-spoofing protocol by sending a SNMP trap of the event to the network management station that indicates that a spoofing incident has occurred.
  - 14. The network of claim 11, wherein the access controller is adapted to execute the anti-spoofing protocol by un-authenticating said first and second mobile units such that said first mobile unit is disconnected from the wireless network and such that said second mobile unit is prevented from connecting to the wireless network.
  - 15. The network of claim 11, wherein the access controller is adapted to execute the anti-spoofing protocol by preventing said second mobile unit from connecting to the network.
  - 16. The network of claim 11, wherein the access controller is adapted to execute the anti-spoofing protocol by un-authenticating said first mobile unit such that said first mobile unit is disconnected from said wireless network and preventing any mobile unit with the network address of said first and second mobile units from connecting to the wireless network.
  - 17. The network of claim 11, wherein the network address is the MAC address.
  - 18. The network of claim 11, wherein the network address is the IP address.
  - 19. The network of claim 11, wherein the access controller periodically updates the connectivity record for said first mobile unit to reflect the association status of said first mobile unit with said first and second radio units by monitoring instances of association and disassociation messages.
  - 20. The network of claim 11, wherein the connectivity record is indexed by MAC address.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Chantry Networks Corporation (Siemens AG)
Original Assignee
Chantry Networks Corporation (Siemens AG)
Inventors
Myers, Robert L., Francisco, Paulo Neves

Application Number

US10/421,716
Publication Number

US 20040213172A1
Time in Patent Office

Days
Field of Search
US Class Current

370/313
CPC Class Codes

H04L 63/1408   by monitoring network traff...

H04L 63/1466   Active attacks involving in...

H04W 12/122   Counter-measures against at...

Anti-spoofing system and method

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

108 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Anti-spoofing system and method

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

108 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others