Method and system for wireless intrusion detection prevention and security management
First Claim
Patent Images
1. A smart wireless antenna subsystem, comprising:
- one or more digital signal processors for controlling phases and time delays used in selectively steering a wireless radio frequency (RF) transmission beam pattern via an adaptive RF beamformer;
an adaptive RF beamformer for adaptively positioning RF nulls in the wireless RF transmission beam pattern to block one or more wireless network devices from accessing a wireless network, wherein the adaptive RF beamformer includes complex weighting factors to process incoming RF signals from a plurality of wireless antenna elements and a signal weight summer to add up processed RF signals to enhance RF signals of interest and ignore RF signals not of interest;
a direction of arrival detector for computing angles of arrival of incoming RF signals from the one or more wireless network devices and for passing the computed angles of arrival of the incoming RF signals to the adaptive RF beamformer; and
a plurality of wireless antenna elements for receiving a plurality of wireless RF signals from the one or more wireless network devices via the wireless network, for passing the plurality of wireless RF signals to the direction of arrival detector and for sending wireless RF signals created by adaptive RF beamformer to the one or more wireless network devices.
4 Assignments
0 Petitions
Accused Products
Abstract
A method and system for wireless intrusion detection, prevention and security management. The method and system provides autonomous wireless intrusion detection and prevention, with minimal or no operator intervention. The method and system integrates a physical layer (e.g., OSI layer 1) a smart wireless radio frequency (RF) antenna subsystem with a data-link layer (e.g., OSI layer 2) wireless security system management platform.
-
Citations
37 Claims
-
1. A smart wireless antenna subsystem, comprising:
-
one or more digital signal processors for controlling phases and time delays used in selectively steering a wireless radio frequency (RF) transmission beam pattern via an adaptive RF beamformer;
an adaptive RF beamformer for adaptively positioning RF nulls in the wireless RF transmission beam pattern to block one or more wireless network devices from accessing a wireless network, wherein the adaptive RF beamformer includes complex weighting factors to process incoming RF signals from a plurality of wireless antenna elements and a signal weight summer to add up processed RF signals to enhance RF signals of interest and ignore RF signals not of interest;
a direction of arrival detector for computing angles of arrival of incoming RF signals from the one or more wireless network devices and for passing the computed angles of arrival of the incoming RF signals to the adaptive RF beamformer; and
a plurality of wireless antenna elements for receiving a plurality of wireless RF signals from the one or more wireless network devices via the wireless network, for passing the plurality of wireless RF signals to the direction of arrival detector and for sending wireless RF signals created by adaptive RF beamformer to the one or more wireless network devices. - View Dependent Claims (2, 3, 4, 5)
-
-
6. The smart wireless antenna subsystem of claim 6 wherein the physical layer is an Open Systems Interconnection Layer 1 physical layer.
-
7. A wireless network intrusion detection and prevention system, comprising:
-
a plurality of monitor agent applications installed on a plurality of wireless network devices for collecting wireless event data from a wireless network;
a plurality of wireless access points for providing access to the wireless network for the plurality of wireless network devices;
a secure communications link for providing secure communications between the plurality of wireless network devices and other components of the wireless network intrusion detection and prevention system;
a cooperative decision engine for collecting wireless event data from the plurality of monitor agent applications installed on the plurality of wireless network devices the plurality of wireless network devices and the plurality of wireless access points, for screening the wireless event data for normal events and abnormal events, for sending decision data to a response initiator adaptive feedback engine based on processing of the normal event and abnormal events and for receiving state data from the response initiator adaptive feedback engine;
a fuzzy association engine including an adaptive learning detection system for adaptively detecting abnormal events and preventing similar abnormal events based on wireless event data received from the cooperative decision engine; and
a response initiator adaptive feedback engine for receiving decision data from the cooperative decision engine, for sending state information to the cooperative decision engine, for sending response control information to a plurality of wireless access points through the secure communications link, and for maintaining a running mistrust level for the plurality of wireless network devices and the plurality of wireless access points on the wireless network. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. An integrated wireless intrusion detection and prevention security system, comprising:
-
a smart wireless antenna subsystem at a physical layer in a wireless network infrastructure on a wireless network for detecting a direction of arrival of a wireless signals from a selected wireless network device from a set of a plurality of wireless network devices on a wireless smart antenna subsystem associated with a wireless access point, for analyzing the direction of arrival to determine whether the detected signal is from a rouge wireless network device, and if so, creating a wireless beamform and directing the wireless signal from the rouge wireless network device to a null area in the wireless signal pattern being transmitted by the wireless access point; and
a wireless network intrusion detection and prevention system at a data link layer in the wireless network infrastructure on the wireless network for collecting wireless event data from the wireless network, analyzing the collected wireless event data for normal and abnormal wireless events, and for providing network security response controls to the plurality of wireless network devices and the wireless access point on the wireless network based on the analyzed collected wireless event data. - View Dependent Claims (20, 21)
-
-
22. A method for wireless intrusion detection and prevention, comprising:
-
detecting a direction of arrival of a wireless signal from a wireless network device on a smart wireless antenna subsystem associated with a wireless access point;
analyzing the direction of arrival to determine whether the wireless signal is from a rouge wireless network device, and if so, adaptively creating a wireless beamform and directing the wireless signal from the rouge wireless network device to a null area in a wireless signal pattern being transmitted by the wireless access point. - View Dependent Claims (23, 24)
-
-
25. A method for wireless intrusion detection and protection security, comprising:
-
maintaining plural mistrust levels for a plurality of wireless signals for a plurality wireless network devices and for a plurality of wireless access points on a wireless network by a wireless security system;
detecting a wireless signal for a wireless event for a selected wireless network device or selected wireless access point on a smart wireless antenna subsystem;
determining a mistrust level for the detected wireless signal via the wireless security system using decision data created on the wireless security system from the detected wireless signal from the smart wireless antenna subsystem;
comparing the determined mistrust level to a mistrust level stored for the plural wireless signals for the plural wireless network devices and plural wireless access points; and
applying a selected security response control from the wireless security system based on the determined mistrust level to selected wireless network device or wireless access point. - View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37)
-
Specification