Wireless lan intrusion detection based on location
First Claim
1. In a wireless local area data communications system, wherein mobile units communicate with access points, and wherein said system is arranged to locate transmitters using signals transmitted by said transmitters, a method for detecting unauthorized signals, comprising:
- maintaining a database relating authorized transmitters to location;
detecting selected signals at said access points and recording location data corresponding to said signals for use in locating a source of said signals;
locating said source using said location data;
comparing said source location to a corresponding location in said database; and
signaling an alarm if said source location is inconsistent with said corresponding database location.
6 Assignments
0 Petitions
Accused Products
Abstract
A intrusion detection method is disclosed for use in a wireless local area data communications system, wherein mobile units communicate with access points, and wherein the system is arranged to locate transmitters using signals transmitted by the transmitters. A database relating authorized transmitters to location is maintained. Selected signals are detected at the access points and location data corresponding to the selected signals for use in locating a source of the signals is recorded. The source location is determined using the location data, and the source location is compared to a corresponding location in the database. An alarm is signaled if the source location is inconsistent with the corresponding database location.
34 Citations
22 Claims
-
1. In a wireless local area data communications system, wherein mobile units communicate with access points, and wherein said system is arranged to locate transmitters using signals transmitted by said transmitters, a method for detecting unauthorized signals, comprising:
-
maintaining a database relating authorized transmitters to location;
detecting selected signals at said access points and recording location data corresponding to said signals for use in locating a source of said signals;
locating said source using said location data;
comparing said source location to a corresponding location in said database; and
signaling an alarm if said source location is inconsistent with said corresponding database location. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. In a wireless local area data communications system, wherein mobile units communicate with access points, and wherein said system is arranged to locate transmitters using signals transmitted by said transmitters, a method for detecting unauthorized signals, comprising:
-
maintaining a database relating authorized transmitters to location, said database further comprising MAC information;
detecting selected signals at said access points and recording location data corresponding to said signals for use in locating a source of said signals;
locating said source using said location data;
comparing said source location to a corresponding location in said database;
extracting a MAC address from said source location;
comparing said MAC address with MAC information in said database; and
signaling an alarm if analysis of said source location and said MAC address suggest possible unauthorized network access. - View Dependent Claims (13, 14)
-
-
15. In a wireless local area data communications system, wherein mobile units communicate with access points, and wherein said system is arranged to locate transmitters using signals transmitted by said transmitters, a method for detecting unauthorized signals, comprising:
-
maintaining a database relating to allowed locations;
detecting selected signals at said access points and recording location data corresponding to said signals for use in locating a source of said signals;
locating said source using said location data;
comparing said source location to the allowed locations in said database; and
signaling an alarm if said source location is not within said allowed locations. - View Dependent Claims (16, 17, 18, 19)
-
-
20. In a wireless local area data communications system, wherein mobile units communicate with a first and second access points, and wherein said system is arranged to locate transmitters using signals transmitted by said transmitters, and further wherein said first and second access points are located substantially within proximity such that under normal conditions they detect signals transmitted by same said transmitters, a method for detecting unauthorized signals, comprising:
-
detecting selected signals at said first access point and recording location data corresponding to said signals for use in locating a source of said signals; and
signaling an alarm if said signals are not detected at said second access point.
-
-
21. In a wireless local area data communications system, wherein mobile units communicate with access points, and wherein said system is arranged to locate transmitters using signals transmitted by said transmitters, a method for detecting unauthorized signals, comprising:
-
maintaining a database comprising network data traffic information;
detecting selected signals at said access points and recording location data corresponding to said signals for use in locating a source of said signals;
locating said source using said location data;
monitoring said selected signals to determine network data traffic characteristics at said source location;
comparing said determined network data traffic characteristics to information in said database; and
signaling an alarm if said determined network data traffic characteristics at said source location is inconsistent with information in said database.
-
-
22. In a wireless local area data communications system, wherein mobile units communicate with access points, and wherein said system is arranged to locate transmitters using signals transmitted by said transmitters, a method for detecting unauthorized signals, comprising:
-
maintaining a database relating authorized transmitters to location;
detecting selected signals by one or more mobile units and recording location data corresponding to said signals for use in locating a source of said signals;
locating said source using said location data;
comparing said source location to a corresponding location in said database; and
signaling an alarm if said source location is inconsistent with said corresponding database location.
-
Specification