Intrusion detection sensor detecting attacks against wireless network and system and method of detecting wireless network intrusion
First Claim
1. An intrusion detection sensor detecting an attack against a wireless network including an access point providing wireless communication to one or more wireless terminals, wherein the intrusion detection sensor examines a packet transmitted and received between the access point and the wireless terminal according to a predetermined detection rule, and in relation to an event packet including critical information on whether or not a wireless line connection between the access point and the wireless terminal is established, the packet is examined by additionally using confirmation information received from the access point on whether or not the event packet is transmitted.
1 Assignment
0 Petitions
Accused Products
Abstract
An intrusion detection system and method of a wireless network providing wireless communication to one or more wireless terminal, and an intrusion detection sensor capable of detecting attacks against wireless network are provided. The intrusion detection system of a wireless network includes: an access point providing wireless communication to a wireless terminal; and an intrusion detection sensor examining packets transmitted and received between the access point and a wireless terminal according to a predetermined detection rule. The access point transmits confirmation information on whether or not an event packet, including critical information on whether or not a wireless line connection between the access point and the wireless terminal is established, is transmitted, to the intrusion detection sensor, and the intrusion detection sensor examines an event packet by using the confirmation information. According to the system and method, a variety of attacks occurring on a wireless network can be effectively detected and systematically controlled.
68 Citations
24 Claims
-
1. An intrusion detection sensor detecting an attack against a wireless network including an access point providing wireless communication to one or more wireless terminals,
wherein the intrusion detection sensor examines a packet transmitted and received between the access point and the wireless terminal according to a predetermined detection rule, and in relation to an event packet including critical information on whether or not a wireless line connection between the access point and the wireless terminal is established, the packet is examined by additionally using confirmation information received from the access point on whether or not the event packet is transmitted.
-
9. A wireless network intrusion detection system providing wireless communication to one or more wireless terminal, the system comprising:
-
an access point providing wireless communication to the wireless terminal; and
an intrusion detection sensor examining packets transmitted and received between the access point and a wireless terminal according to a predetermined detection rule, wherein the access point transmits confirmation information on whether or not an event packet, including critical information on whether or not a wireless line connection between the access point and the wireless terminal is established, is transmitted, to the intrusion detection sensor, and the intrusion detection sensor examines an event packet by using the confirmation information. - View Dependent Claims (10, 14, 15, 16)
-
-
11. The system of claim 11, wherein when the access point transmits the event packet to the wireless terminal, the confirmation information is transferred, by transmitting the intention, or the event packet itself to the intrusion detection sensor.
- 12. The system of claim 12, wherein the confirmation information is transmitted through a secure communication channel between the access point and the intrusion detection sensor.
-
17. A wireless network intrusion detection method providing wireless communication to one or more wireless terminal, the method comprising:
-
examining ordinary packets transmitted and received between an access point providing wireless communication to the wireless terminal and the wireless terminal, according to a predetermined detection rule;
identifying an event packet, including critical information on whether or not a wireless line connection between the access point and the wireless terminal is established, among the ordinary packets;
if the event packet is identified, receiving confirmation information from the access point on whether or not the event packet is transmitted; and
examining the event packet by using the confirmation information. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
-
Specification