System and method for detection of a rouge wireless access point in a wireless communication network

US 20060193258A1
Filed: 05/03/2006
Published: 08/31/2006
Est. Priority Date: 08/02/2002
Status: Active Grant

First Claim

Patent Images

1. A device, comprising:

a communications arrangement detecting a beacon transmitted by an access point in a communications network, the beacon including identification information of the access point; and

a processor verifying the identification information with a preexisting database, the preexisting database including identification information of a plurality of access points authorized to access the communications network, wherein when the verification of the identification information fails, the processor identifies the access point as an unauthorized access point and sets conditions for which the unauthorized access point is allowed to access the communication network.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Described are a system and method for detecting an unauthorized access point accessing a communication network. An authorized access point and/or an authorized mobile unit detects a beacon generated by a transmitting access point. The beacon includes identification information of the transmitting access point. A computing arrangement verifies the identification information of the transmitting access point with a preexisting database of the communication network. The preexisting database includes data corresponding to identification information of a plurality of authorized access points. The computing arrangement initiates a tracking procedure to determine a location of the unauthorized access point where the verification of the transmitting access point identification information with the preexisting database fails.

91 Citations

View as Search Results

20 Claims

1. A device, comprising:
- a communications arrangement detecting a beacon transmitted by an access point in a communications network, the beacon including identification information of the access point; and
  
  a processor verifying the identification information with a preexisting database, the preexisting database including identification information of a plurality of access points authorized to access the communications network, wherein when the verification of the identification information fails, the processor identifies the access point as an unauthorized access point and sets conditions for which the unauthorized access point is allowed to access the communication network.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The device according to claim 1, wherein, when the verification fails, the processor initiates a tracking procedure to determine a location of the unauthorized access point.
  - 3. The device according to claim 1, wherein the device is an access point.
  - 4. The device according to claim 1, wherein the identification information includes at least one of (i) a serial number of the corresponding access point and (ii) a virtual private network identifier.
  - 5. The device according to claim 1, wherein the processor notifies a network administrator when the verification fails.
  - 6. The device according to claim 1, wherein the processor generates an activity record of activities of the unauthorized access point.
  - 7. The device according to claim 6, wherein the activity record includes at least one of a manufacturer serial number, a virtual private network number, a time and date of the unauthorized access, a signal strength of the beacon, a time and date of subsequent communications with the unauthorized access point, a source and a destination of each of the subsequent communications and a signal strength of each of the subsequent communications.
  - 8. The device according to claim 7, wherein the processor determines the location of the unauthorized access point as the function of the activity record and geographic locations of the device and at least two access points of the plurality of access points.

9. A computing arrangement, a communications arrangement communicating with a plurality of access points authorized to communicate on a communications network;
- a memory storing identification information of an access point that was received in a beacon from the access point by at least one of the plurality of authorized access points, the memory further storing a preexisting database including identification information of the plurality of authorized access points; and
  
  a processor performing a verification procedure by comparing the identification information of the access point to the identification information in the preexisting database, wherein when the verification fails, the processor identifies the access point as an unauthorized access point and sets conditions for which the unauthorized access point is allowed to access the communications network.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The computing arrangement according to claim 9, wherein, when the verification fails, the processor determines a location of the unauthorized access point.
  - 11. The computing arrangement according to claim 9, wherein the identification information includes at least one of a manufacturer serial number of the corresponding access point and a virtual private network identifier.
  - 12. The computing arrangement according to claim 9, wherein the processor notifies a network administrator of the detection of the unauthorized access point.
  - 13. The computing arrangement according to claim 9, wherein the computing arrangement receives an activity record of activities of the unauthorized access point from the at least one of the plurality of authorized access points.
  - 14. The computing arrangement according to claim 13, wherein the activity record includes at least one of a manufacturer serial number, a virtual private network number, a time and date of the unauthorized access, a signal strength of the beacon, a time and date of subsequent transmissions by with the unauthorized access point, a source and a destination of each of the subsequent transmissions and a signal strength of each of the subsequent transmissions.
  - 15. The computing arrangement according to claim 14, wherein a location of the unauthorized access point is determined as a function of the activity record and a geographic location of the at least one of the plurality of access points.

16. A method, comprising:
- scanning a plurality of radio frequency channels in a wireless communications network to detect a beacon from an access point, the beacon including identification information of the access point;
  
  transmitting the identification information to a computing arrangement for performing a verification procedure, the verification procedure including a comparison of the identification information to a preexisting database of identification information of a plurality of access points authorized to communicate on the communications network; and
  
  if the access point fails the verification procedure, generating an activity record of activities of the access point.
- View Dependent Claims (17, 18, 19)
- - 17. The method according to claim 16, further comprising:
    - transmitting the activity record to the computing arrangement.
  - 18. The method according to claim 16, wherein the activity record includes at least one of a manufacturer serial number, a virtual private network number, a time and date of the unauthorized access, a signal strength of the beacon, a time and date of subsequent transmissions by the unauthorized access point, a source and a destination of each of the subsequent transmissions and a signal strength of each of the subsequent transmissions.
  - 19. The method according to claim 16, further comprising:
    - determining a location of the access point; and
      
      transmitting the location to the computing arrangement.

20. An arrangement, comprising:
- a communications means for detecting a beacon transmitted by an access point in a communications network, the beacon including corresponding identification information of the access point; and
  
  a processing means for verifying the identification information with a preexisting database, the preexisting database including identification information for a plurality of access points authorized to access the communications network, wherein when the verification of the identification information fails, the access point is an unauthorized access point, the processing means sets conditions for allowing the unauthorized access point to access the communications network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Extreme Networks, Inc.
Original Assignee
Symbol Technologies, Inc. (Zebra Technologies Corporation)
Inventors
Ballai, Philip N.

Granted Patent

US 7,676,218 B2
Time in Patent Office

Days
Field of Search
US Class Current

370/230
CPC Class Codes

H04L 63/10   for controlling access to d...

H04L 63/1441   Countermeasures against mal...

H04L 63/1466   Active attacks involving in...

H04W 12/122   Counter-measures against at...

H04W 24/04   Arrangements for maintainin...

H04W 4/02   Services making use of loca...

H04W 64/003   locating network equipment

H04W 88/08   Access point devices

System and method for detection of a rouge wireless access point in a wireless communication network

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

91 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for detection of a rouge wireless access point in a wireless communication network

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

91 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links