Methods and Systems For Wired Equivalent Privacy and Wi-Fi Protected Access Protection

US 20080052779A1
Filed: 08/11/2006
Published: 02/28/2008
Est. Priority Date: 08/11/2006
Status: Active Grant

First Claim

Patent Images

1. A method of disrupting attempts to break encryption or authentication associated with a wireless network, the method comprising the steps of:

receiving a condition while monitoring the wireless network; and

transmitting random wired equivalent privacy encrypted frames on the wireless network responsive to the condition in the monitoring step, the random wired equivalent privacy encrypted frames are operable to confuse unauthorized devices attempting to capture wired equivalent privacy encrypted frames to break the wired equivalent privacy key.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems for disrupting potential attacks on a wireless network through transmission of random data.

Citations

28 Claims

1. A method of disrupting attempts to break encryption or authentication associated with a wireless network, the method comprising the steps of:
- receiving a condition while monitoring the wireless network; and
  
  transmitting random wired equivalent privacy encrypted frames on the wireless network responsive to the condition in the monitoring step, the random wired equivalent privacy encrypted frames are operable to confuse unauthorized devices attempting to capture wired equivalent privacy encrypted frames to break the wired equivalent privacy key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the condition comprises any of a periodic interval, an intrusion alarm, a manual request, and an automatic request based on policy.
  - 3. The method of claim 1, wherein the random wired equivalent privacy encrypted frames comprise simulated data and a random initialization vector, the random initialization vector is operable to increase the effort to break the wired equivalent privacy keys.
  - 4. The method of claim 1, wherein the monitoring step is performed by a plurality of distributed monitoring devices, the plurality of monitoring devices are connected to one or more servers.
  - 5. The method of claim 4, wherein the servers are operable to receive and correlate data, events, and statistics from the distributed monitoring devices and to direct the distributed monitoring devices to perform the transmitting step responsive to any of a periodic interval, an intrusion alarm, a manual request, and an automatic request based on policy
  - 6. The method of claim 5, wherein the plurality of distributed monitoring devices comprise any of wireless sensors, wireless access points, wireless client devices configured with a software agent, and combinations thereof.
  - 7. The method of claim 1, wherein the monitoring step and the transmitting step are performed by a stand-alone wireless radio.
  - 8. The method of claim 1, wherein the monitoring step and the transmitting step are performed simultaneously on a plurality of wireless channels.
  - 9. The method of claim 1, wherein the condition is an injection attack.

10. A method of thwarting an attack against authentication on a Wi-Fi protected access wireless network, the method comprising the steps of:
- monitoring the wireless network; and
  
  transmitting random challenge-response frames on the wireless network responsive to a condition in the monitoring step, the random challenge-response frames are operable to thwart attacks against authentication by forcing a rotation of the keys thereby preventing sniffing attacks by a rogue device.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The method of claim 10, wherein the condition comprises any of a periodic interval, an intrusion alarm, a manual request, and an automatic request based on policy.
  - 12. The method of claim 10, wherein the monitoring step is performed by a plurality of distributed monitoring devices, the plurality of monitoring devices are connected to one or more servers.
  - 13. The method of claim 12, wherein the servers are operable to receive and correlate data, events, and statistics from the distributed monitoring devices and to direct the distributed monitoring devices to perform the transmitting step responsive to any of a periodic interval, an intrusion alarm, a manual request, and an automatic request based on policy
  - 14. The method of claim 13, wherein the plurality of distributed monitoring devices comprise any of wireless sensors, wireless access points, wireless client devices configured with a software agent, and combinations thereof.
  - 15. The method of claim 10, wherein the monitoring step and the transmitting step is performed by a stand-alone wireless radio.

16. A method of using one or more wireless sensors as active transmitting devices to disrupt a reconnaissance attack, the method comprising the steps of:
- monitoring the wireless network to collect wireless traffic data, using any of wireless sensors, wireless access points, wireless client devices configured with a software agent, and combinations thereof;
  
  detecting active reconnaissance probe requests based upon collected wireless traffic data; and
  
  transmitting random probe requests in response to detection of active reconnaissance probe requests, the random probe requests are operable to thwart a rogue device from performing the reconnaissance attack.
- View Dependent Claims (17)
- - 17. The method of claim 16, wherein the wireless sensors, wireless access points, and wireless client devices configured with a software agent are connected to one or more servers;
    - andthe one or more servers are operable to receive and correlate data, events, and statistics from the wireless sensors, wireless access points, and wireless client devices configured with a software agent and to direct one or more wireless sensors to perform the transmitting step.

18. A method of using one or more wireless sensors to disrupt denial-of-service, insertion, and masquerade attacks on a wireless network, the method comprising the steps of:
- monitoring the wireless network, the monitoring is performed by any of wireless sensors, wireless access points, wireless client devices configured with a software agent, and combinations thereof; and
  
  transmitting random probe requests in response to an unauthorized frame transmission, the random probe request is operable to create errors in the unauthorized frame transmission such that a device discards the unauthorized frame transmission.
- View Dependent Claims (19, 20, 21)
- - 19. The method of claim 18, wherein the unauthorized frame transmission comprises any of an unauthorized dissociation frame and a spoofed broadcast or multicast frame.
  - 20. The method of claim 18, wherein chaff frames are injected upon detection by the one or more wireless sensors of wired traffic leaking onto the wireless network, a wireless sensor of the one or more wireless sensor is configured to transmit the chaff frame.
  - 21. The method of claim 18, wherein the wireless sensors, wireless access points, and wireless client devices configured with a software agent are connected to one or more servers;
    - andthe one or more servers are operable to receive and correlate data, events, and statistics from the wireless sensors, wireless access points, and wireless client devices configured with a software agent and to direct one or more wireless sensors to perform the transmitting step.

22. A method to disrupt a packet on a wireless network, the method comprising:
- monitoring one or more bits of a wireless frame, the one or more bits comprise the source address, the destination address, and the frame type;
  
  determining if the wireless frame is unauthorized or an attack frame; and
  
  if the wireless frame is unauthorized or an attack frame, injecting noise in the frame body of the wireless frame such that a recipient of the wireless frame discards the wireless frame.
- View Dependent Claims (23)
- - 23. The method of claim 22, wherein the monitoring step is done with one or more sensors, the one or more sensors are connected to a server configured to determine unauthorized and attack frames.

24. A method of disrupting attempts to break encryption or authentication associated with a wireless network, the method comprising the steps of:
- receiving a protection request from a monitoring device, the protection request comprising an instruction to protect a wireless network from any of a plurality of wireless attacks;
  
  transmitting random protection frames on the wireless network based upon the protection request, the random protection frames being operable to confuse unauthorized devices attempting to collect information from the wireless network.
- View Dependent Claims (25, 26, 27, 28)
- - 25. The method of claim 24, further comprising determining which of a plurality of types of random protection frames to transmit based upon the protection request.
  - 26. The method of claim 24, further comprising signaling the protection request based upon a periodic schedule.
  - 27. The method of claim 24, further comprising:
    - detecting an unauthorized device attempting to attack the wireless network; and
      
      signaling the protection request based on detecting an unauthorized device attempting to attack the wireless network.
  - 28. The method of claim 24, further comprisingreceiving an intrusion alert from any of a plurality of wireless monitoring devices;
    - andsignaling the protection request based upon the intrusion alert.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Extreme Networks, Inc.
Original Assignee
AirDefense Incorporated (Motorola Solutions, Inc.)
Inventors
Sinha, Amit, Darrow, Nicholas John

Granted Patent

US 8,281,392 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/22
CPC Class Codes

H04L 2209/80   Wireless

H04L 63/1441   Countermeasures against mal...

H04L 9/002   Countermeasures against att...

H04W 12/122   Counter-measures against at...

H04W 12/126   Anti-theft arrangements, e....

H04W 88/02   Terminal devices

Methods and Systems For Wired Equivalent Privacy and Wi-Fi Protected Access Protection

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and Systems For Wired Equivalent Privacy and Wi-Fi Protected Access Protection

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links