METHOD AND SYSTEM FOR PREVENTION OF UNAUTHORIZED COMMUNICATION OVER 802.11W AND RELATED WIRELESS PROTOCOLS

US 20090016529A1
Filed: 07/11/2007
Published: 01/15/2009
Est. Priority Date: 07/11/2007
Status: Abandoned Application

First Claim

Patent Images

1. A method for disrupting undesirable wireless communication in wireless network, the method comprising:

providing one or more sniffer devices to monitor wireless communications in a wireless network;

detecting a wireless connection established between an access point device and a client device using the one or more sniffer devices, the wireless connection being configured for not being disconnected upon receiving a spoofed disconnection request transmitted from a wireless device other than the access point device and the client device; and

disrupting the wireless connection established between the access point device and the client device by transmitting one or more spoofed connection requests from at least one of the one or more sniffer devices.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for disrupting undesirable wireless communication in wireless network is provided. The method includes providing one or more sniffer devices to monitor wireless communications in a wireless network and detecting a wireless connection established between an access point device and a client device using the one or more sniffer devices. Preferably, the wireless connection is configured for not being disconnected upon receiving a spoofed disconnection request transmitted from a wireless device other than the access point device and the client device. The method also includes disrupting the wireless connection established between the access point device and the client device by transmitting one or more spoofed connection requests from at least one of the one or more sniffer devices.

Citations

26 Claims

1. A method for disrupting undesirable wireless communication in wireless network, the method comprising:
- providing one or more sniffer devices to monitor wireless communications in a wireless network;
  
  detecting a wireless connection established between an access point device and a client device using the one or more sniffer devices, the wireless connection being configured for not being disconnected upon receiving a spoofed disconnection request transmitted from a wireless device other than the access point device and the client device; and
  
  disrupting the wireless connection established between the access point device and the client device by transmitting one or more spoofed connection requests from at least one of the one or more sniffer devices.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The method of claim 1 wherein the spoofed disconnection request transmitted by the wireless device other than the access point device and the client device comprises a deauthentication frame, the deauthentication frame being formatted in accordance with an IEEE 802.11 MAC protocol.
  - 3. The method of claim 2 wherein a source address in the deauthentication frame being a wireless MAC address of the access point device and a destination address in the deauthentication frame being a wireless MAC address of the client device or a broadcast wireless MAC address.
  - 4. The method of claim 3 wherein the wireless device other than the access point device and the client device spoofs the wireless MAC address of the access point device.
  - 5. The method of claim 2 wherein a source address in the deauthentication frame being a wireless MAC address of the client device and a destination address in the deauthentication frame being a wireless MAC address of the access point device.
  - 6. The method of claim 1 wherein the wireless connection being configured for being disconnected upon receiving a non-spoofed disconnection request at least one of the access point device or the client device.
  - 7. The method of claim 6 wherein the non-spoofed disconnection request received at the at least one of the access point device or the client device is validated using a secret key, the secret key being negotiated between the access point device and the client device.
  - 8. The method of claim 7 wherein the wireless device other than the access point device and the client device is without knowledge of the secret key negotiated between the access point device and the client device.
  - 9. The method of claim 1 wherein the wireless connection established between the access point device and the client device being provided in accordance with an IEEE 802.11w type protocol.
  - 10. The method of claim 1 wherein at least one of the one or more spoofed connection requests transmitted from the at least one of the one or more sniffer devices comprises an association request frame, the association request frame being formatted in accordance with an IEEE 802.11 MAC protocol.
  - 11. The method of claim 10 wherein a source address in the association request frame being a wireless MAC address of the client device and a destination address in the association request frame being a wireless MAC address of the access point device.
  - 12. The method of claim 1 wherein the disrupting the wireless connection comprises driving states associated with the wireless connection at the access point device and the client device, respectively, out of synchronization with each other.
  - 13. The method of claim 1 wherein a state of the wireless connection at the access point device and a state of the wireless connection at the client device being states of data exchange, respectively, prior to the disrupting of the wireless connection.
  - 14. The method of claim 13 wherein the states of the wireless connection at the access point device and the client device are each with knowledge of a shared secret key, the shared secret key being used to validate one or more disconnection requests received by at least one of the access point device or the client device.
  - 15. The method of claim 14 wherein the disrupting the wireless connection comprises driving the state of the wireless connection at the access point device to a state of authenticated and associated, and maintaining the state of the wireless connection at the client device at the state of data exchange.
  - 16. The method of claim 15 wherein the state of authenticated and associated is without knowledge of the shared secret key.
  - 17. The method of claim 16 wherein a disconnection request transmitted from the access point device in the state of authenticated and associated is without being validated with the shared secret key.
  - 18. The method of claim 17 wherein the disconnection request from the access point device that is without being validated with the shared secret key is disregarded by the client device.
  - 19. The method of claim 18 wherein a data frame transmitted by the client device is disregarded by the access point device.
  - 20. The method of claim 19 wherein the access point device and the client device are deadlocked.

21. A method for disrupting undesirable wireless communication in wireless network, the method comprising:
- providing one or more sniffer devices spatially disposed over a geographic region associated with the wireless network to monitor wireless communications in the wireless network;
  
  receiving information associated with an undesirable wireless link between an access point device and a client device at at least one of the one or more sniffer devices, the information including wireless MAC addresses of the access point device and the client device, respectively; and
  
  driving the undesirable wireless link between the access point device and the client device in a state of deadlock by transmitting one or more spoofed connection requests from at least one of the one or more sniffer devices while the undesirable wireless link is in a state of being connected, each of the one or more spoofed connection requests including the wireless MAC address of the client device as originator identity and the wireless MAC address of the access point device as destination identity.
- View Dependent Claims (22, 23, 24, 25)
- - 22. The method of claim 21 wherein the state of being connected is a state of data exchange at each of the access point device and the client device.
  - 23. The method of claim 21 wherein the state of deadlock is characterized by a state of the wireless link at the access point device being a state of authenticated and associated and a state of the wireless link at the client device being a state of data exchange.
  - 24. The method of claim 23 wherein the state of the wireless link at the access point device being waiting on the client device to initiate a higher layer authentication.
  - 25. The method of claim 23 wherein the state of the wireless link at the client device being passed the higher layer authentication.

26. An apparatus for disrupting undesirable wireless communication, the apparatus comprising:
- a memory module comprising one or more computer memory devices, the memory module storing;
  
  one or more first codes for receiving information associated with a wireless connection established between an access point device and a client device in a wireless network, the information including wireless MAC addresses of the access point device and the client device, respectively;
  
  one or more second codes for receiving instruction for disrupting the wireless connection established between the access point device and the client device; and
  
  one or more third codes for formatting one or more connection requests, each of the one or more connection requests including the wireless MAC address of the client device as originator identity and the wireless MAC address of the access point device as destination identity;
  
  a processor module comprising one or more micro processing devices, the processor module being for executing at least the first one or more codes, the second one or more codes, and the third one or more codes; and
  
  a transmitter module including one or more wireless communication transmitting interfaces for transmitting the one or more connection requests to disrupt the wireless connection established between the access point device and the client device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Airtight Networks Incorporated (Arista Networks, Inc.)
Original Assignee
Airtight Networks Incorporated (Arista Networks, Inc.)
Inventors
Gopinath, K. N., Ahmad, Md Sohail, Vartak, Amit, Jonnalagadda, Murthy

Application Number

US11/775,869
Publication Number

US 20090016529A1
Time in Patent Office

Days
Field of Search
US Class Current

380/270
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1466   Active attacks involving in...

H04W 12/069   using certificates or pre-s...

H04W 12/122   Counter-measures against at...

H04W 12/126   Anti-theft arrangements, e....

H04W 88/08   Access point devices

METHOD AND SYSTEM FOR PREVENTION OF UNAUTHORIZED COMMUNICATION OVER 802.11W AND RELATED WIRELESS PROTOCOLS

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND SYSTEM FOR PREVENTION OF UNAUTHORIZED COMMUNICATION OVER 802.11W AND RELATED WIRELESS PROTOCOLS

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links