METHOD FOR DETECTING ROGUE DEVICES OPERATING IN WIRELESS AND WIRED COMPUTER NETWORK ENVIRONMENTS
First Claim
1. A method of identifying Media Access Control addresses of rogue devices operating in a hybrid network, the method comprising:
- identifying Basic Service Set Identifiers for devices operating on a wireless network;
creating a rogue discovery event for at least one of the Basic Service Set Identifiers of a device not authorized to operate in the hybrid network;
determining a root Basic Service Set Identifier from the rogue discovery event;
assigning the root Basic Service Set Identifier to a rogue device record;
searching the hybrid network for wired devices associated with the root Basic Service Set Identifier and determining corresponding Media Access Control addresses for the located wired devices; and
comparing the Media Access Control addresses with a plurality of octets of the root Basic Service Set Identifier in the rogue device record.
4 Assignments
0 Petitions
Accused Products
Abstract
A management of wireless and wired computer network environments in which rogue and other devices that may affect the performance and/or security of the wireless computer network can be detected. Specifically, the present invention discloses a method and system of detecting all interfaces, Media Access Control (MAC) addresses and radio MAC addresses (BSSIDs) affiliated with a rogue device and compiling this information into a database. As a result, the present invention reduces the number of alerts that one rogue device can generate and increases the accuracy and speed of locating the rogue device within a network.
-
Citations
20 Claims
-
1. A method of identifying Media Access Control addresses of rogue devices operating in a hybrid network, the method comprising:
-
identifying Basic Service Set Identifiers for devices operating on a wireless network; creating a rogue discovery event for at least one of the Basic Service Set Identifiers of a device not authorized to operate in the hybrid network; determining a root Basic Service Set Identifier from the rogue discovery event; assigning the root Basic Service Set Identifier to a rogue device record; searching the hybrid network for wired devices associated with the root Basic Service Set Identifier and determining corresponding Media Access Control addresses for the located wired devices; and comparing the Media Access Control addresses with a plurality of octets of the root Basic Service Set Identifier in the rogue device record. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A system for performing a computer-based method of identifying Media Access Control addresses of rogue devices operating in a hybrid network, comprising:
-
a computer having a memory and a processor; and a computer-readable medium configured to generate software code, which, when said code is loaded into the memory and run by the processor, causes the processor to perform the steps of; identifying Basic Service Set Identifiers for devices operating on a wireless network; creating a rogue discovery event for at least one of the Basic Service Set Identifiers of a device not authorized to operate in the hybrid network; determining a root Basic Service Set Identifier from the rogue discovery event; assigning the root Basic Service Set Identifier to a rogue device record; searching the hybrid network for wired devices associated with the root Basic Service Set Identifier and determining corresponding Media Access Control addresses for the located wired devices; and comparing the Media Access Control addresses with a plurality of octets of the root Basic Service Set Identifier in the rogue device record.
-
-
20. A system for performing a computer-based method of identifying Media Access Control addresses of rogue devices operating in a hybrid network, comprising:
-
a computer having a memory and a processor; and a computer-readable medium configured to generate software code, which, when said code is loaded into the memory and run by the processor, causes the processor to perform the steps of; identifying Basic Service Set Identifiers for devices operating on a wireless network; creating a rogue discovery event for at least one of the Basic Service Set Identifiers of a device not authorized to operate in the hybrid network; determining a root Basic Service Set Identifier from the rogue discovery event; assigning the root Basic Service Set Identifier to a rogue device record; assigning a score to the rogue discovery event based on security risk; searching the rogue discovery event to determine a virtual Basic Service Set Identifier; searching the hybrid network for wired devices associated with the root Basic Service Set Identifier and determining corresponding Media Access Control addresses for the located wired devices; comparing the Media Access Control addresses with a first five octet of the root Basic Service Set Identifier in the rogue device record; creating a rogue interface record for the virtual Basic Service Set Identifier, the root Basic Service Set Identifier and for Media Access Control addresses that correspond to the first five octets of the root Basic Service Set Identifier; searching the additional rogue interface records for the Media Access Control addresses having Internet Protocol addresses; and displaying a location of at least one rogue device.
-
Specification