METHOD AND DEVICE FOR DETECTING A SPOOFING ATTACK IN A WIRELESS COMMUNICATION NETWORK

US 20110131651A1
Filed: 12/01/2009
Published: 06/02/2011
Est. Priority Date: 12/01/2009
Status: Abandoned Application

First Claim

Patent Images

1. A method for determining at a primary access point in a wireless communication network whether an alternative access point is conducting a spoofing attack, the method comprising:

receiving at the primary access point a beacon signal transmitted from the alternative access point, wherein the beacon signal includes an alternative access point identification;

comparing at the primary access point the alternative access point identification with an actual identification of the primary access point; and

determining at the primary access point that the alternative access point is conducting a spoofing attack if the alternative access point identification matches the actual identification of the primary access point.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and device enables detecting a spoofing attack in a wireless communication network (100). The method includes receiving at the primary access point (105) a beacon signal transmitted from an alternative access point (115), where the beacon signal includes an alternative access point identification. The primary access point (105) then compares the alternative access point identification with an actual identification of the primary access point (105). It is then determined at the primary access point that the alternative access point (115) is conducting a spoofing attack if the alternative access point identification matches the actual identification of the primary access point (105).

Citations

19 Claims

1. A method for determining at a primary access point in a wireless communication network whether an alternative access point is conducting a spoofing attack, the method comprising:
- receiving at the primary access point a beacon signal transmitted from the alternative access point, wherein the beacon signal includes an alternative access point identification;
  
  comparing at the primary access point the alternative access point identification with an actual identification of the primary access point; and
  
  determining at the primary access point that the alternative access point is conducting a spoofing attack if the alternative access point identification matches the actual identification of the primary access point.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, further comprising activating an alarm after determining that the alternative access point is conducting a spoofing attack.
  - 3. The method of claim 1, wherein the primary access point receives the beacon signal while performing an on channel scan.
  - 4. The method of claim 1, wherein the primary access point receives the beacon signal while performing an off channel scan.
  - 5. The method of claim 1, wherein the primary access point receives the beacon signal while a channel scanning mode of the primary access point is disabled.
  - 6. The method of claim 1, wherein the alternative access point identification is a service set identifier (SSID).
  - 7. The method of claim 1, wherein the alternative access point identification is a basic service set identifier (BSSID).
  - 8. The method of claim 1, wherein the alternative access point is operating as an evil twin access point.
  - 9. The method of claim 1, wherein the wireless communication network is an Institute of Electrical and Electronics Engineers (IEEE) 802.11 network.

10. A primary access point, comprising:
- a processor; and
  
  a memory operatively coupled to the processor, wherein the memory comprises;
  
  computer readable program code components for receiving at the primary access point a beacon signal transmitted from an alternative access point, wherein the beacon signal includes an alternative access point identification;
  
  computer readable program code components for comparing at the primary access point the alternative access point identification with an actual identification of the primary access point; and
  
  computer readable program code components for determining at the primary access point that the alternative access point is conducting a spoofing attack if the alternative access point identification matches the actual identification of the primary access point.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The primary access point of claim 10, further comprising activating an alarm after determining that the alternative access point is conducting a spoofing attack.
  - 12. The primary access point of claim 10, wherein the primary access point receives the beacon signal while performing an on channel scan.
  - 13. The primary access point of claim 10, wherein the primary access point receives the beacon signal while performing an off channel scan.
  - 14. The primary access point of claim 10, wherein the primary access point receives the beacon signal while a channel scanning mode of the primary access point is disabled.
  - 15. The primary access point of claim 10, wherein the alternative access point identification is a service set identifier (SSID).
  - 16. The primary access point of claim 10, wherein the alternative access point identification is a basic service set identifier (BSSID).
  - 17. The primary access point of claim 10, wherein the alternative access point is operating as an evil twin access point.
  - 18. The primary access point of claim 10, wherein the wireless communication network is an Institute of Electrical and Electronics Engineers (IEEE) 802.11 network.

19. A primary access point, comprising:
- means for receiving at the primary access point a beacon signal transmitted from an alternative access point, wherein the beacon signal includes an alternative access point identification;
  
  means for comparing at the primary access point the alternative access point identification with an actual identification of the primary access point; and
  
  means for determining at the primary access point that the alternative access point is conducting a spoofing attack if the alternative access point identification matches the actual identification of the primary access point.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Symbol Technologies, Inc. (Zebra Technologies Corporation)
Original Assignee
Symbol Technologies, Inc. (Zebra Technologies Corporation)
Inventors
Choudhary, Pranav, Kumar, Vinodh, Shanmugavadivel, Senthilraj

Application Number

US12/628,305
Publication Number

US 20110131651A1
Time in Patent Office

Days
Field of Search
US Class Current

726/22
CPC Class Codes

H04W 12/122 Counter-measures against at...

METHOD AND DEVICE FOR DETECTING A SPOOFING ATTACK IN A WIRELESS COMMUNICATION NETWORK

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND DEVICE FOR DETECTING A SPOOFING ATTACK IN A WIRELESS COMMUNICATION NETWORK

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links