System and method for detection of a rouge wireless access point in a wireless communication network
First Claim
1. A device, comprising:
- a communications arrangement providing at least one mobile unit with access to a communication network, wherein the communication arrangement scans a plurality of radio frequency channels to detect a beacon transmitted by an unverified access point in the communications network, the beacon including identification information of the unverified access point; and
a processor verifying the identification information with a preexisting database, the verifying comprising comparing a portion of a MAC (medium access controller) address representing a manufacturer identification included in the beacon to manufacturer identification information stored in the preexisting database and comparing a SSID (service set identification) included in the beacon to SSID information stored in the preexisting database, the preexisting database including identification information of a plurality of access points authorized to access the communications network, wherein when the verification of the identification information fails, the processor identifies the unverified access point as an unauthorized access point and sets conditions for which the unauthorized access point is allowed to access the communication network.
10 Assignments
0 Petitions
Accused Products
Abstract
Described are a system and method for detecting an unauthorized access point accessing a communication network. An authorized access point and/or an authorized mobile unit detects a beacon generated by a transmitting access point. The beacon includes identification information of the transmitting access point. A computing arrangement verifies the identification information of the transmitting access point with a preexisting database of the communication network. The preexisting database includes data corresponding to identification information of a plurality of authorized access points. The computing arrangement initiates a tracking procedure to determine a location of the unauthorized access point where the verification of the transmitting access point identification information with the preexisting database fails.
-
Citations
20 Claims
-
1. A device, comprising:
-
a communications arrangement providing at least one mobile unit with access to a communication network, wherein the communication arrangement scans a plurality of radio frequency channels to detect a beacon transmitted by an unverified access point in the communications network, the beacon including identification information of the unverified access point; and a processor verifying the identification information with a preexisting database, the verifying comprising comparing a portion of a MAC (medium access controller) address representing a manufacturer identification included in the beacon to manufacturer identification information stored in the preexisting database and comparing a SSID (service set identification) included in the beacon to SSID information stored in the preexisting database, the preexisting database including identification information of a plurality of access points authorized to access the communications network, wherein when the verification of the identification information fails, the processor identifies the unverified access point as an unauthorized access point and sets conditions for which the unauthorized access point is allowed to access the communication network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system, comprising:
-
a communications arrangement providing at least one mobile unit with access to a communication network, wherein the communication arrangement communicates with a plurality of access points authorized to communicate on the communications network, wherein the communications arrangement scans a plurality of radio frequency channels to detect a beacon transmitted by an unverified access point in the communications network; a memory storing identification information of the unverified access point that was received in the beacon from the unverified access point, the memory further storing a preexisting database including identification information of the plurality of authorized access points, the preexisting database storing at least one of a manufacturer identification information and a SSID (service set identification) information; and a processor performing a verification procedure by comparing a portion of a MAC (medium access controller) address representing a manufacturer identification included in the detected beacon to the stored manufacturer information in the preexisting database and a SSID included in the detected beacon to the stored SSID information in the database, wherein when the verification fails, the processor identifies the unverified access point as an unauthorized access point and sets conditions for which the unauthorized access point is allowed to access the communications network. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A method, comprising:
-
scanning, by a computing arrangement, a plurality of radio frequency channels in a wireless communications network to detect a beacon from an unverified access point, the beacon including identification information of the access point, the computing arrangement providing at least one mobile unit with access to the communication network; transmitting the identification information to the computing arrangement for performing a verification procedure, the verification procedure including comparing a portion of a MAC (medium access controller) address representing a manufacturer identification included in the detected beacon to stored manufacturer information in a preexisting database and comparing a SSID (service set identification) included in the detected beacon to stored SSID information in the preexisting database, the preexisting database comprising identification information of a plurality of access points authorized to communicate on the communications network; and when the unverified access point fails the verification procedure, identifying the unverified access point as an unauthorized access point and generating an activity record of activities of the unauthorized access point. - View Dependent Claims (17, 18, 19)
-
-
20. An arrangement, comprising:
-
a communications means for providing at least one mobile unit with access to a communication network, wherein the communication arrangement detects a beacon transmitted by an unverified access point in the communications network, the beacon including corresponding identification information of the unverified access point; and a processing means for verifying the identification information with a preexisting database, the preexisting database including identification information for a plurality of access points authorized to access the communications network, wherein when the verification of the identification information fails, the unverified access point is an unauthorized access point, the processing means sets conditions for allowing the unauthorized access point to access the communications network, wherein the verifying comprises comparing a portion of a MAC (medium access controller) address representing a manufacturer identification included in the detected beacon to authorized manufacturer information in the preexisting database and comparing a SSID (service set identification) included in the detected beacon to authorized SSID information in the preexisting database.
-
Specification