Method and system for classification of wireless devices in local area computer networks
First Claim
1. A wireless security method comprising:
- installing a security system within a selected geographic region, the security system comprising at least one sniffer device disposed within the selected geographic region, the selected geographic region comprising an authorized local area network;
detecting wireless transmissions within the selected geographic region using the at least one sniffer device;
determining identity of a radio interface present in the selected geographic region from the detected wireless transmissions, wherein information regarding coupling of the radio interface with an authorized communication device is not accessible to the security system;
identifying from the detected wireless transmissions a wireless connection between the radio interface and an authorized wireless access point, the authorized wireless access point being adapted to act as traffic transfer point between a wired portion and a wireless portion of the authorized local area network;
detecting the identity of the radio interface in traffic over the wired portion of the authorized local area network;
classifying the radio interface as being coupled with the authorized communication device based upon the identity of the radio interface being present both in the wireless transmissions and in the traffic over the wired portion;
providing for allowing the radio interface to communicate with the authorized wireless access point and for disallowing the radio interface from communicating with an external wireless access point, wherein the external wireless access point acts as traffic transfer point between a wired portion and a wireless portion of a neighborhood local area network, the neighborhood local area network being distinct from the authorized local area network.
8 Assignments
0 Petitions
Accused Products
Abstract
A method for classifying radio interfaces in a wireless network. The method includes transferring an unknown MAC address associated with a radio interface of a communication device through a wireless medium and detecting the unknown MAC address on the wireless medium using a first sniffer device. The method also includes transferring information through an access point coupled to a wired medium utilizing the radio interface of the wireless communication device. The information includes the unknown MAC address. The method further includes detecting the unknown MAC address on the wired medium using a second sniffer device and classifying the radio interface as an authorized radio interface based upon detecting the unknown MAC address on the wireless medium and detecting the unknown MAC address on the wired medium.
-
Citations
22 Claims
-
1. A wireless security method comprising:
-
installing a security system within a selected geographic region, the security system comprising at least one sniffer device disposed within the selected geographic region, the selected geographic region comprising an authorized local area network; detecting wireless transmissions within the selected geographic region using the at least one sniffer device; determining identity of a radio interface present in the selected geographic region from the detected wireless transmissions, wherein information regarding coupling of the radio interface with an authorized communication device is not accessible to the security system; identifying from the detected wireless transmissions a wireless connection between the radio interface and an authorized wireless access point, the authorized wireless access point being adapted to act as traffic transfer point between a wired portion and a wireless portion of the authorized local area network; detecting the identity of the radio interface in traffic over the wired portion of the authorized local area network; classifying the radio interface as being coupled with the authorized communication device based upon the identity of the radio interface being present both in the wireless transmissions and in the traffic over the wired portion; providing for allowing the radio interface to communicate with the authorized wireless access point and for disallowing the radio interface from communicating with an external wireless access point, wherein the external wireless access point acts as traffic transfer point between a wired portion and a wireless portion of a neighborhood local area network, the neighborhood local area network being distinct from the authorized local area network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A wireless security method comprising:
-
installing a security system within a selected geographic region, the security system comprising at least one sniffer device disposed within the selected geographic region, the selected geographic region comprising an authorized local area network; detecting wireless transmissions within the selected geographic region using the at least one sniffer device; determining identity of a radio interface present in the selected geographic region from the detected wireless transmissions; identifying from the detected wireless transmissions a wireless connection between the radio interface and an authorized wireless access point, the authorized wireless access point being adapted to act as traffic transfer point between a wired portion and a wireless portion of the authorized local area network; establishing that the identity of the radio interface in absent from traffic over the wired portion of the authorized local area network; classifying the radio interface as being not coupled with an authorized communication device based upon the identity of the radio interface being absent from the traffic over the wired portion; providing for disallowing the radio interface from communicating with the authorized wireless access point and for allowing the radio interface to communicate with an external wireless access point, wherein the external wireless access point acts as traffic transfer point between a wired portion and a wireless portion of a neighborhood local area network, the neighborhood local area network being distinct from the authorized local area network. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
-
21. A wireless security system comprising:
-
at least one first interface for monitoring radio transmissions; at least one second interface for monitoring traffic in a wired network; and at least one computer readable medium coupled to the first interface and the second interface, the computer readable medium storing instructions executable by at least one processor to perform steps of; detecting wireless transmissions using the first interface; determining identity of a client radio interface present in the detected wireless transmissions, wherein information regarding coupling of the client radio interface with an authorized communication device is not accessible to the at least one processor; identifying from the detected wireless transmissions a wireless connection between the client radio interface and an authorized wireless access point, the authorized wireless access point being adapted to act as traffic transfer point between a wired portion and a wireless portion of an authorized local area network; detecting the identity of the client radio interface in traffic over the wired portion of the authorized local area network using the second interface; classifying the client radio interface as being coupled with the authorized communication device based upon the identity of the client radio interface being present both in the wireless transmissions and in the traffic over the wired portion; and providing for allowing the client radio interface to communicate with the authorized wireless access point and for disallowing the radio interface from communicating with an external wireless access point, wherein the external wireless access point acts as traffic transfer point between a wired portion and a wireless portion of a neighborhood local area network, the neighborhood local area network being distinct from the authorized local area network.
-
-
22. A wireless security system comprising:
-
at least one first interface for monitoring radio transmissions; at least one second interface for monitoring traffic in a wired network; and at least one computer readable medium coupled to the first interface and the second interface, the computer readable medium storing instructions executable by at least one processor to perform steps of; detecting wireless transmissions using the first interface; determining identity of a client radio interface present in the detected wireless transmissions; identifying from the detected wireless transmissions a wireless connection between the client radio interface and an authorized wireless access point, the authorized wireless access point being adapted to act as traffic transfer point between a wired portion and a wireless portion of an authorized local area network; establishing using the second interface that the identity of the client radio interface is absent from traffic over the wired portion of the authorized local area network; classifying the client radio interface as not being coupled with an authorized communication device based upon the identity of the client radio interface being absent from the traffic over the wired portion; and providing for disallowing the client radio interface from communicating with the authorized wireless access point and for allowing the radio interface to communicate with an external wireless access point, wherein the external wireless access point acts as traffic transfer point between a wired portion and a wireless portion of a neighborhood local area network, the neighborhood local area network being distinct from the authorized local area network.
-
Specification