Systems and methods for wireless intrusion detection using spectral analysis
First Claim
Patent Images
1. A method for using a plurality of wireless radios in a wireless network for spectral analysis, the method comprising the steps of:
- connecting to a plurality of wireless radios in wireless devices operable to perform as wireless communications devices within a wireless network operating as a WLAN;
setting a center frequency and bandwidth on the wireless radios, wherein the center frequency and bandwidth comprise a range of frequencies over which the wireless radios are operable to receive signals, and wherein the center frequency is located anywhere between 2.4-2.5 GHz and 4.9-5.9 GHz with frequency steps of less than 5 MHz;
receiving spectral power measurements from the wireless radios, the spectral power measurements being based upon signals received by the wireless radios based upon the set center frequency and bandwidth, and wherein the spectral power measurements comprising signal strength at the set center frequency and bandwidth; and
repeating the connecting, setting and receiving steps using the wireless radios such that a plurality of frequencies used by the wireless network are analyzed for spectral activity, wherein at least one of the plurality of frequencies are offset from WLAN channels such that the spectral power measurements provide measurements across a frequency band wider than a single WLAN channel.
9 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for using wireless radios for spectral analysis. Systems and methods include using wireless radios that are included in wireless devices communicating on the wireless network to perform a spectral scan of frequencies on a wireless network.
-
Citations
25 Claims
-
1. A method for using a plurality of wireless radios in a wireless network for spectral analysis, the method comprising the steps of:
-
connecting to a plurality of wireless radios in wireless devices operable to perform as wireless communications devices within a wireless network operating as a WLAN; setting a center frequency and bandwidth on the wireless radios, wherein the center frequency and bandwidth comprise a range of frequencies over which the wireless radios are operable to receive signals, and wherein the center frequency is located anywhere between 2.4-2.5 GHz and 4.9-5.9 GHz with frequency steps of less than 5 MHz; receiving spectral power measurements from the wireless radios, the spectral power measurements being based upon signals received by the wireless radios based upon the set center frequency and bandwidth, and wherein the spectral power measurements comprising signal strength at the set center frequency and bandwidth; and repeating the connecting, setting and receiving steps using the wireless radios such that a plurality of frequencies used by the wireless network are analyzed for spectral activity, wherein at least one of the plurality of frequencies are offset from WLAN channels such that the spectral power measurements provide measurements across a frequency band wider than a single WLAN channel. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method for identifying interference in a wireless network based on spectral analysis, the method comprising the steps of:
-
scanning with existing WLAN equipment a plurality of channels associated with the wireless network to measure the spectral power of the signals transmitting on the channels, wherein the existing WLAN equipment provides functionality of spectrum analyzers without requiring separate spectrum analyzers or equipment other than the existing WLAN equipment, and wherein the existing WLAN equipment is configured to not decode WLAN packets while scanning; receiving the measured spectral power associated with various center frequencies from a plurality of wireless radios, wherein the various center frequencies are located anywhere between 2.4-2.5 GHz and 4.9-5.9 GHz with frequency steps of less than 5 MHz; repeating the scanning and receiving steps until either a predetermined time has elapsed, or substantially all channels have been measured; and constructing a spectrogram, wherein the spectrogram comprises a frequency and time plot of the measured spectral power for each channel. - View Dependent Claims (15, 16, 17)
-
-
18. A wireless intrusion prevention system comprising a plurality of wireless radios and at least one of a server, computer, and Internet appliance is configured to scan a plurality of channels of a wireless network for spectral power measurements on a plurality of channels, wherein the wireless radios comprise wireless devices operable to communicate on the wireless network, the scan being responsive to at least one of a wireless attack, performance degradation, and an unauthorized device accessing the wireless network, wherein the wireless intrusion prevention system uses existing WLAN infrastructure as spectrum analyzers to scan for spectral power measurements without requiring separate stand-alone spectrum analyzers, wherein the wireless intrusion prevention system is configured to utilize WLAN compliant radios to scan the plurality of channels over a frequency band in excess of any one WLAN channel, and updating of channel monitoring patterns based upon past history and current usage based on the spectral power measurement.
-
19. A method for using spectral analysis to determine which channels to monitor for detecting attacks and unauthorized activity on a wireless network, the method comprising the steps of:
-
scanning with existing WLAN equipment a plurality of channels associated with a wireless network to measure the spectral power of the signals transmitting on the channels, wherein the existing WLAN equipment does not include separate stand-alone spectrum analyzers; identifying which of the channels are in use based upon the spectral power measurements associated with the channels, wherein the channels in use comprise channels with high signal spectral power measurements; and updating channel monitoring patterns for detecting attacks and unauthorized activity on the wireless network based upon the identification of channel usage, wherein the channel monitoring patterns comprise dwell time per channel and a sequence of channel monitoring, and wherein the updating of the channel monitoring patterns is based upon past history and current usage based on the spectral power measurements. - View Dependent Claims (20, 21, 22, 23, 24, 25)
-
Specification