Wireless access point detection
First Claim
1. A method of operating a reputation system for detecting a suspect wireless access point in a communication network including a plurality of wireless access points providing access services to client devices, the method, performed by the reputation system, comprising:
- collecting identity information associated with the wireless access points from a multiplicity of client devices;
maintaining the collected identity information as sets of identity information, each set of identity information associated with one of the wireless access points, wherein significant identity information in each set of identity information comprises portions of identity information in the set that can be used to identify the wireless access point associated with said set of identity information;
receiving identity information associated with a trusted wireless access point;
updating the set of identity information associated with the trusted wireless access point, by;
determining the indication of trust of the trusted wireless access point to be trusted if a portion of the received identity information differs from the corresponding portion of significant identity information of the trusted wireless access point and subsequent received identity information associated with the trusted wireless access point matches the received identity information for a first period of time such that the set of identity information is considered stable;
determining the indication of trust of the trusted wireless access point to be untrusted or unknown when subsequently received identity information associated with the trusted wireless access point is substantially different to the corresponding significant identity information for a second period of time such that the set of identity information is considered unstable; and
updating the set of identity information associated with the trusted wireless access point with the received identity information;
receiving a reputation request from a client device, the request including identity information of an available wireless access point;
comparing the received identity information of the reputation request with the-sets of identity information to determine an indication of trust of the available wireless access point; and
transmitting the indication of trust of the available wireless access point to the client device for use in determining whether to connect to the available wireless access point.
2 Assignments
0 Petitions
Accused Products
Abstract
According to aspects of the present invention there are provided methods and apparatus for detecting a suspect wireless access point in a communication network including a plurality of wireless access points providing access services to client devices. Identity information associated with the wireless access points is collected from a multiplicity of client devices. A reputation request is received from a client device, the request including identity information of an available wireless access point. The received identity information is compared with the collected identity information for determining an indication of trust of the available wireless access point. The indication of trust of the available wireless access point is transmitted to the client device. The wireless access points may include a cellular wireless access point or base station, wireless access point, a Wi-Fi access point, or a femto-cell access point.
-
Citations
35 Claims
-
1. A method of operating a reputation system for detecting a suspect wireless access point in a communication network including a plurality of wireless access points providing access services to client devices, the method, performed by the reputation system, comprising:
- collecting identity information associated with the wireless access points from a multiplicity of client devices;
maintaining the collected identity information as sets of identity information, each set of identity information associated with one of the wireless access points, wherein significant identity information in each set of identity information comprises portions of identity information in the set that can be used to identify the wireless access point associated with said set of identity information;
receiving identity information associated with a trusted wireless access point;
updating the set of identity information associated with the trusted wireless access point, by;
determining the indication of trust of the trusted wireless access point to be trusted if a portion of the received identity information differs from the corresponding portion of significant identity information of the trusted wireless access point and subsequent received identity information associated with the trusted wireless access point matches the received identity information for a first period of time such that the set of identity information is considered stable;
determining the indication of trust of the trusted wireless access point to be untrusted or unknown when subsequently received identity information associated with the trusted wireless access point is substantially different to the corresponding significant identity information for a second period of time such that the set of identity information is considered unstable; and
updating the set of identity information associated with the trusted wireless access point with the received identity information;
receiving a reputation request from a client device, the request including identity information of an available wireless access point;
comparing the received identity information of the reputation request with the-sets of identity information to determine an indication of trust of the available wireless access point; and
transmitting the indication of trust of the available wireless access point to the client device for use in determining whether to connect to the available wireless access point. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- collecting identity information associated with the wireless access points from a multiplicity of client devices;
-
21. A method for a client device to detect a suspect wireless access point in a communication network, the method comprising:
- detecting an available wireless access point for providing access services to the client device, wherein the available wireless access point has a reputation that is unknown to the client device;
transmitting a reputation request, the reputation request including identity information associated with the available wireless access point;
receiving, in response to the reputation request, from the reputation system an indication of trust associated with the available wireless access point the client device is connecting with, connecting with the available wireless access point when the indication of trust indicates the available wireless access point to be trusted; and
detecting another available wireless access point when the indication of trust indicates the available wireless access point as suspect or untrusted; and
wherein the reputation system is configured for maintaining a record of available wireless access points and indications of trust for the available wireless access points, updating the record based on transmitting reputation requests associated with the available wireless access points and on the received indications of trust of the available wireless access points; and
wherein the record comprises collected identity information as sets of identity information, each set of identity information associated with one of the wireless access points, wherein significant identity information in each set of identity information comprises portions of identity information in the set that can be used to identify the wireless access point associated with said set of identity information; and
wherein the indication of trust of available wireless access points are considered to be trusted if a portion of the received identity information differs from the corresponding portion of significant identity information of the trusted wireless access point and subsequent received identity information associated with the trusted wireless access point matches the received identity information for a first period of time such that the set of identity information is considered stable; and
wherein the indication of trust of available wireless access points are considered to be untrusted or unknown when subsequently received identity information associated with the trusted wireless access point is substantially different to the corresponding significant identity information for a second period of time such that the set of identity information is considered unstable. - View Dependent Claims (22, 23, 24, 25, 26, 27)
- detecting an available wireless access point for providing access services to the client device, wherein the available wireless access point has a reputation that is unknown to the client device;
-
28. A server for use in detecting a suspect wireless access point in a communication network including a plurality of wireless access points providing access services to client devices, the server comprising:
-
a receiver, a transmitter, a memory unit, and processing logic, the processing logic being connected to the receiver, to the transmitter, and to the memory unit wherein; the receiver and processing logic are configured for; collecting identity information associated with the wireless access points from a multiplicity of client devices; maintaining the collected identity information as sets of identity information, each set of identity information associated with one of the wireless access points, wherein significant identity information in each set of identity information comprises portions of identity information in the set that can be used to identify the wireless access point associated with said set of identity information; receiving identity information associated with a trusted wireless access point; updating the set of identity information associated with the trusted wireless access point, by; determining the indication of trust of the trusted wireless access point to be trusted if a portion of the received identity information differs from the corresponding portion of significant identity information of the trusted wireless access point and subsequent received identity information associated with the trusted wireless access point matches the received identity information for a first period of time such that the set of identity information is considered stable; determining the indication of trust of the trusted wireless access point to be untrusted or unknown when subsequently received identity information associated with the trusted wireless access point is substantially different to the corresponding significant identity information for a second period of time such that the set of identity information is considered unstable; and updating the set of identity information associated with the trusted wireless access point with the received identity information; the receiver is further configured to receive a reputation request from a client device, the request including identity information of an available wireless access point; the processing logic includes comparing logic for comparing the received identity information of the reputation request with the sets of identity information, and determining logic for determining an indication of trust of the available wireless access point based on the comparison; and the transmitter is configured to transmit the indication of trust of the available wireless access point to the client device for use in determining whether to connect to the available wireless access point. - View Dependent Claims (29, 30, 31, 32)
-
-
33. A client device for use in detecting a suspect wireless access point in a communication network including a plurality of wireless access points providing access services to client devices, the client device comprising:
- a receiver, a transmitter, a memory unit, and processing logic, the processing logic being connected to the receiver, to the transmitter, and to the memory unit wherein;
the receiver and processing logic are configured for detecting an available wireless access point providing access services to the client device;
the transmitter is configured to transmit to a reputation system a reputation request when the client device connects to the available wireless access point, the reputation request including identity information associated with the available wireless access point;
the receiver is further configured to receive from the reputation system, in response to the reputation request, an indication of trust associated with the available wireless access point the client device is connecting with;
the processor logic is configured to;
connect with the available wireless access point or maintain a connection with the available wireless access point when the indication of trust indicates the available wireless access point to be trusted; and
disconnect from the available wireless access point and/or detecting another available wireless access point when the indication of trust indicates the available wireless access point as suspect or untrusted; and
wherein the reputation system is configured for maintaining a record of available wireless access points and indications of trust for the available wireless access points, updating the record based on transmitting reputation requests associated with the available wireless access points and on the received indications of trust of the available wireless access points; and
wherein the record comprises collected identity information as sets of identity information, each set of identity information associated with one of the wireless access points, wherein significant identity information in each set of identity information comprises portions of identity information in the set that can be used to identify the wireless access point associated with said set of identity information; and
wherein the indication of trust of available wireless access points are considered to be trusted if a portion of the received identity information differs from the corresponding portion of significant identity information of the trusted wireless access point and subsequent received identity information associated with the trusted wireless access point matches the received identity information for a first period of time such that the set of identity information is considered stable; and
wherein the indication of trust of available wireless access points are considered to be untrusted or unknown when subsequently received identity information associated with the trusted wireless access point is substantially different to the corresponding significant identity information for a second period of time such that the set of identity information is considered unstable. - View Dependent Claims (34, 35)
- a receiver, a transmitter, a memory unit, and processing logic, the processing logic being connected to the receiver, to the transmitter, and to the memory unit wherein;
Specification