Rogue AP detection

US 9,178,896 B2
Filed: 05/09/2013
Issued: 11/03/2015
Est. Priority Date: 05/09/2013
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

initiating, at one or more processors of a wireless controller, a rogue access point detection process for a wireless network;

transmitting, from the one or more processors, a signature frame to a mobility agent in a wireless switch;

constructing the signature frame, by the mobility agent in the wireless switch, to include a switch identifier, a port identifier and a VLAN identifier in the signature frame;

transmitting, by the mobility agent in the wireless switch, the signature frame, to one or more access points in the wireless network;

receiving, at an authorized access point, the signature frame transmitted via a wireless signal from a rogue access point;

reporting reception of the signature frame to the wireless controller; and

generating, at the one or more processors, a signal to shut down a port associated with the rogue access point.

View all claims

14 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, systems and computer readable media for rogue access point detection are disclosed. In some implementations, the method can include initiating, at one or more processors of a wireless controller, a rogue access point detection process for a wireless network, and transmitting, from the one or more processors, a signature frame to a mobility agent in a wireless switch. The method can also include receiving, at an authorized access point, the signature frame transmitted via a wireless signal from a rogue access point. The method can further include reporting reception of the signature frame to the wireless controller, and generating, at the one or more processors, a signal to shut down a port associated with the rogue access point.

11 Citations

View as Search Results

20 Claims

1. A method comprising:
- initiating, at one or more processors of a wireless controller, a rogue access point detection process for a wireless network;
  
  transmitting, from the one or more processors, a signature frame to a mobility agent in a wireless switch;
  
  constructing the signature frame, by the mobility agent in the wireless switch, to include a switch identifier, a port identifier and a VLAN identifier in the signature frame;
  
  transmitting, by the mobility agent in the wireless switch, the signature frame, to one or more access points in the wireless network;
  
  receiving, at an authorized access point, the signature frame transmitted via a wireless signal from a rogue access point;
  
  reporting reception of the signature frame to the wireless controller; and
  
  generating, at the one or more processors, a signal to shut down a port associated with the rogue access point.
- View Dependent Claims (2, 3, 4, 17, 18)
- - 2. The method of claim 1, wherein the wireless network includes a split-plane architecture.
  - 3. The method of claim 1, wherein the wireless controller communicates with the wireless switch via mobility control protocol.
  - 4. The method of claim 1, wherein a wireless intrusion detection component of the wireless controller is adapted to gather information regarding connected devices on different physical ports of the wireless switch.
  - 17. The method of claim 1, further comprising:
    - receiving at the authorized access point the signature frame transmitted by the mobility identifier in the wireless switch; and
      
      preventing transmission of the signature frame from a wireless interface of the authorized access point.
  - 18. The method of claim 17, wherein preventing transmission of the signature frame comprises recognizing the signature frame based on a pattern of data in the signature frame.

5. A system comprising one or more processors configured to perform operations including:
- initiating, at a wireless controller, a rogue access point detection process for a network;
  
  transmitting a signature frame to a mobility agent in a wireless switch via a wired portion of the network;
  
  constructing the signature frame, by the mobility agent in the wireless switch, to include a switch identifier, a port identifier and a VLAN identifier in the signature frame;
  
  transmitting, by the mobility agent in the wireless switch, the signature frame, to one or more access points in the wireless network;
  
  receiving, at an authorized access point, the signature frame transmitted via a wireless signal from a rogue access point;
  
  reporting reception of the signature frame to the wireless controller; and
  
  generating a signal to shut down a port associated with the rogue access point.
- View Dependent Claims (6, 7, 8, 9, 10, 19, 20)
- - 6. The system of claim 5, wherein the wireless network includes a split-plane architecture.
  - 7. The system of claim 5, wherein the wireless controller communicates with the wireless switch via mobility control protocol.
  - 8. The system of claim 5, wherein a wireless intrusion detection component of the wireless controller is adapted to gather information regarding connected devices on different physical ports of the wireless switch.
  - 9. The system of claim 5, wherein the transmitting and receiving is coordinated between the access point and the wireless switch in a top-down configuration in which the wireless controller directs the wireless switch and the access point to inject the signature frame and monitor for reception of the signature frame.
  - 10. The system of claim 5, wherein the transmitting and receiving is coordinated between the access point and the wireless switch in a peer-to-peer approach in which the wireless controller directs the wireless switch and the access point to exchange control messages directly between each other.
  - 19. The system of claim 5, wherein the one or more processors are further configured to perform operations including:
    - receiving at the authorized access point the signature frame transmitted by the mobility identifier in the wireless switch; and
      
      preventing transmission of the signature frame from a wireless interface of the authorized access point.
  - 20. The system of claim 19, wherein the one or more processors are configured to prevent transmission of the signature frame from the wireless interface of the authorized access point by recognizing the signature frame based on a pattern of data in the signature frame.

11. A nontransitory computer readable medium having stored thereon software instructions that, when executed by a processor of a wireless controller, cause the processor to perform operations including:
- initiating a rogue access point detection process for a network;
  
  transmitting a signature frame to a mobility agent in a wireless switch via a wired portion of the network;
  
  constructing the signature frame, by the mobility agent in the wireless switch, to include a switch identifier, a port identifier and a VLAN identifier in the signature frame;
  
  transmitting, by the mobility agent in the wireless switch, the signature frame, to one or more access points in the wireless network;
  
  receiving, at an authorized access point, the signature frame transmitted via a wireless signal from a rogue access point;
  
  reporting reception of the signature frame to the wireless controller; and
  
  generating a signal to shut down a port associated with the rogue access point.
- View Dependent Claims (12, 13, 14, 15, 16)
- - 12. The nontransitory computer readable medium of claim 11, wherein the wireless network includes a split-plane architecture.
  - 13. The nontransitory computer readable medium of claim 11, wherein the wireless controller communicates with the wireless switch via mobility control protocol.
  - 14. The nontransitory computer readable medium of claim 11, wherein a wireless intrusion detection component of the wireless controller is adapted to gather information regarding connected devices on different physical ports of the wireless switch.
  - 15. The nontransitory computer readable medium of claim 11, wherein the transmitting and receiving is coordinated between the access point and the wireless switch in a top-down configuration in which the wireless controller directs the wireless switch and the access point to inject the signature frame and monitor for reception of the signature frame.
  - 16. The nontransitory computer readable medium of claim 11, wherein the transmitting and receiving is coordinated between the access point and the wireless switch in a peer-to-peer approach in which the wireless controller directs the wireless switch and the access point to exchange control messages directly between each other.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Avaya Incorporated
Original Assignee
Avaya Incorporated
Inventors
Atreya, Vivek L, Ankaiah, Shashi Hosakere, Choudhary, Seemant, Tsai, Ruth
Primary Examiner(s)
Orgad, Edan
Assistant Examiner(s)
Ko, Sithu

Application Number

US13/891,184
Publication Number

US 20140334317A1
Time in Patent Office

908 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

H04L 63/14   for detecting or protecting...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1441   Countermeasures against mal...

H04W 12/122   Counter-measures against at...

H04W 48/18   Selecting a network or a co...

H04W 84/12   WLAN [Wireless Local Area N...

H04W 88/08   Access point devices

Rogue AP detection

First Claim

14 Assignments

0 Petitions

Accused Products

Abstract

11 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Rogue AP detection

First Claim

14 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

11 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links