Systems and methods for detecting potentially illegitimate wireless access points
First Claim
1. A computer-implemented method for detecting potentially illegitimate wireless access points, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
- detecting, at a current point in time, an attempt by the computing device to automatically connect to a target wireless access point that resembles a known wireless access point with which the computing device has established a previous connection at a previous point in time;
detecting at least one suspicious discrepancy between the target wireless access point and the known wireless access point by;
identifying a set of surrounding access points that were located within a certain range of the computing device when the computing device established the previous connection with the known wireless access point at the previous point in time;
identifying an at least partially different set of surrounding access points that are located within the certain range of the computing device at the current point in time;
determining a number of the surrounding access points from the at least partially different set that do not match any of the surrounding access points from the set;
determining that the number of non-matching surrounding access points exceeds a threshold number;
determining that the target wireless access point is potentially illegitimate based on the number of non-matching surrounding access points exceeding the threshold number.
6 Assignments
0 Petitions
Accused Products
Abstract
The disclosed computer-implemented method for detecting potentially illegitimate wireless access points may include (1) detecting, at a current point in time, an attempt by a computing device to automatically connect to a target wireless access point that resembles a known wireless access point with which the computing device has established a previous connection at a previous point in time, (2) detecting at least one suspicious discrepancy between the target wireless access point and the known wireless access point, and then (3) determining, based at least in part on the suspicious discrepancy, that the target wireless access point is potentially illegitimate. Various other methods, systems, and computer-readable media are also disclosed.
35 Citations
20 Claims
-
1. A computer-implemented method for detecting potentially illegitimate wireless access points, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
-
detecting, at a current point in time, an attempt by the computing device to automatically connect to a target wireless access point that resembles a known wireless access point with which the computing device has established a previous connection at a previous point in time; detecting at least one suspicious discrepancy between the target wireless access point and the known wireless access point by; identifying a set of surrounding access points that were located within a certain range of the computing device when the computing device established the previous connection with the known wireless access point at the previous point in time; identifying an at least partially different set of surrounding access points that are located within the certain range of the computing device at the current point in time; determining a number of the surrounding access points from the at least partially different set that do not match any of the surrounding access points from the set; determining that the number of non-matching surrounding access points exceeds a threshold number; determining that the target wireless access point is potentially illegitimate based on the number of non-matching surrounding access points exceeding the threshold number. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A system for detecting potentially illegitimate wireless access points, the system comprising:
-
a detection module, stored in memory, that; detects, at a current point in time, an attempt by a computing device to automatically connect to a target wireless access point that resembles a known wireless access point with which the computing device has established a previous connection at a previous point in time; detects at least one suspicious discrepancy between the target wireless access point and the known wireless access point by; identifying a set of surrounding access points that were located within a certain range of the computing device when the computing device established the previous connection with the known wireless access point at the previous point in time; identifying an at least partially different set of surrounding access points that are located within the certain range of the computing device at the current point in time; a determination module, stored in memory, that; determines a number of the surrounding access points from the at least partially different set that do not match any of the surrounding access points from the set; determines that the number of non-matching surrounding access points exceeds a threshold number; determines that the target wireless access point is potentially illegitimate based on the number of non-matching surrounding access points exceeding the threshold number; at least one physical processor that executes the detection module and the determination module. - View Dependent Claims (18, 19)
-
-
20. A non-transitory computer-readable medium comprising one or more computer-executable instructions that, when executed by at least one processor of a computing device, cause the computing device to:
-
detect, at a current point in time, an attempt by the computing device to automatically connect to a target wireless access point that resembles a known wireless access point with which the computing device has established a previous connection at a previous point in time; detect at least one suspicious discrepancy between the target wireless access point and the known wireless access point by; identifying a set of surrounding access points that were located within a certain range of the computing device when the computing device established the previous connection with the known wireless access point at the previous point in time; identifying an at least partially different set of surrounding access points that are located within the certain range of the computing device at the current point in time; determine a number of the surrounding access points from the at least partially different set that do not match any of the surrounding access points from the set; determine that the number of non-matching surrounding access points exceeds a threshold number; determine that the target wireless access point is potentially illegitimate based on the number of non-matching surrounding access points exceeding the threshold number.
-
Specification