Systems and methods for detecting potentially illegitimate wireless access points
First Claim
1. A computer-implemented method for detecting potentially illegitimate wireless access points, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
- determining a geographic location of a known wireless access point that provides access to a legitimate wireless network by identifying at least one additional wireless network within a range of the known wireless access point while the computing device is connected to the known wireless access point;
detecting an attempt by the computing device to automatically connect to a wireless access point that resembles the known wireless access point by determining that;
the computing device has transmitted a probe request frame to connect to the known wireless access point that contains an identifier of the known wireless access point; and
the computing device has received, from the wireless access point, a probe response frame in response to the probe request frame that alleges the known wireless access point is available;
determining a current geographic location of the computing device by identifying at least a portion of the wireless networks within a range of the wireless access point;
determining that the current geographic location of the computing device is beyond a certain distance from the geographic location of the known wireless access point by determining that the additional wireless network within the range of the known wireless access point is not within the range of the wireless access point; and
determining, based at least in part on the current geographic location of the computing device being beyond the certain distance from the geographic location of the known wireless access point, that the wireless access point is falsely alleging to be the known wireless access point, wherein the wireless access point falsely alleges to be the known wireless access point by;
extracting the identifier of the known wireless access point from within the probe request frame transmitted by the computing device; and
including the identifier of the known wireless access point within the probe response frame sent to the computing device.
6 Assignments
0 Petitions
Accused Products
Abstract
The disclosed computer-implemented method for detecting potentially illegitimate wireless access points may include (1) detecting an attempt by the computing device to automatically connect to a wireless access point that resembles a known wireless access point whose geographic location is stored by the computing device, (2) identifying a current geographic location of the computing device, (3) determining that the current geographic location of the computing device is beyond a certain distance from the geographic location of the known wireless access point, and then (4) determining, based at least in part on the determination that the current geographic location of the computing device is beyond the certain distance from the geographic location of the known wireless access point, that the wireless access point is potentially illegitimate. Various other methods, systems, and computer-readable media are also disclosed.
32 Citations
20 Claims
-
1. A computer-implemented method for detecting potentially illegitimate wireless access points, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
-
determining a geographic location of a known wireless access point that provides access to a legitimate wireless network by identifying at least one additional wireless network within a range of the known wireless access point while the computing device is connected to the known wireless access point; detecting an attempt by the computing device to automatically connect to a wireless access point that resembles the known wireless access point by determining that; the computing device has transmitted a probe request frame to connect to the known wireless access point that contains an identifier of the known wireless access point; and the computing device has received, from the wireless access point, a probe response frame in response to the probe request frame that alleges the known wireless access point is available; determining a current geographic location of the computing device by identifying at least a portion of the wireless networks within a range of the wireless access point; determining that the current geographic location of the computing device is beyond a certain distance from the geographic location of the known wireless access point by determining that the additional wireless network within the range of the known wireless access point is not within the range of the wireless access point; and determining, based at least in part on the current geographic location of the computing device being beyond the certain distance from the geographic location of the known wireless access point, that the wireless access point is falsely alleging to be the known wireless access point, wherein the wireless access point falsely alleges to be the known wireless access point by; extracting the identifier of the known wireless access point from within the probe request frame transmitted by the computing device; and including the identifier of the known wireless access point within the probe response frame sent to the computing device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system for detecting potentially illegitimate wireless access points, the system comprising:
-
a determination module, stored in memory, that determines a geographic location of a known wireless access point that provides access to a legitimate wireless network by identifying at least one additional wireless network within a range of the known wireless access point while a computing device is connected to the known wireless access point; a detection module, stored in memory, that detects an attempt by the computing device to automatically connect to a wireless access point that resembles the known wireless access point by determining that; the computing device has transmitted a probe request frame to connect to the known wireless access point that contains an identifier of the known wireless access point; and the computing device has received, from the wireless access point, a probe response frame in response to the probe request frame that alleges the known wireless access point is available; an identification module, stored in memory, that determines a current geographic location of the computing device by identifying at least a portion of the wireless networks within a range of the wireless access point; wherein the determination module; determines that the current geographic location of the computing device is beyond a certain distance from the geographic location of the known wireless access point by determining that the additional wireless network within the range of the known wireless access point is not within the range of the wireless access point; and determines, based at least in part on the current geographic location of the computing device being beyond the certain distance from the geographic location of the known wireless access point, that the wireless access point is falsely alleging to be the known wireless access point, wherein the wireless access point falsely alleges to be the known wireless access point by; extracting the identifier of the known wireless access point from within the probe request frame transmitted by the computing device; and including the identifier of the known wireless access point within the probe response frame sent to the computing device; and at least one processor that executes the detection module, the identification module, and the determination module. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
-
-
20. A non-transitory computer-readable medium comprising one or more computer-executable instructions that, when executed by at least one processor of a computing device, cause the computing device to:
-
determine a geographic location of a known wireless access point that provides access to a legitimate wireless network by identifying at least one additional wireless network within a range of the known wireless access point while the computing device is connected to the known wireless access point; detect an attempt by the computing device to automatically connect to a wireless access point that resembles the known wireless access point by determining that; the computing device has transmitted a probe request frame to connect to the known wireless access point that contains an identifier of the known wireless access point; and the computing device has received, from the wireless access point, a probe response frame in response to the probe request frame that alleges the known wireless access point is available; determine a current geographic location of the computing device by identifying at least a portion of the wireless networks within a range of the wireless access point; determine that the current geographic location of the computing device is beyond a certain distance from the geographic location of the known wireless access point by determining that the additional wireless network within the range of the known wireless access point is not within the range of the wireless access point; and determine, based at least in part on the current geographic location of the computing device being beyond the certain distance from the geographic location of the known wireless access point, that the wireless access point is falsely alleging to be the known wireless access point, wherein the wireless access point falsely alleges to be the known wireless access point by; extracting the identifier of the known wireless access point from within the probe request frame transmitted by the computing device; and including the identifier of the known wireless access point within the probe response frame sent to the computing device.
-
Specification