-
1.发明申请DETECTION OF ROGUE WIRELESS DEVICES FROM DYNAMIC HOST CONTROL PROTOCOL REQUESTS 审中-公开从动态主机控制协议请求中检测无线设备公开(公告)号:US20110271345A1
公开(公告)日:2011-11-03
申请号:US13179338
申请日:2011-07-08
申请人: Alastair Wolman , Brian D. Zill , Jitendra D. Padhye , Ranveer Chandra , Paramvir Bahl , Manpreet Singh , Lenin Ravindranath Sivalingam
发明人: Alastair Wolman , Brian D. Zill , Jitendra D. Padhye , Ranveer Chandra , Paramvir Bahl , Manpreet Singh , Lenin Ravindranath Sivalingam
IPC分类号: G06F21/00
CPC分类号: H04W12/12 , H04L63/1408 , H04W88/08
摘要: A method to determine if a rogue device is connected to a specific wired network from dynamic host control protocol (DHCP) requests on the wired network. These DHCP requests are analyzed to determine the type of device issuing the request. Once the type of device has been determined, it can be checked against a list of authorized device types. If the device issuing the DHCP request is not an authorized device type, then it can be determined that the suspect device is a rogue that is connected to the specific wired network. Additionally, even if the system of the present invention determines that it is an authorized device type, if the device is not one of the few authorized devices of this type, e.g. because its MAC address is not recognized as that of one of the authorized devices, the system can flag the suspect as a rogue.
摘要翻译: 一种确定流氓设备是否从有线网络上的动态主机控制协议(DHCP)请求连接到特定有线网络的方法。 分析这些DHCP请求以确定发出请求的设备的类型。 一旦确定了设备类型,就可以根据授权的设备类型列表进行检查。 如果发出DHCP请求的设备不是授权设备类型,则可以确定可疑设备是连接到特定有线网络的流氓。 另外,即使本发明的系统确定它是授权设备类型,如果该设备不是这种类型的少数授权设备之一,例如, 由于其MAC地址不被识别为其中一个授权设备的MAC地址,系统可以将嫌疑犯标记为流氓。
-
公开(公告)号:US08000698B2
公开(公告)日:2011-08-16
申请号:US11586137
申请日:2006-10-25
申请人: Alastair Wolman , Brian D. Zill , Jitendra D. Padhye , Ranveer Chandra , Paramvir Bahl , Manpreet Singh , Lenin Ravindranath Sivalingam
发明人: Alastair Wolman , Brian D. Zill , Jitendra D. Padhye , Ranveer Chandra , Paramvir Bahl , Manpreet Singh , Lenin Ravindranath Sivalingam
CPC分类号: H04W12/12 , H04L63/1408 , H04W88/08
摘要: A method of detecting rogue devices that are coupled to a wired network without generating false negative or false positive alerts is provided. When a wireless monitor detects an observed SSID and/or BSSID, various tests are run to determine whether the observed device is actually coupled to the wired network. To guard against the suspect device spoofing an authorized SSID and/or BSSID, location information is gathered so that the network administrator can pinpoint the location of the rogue device. If the device is not recognized, various other tests are run to determine whether the unrecognized device is actually connected to the wired network. These tests include an association test, a MAC address test, an ARP test, a packet replay test, a correlation test, and/or a DHCP fingerprint test. Once it is determined that the suspect device is a rogue connected to the wired network, an appropriate alert is generated.
摘要翻译: 提供了一种检测耦合到有线网络的恶意设备而不产生假否定或非正警告的方法。 当无线监视器检测到观察到的SSID和/或BSSID时,将进行各种测试以确定观察设备是否实际耦合到有线网络。 为了防范怀疑设备欺骗授权的SSID和/或BSSID,收集位置信息,以便网络管理员可以精确定位流氓设备的位置。 如果设备未识别,则会运行各种其他测试,以确定无法识别的设备是否实际连接到有线网络。 这些测试包括关联测试,MAC地址测试,ARP测试,分组重放测试,相关测试和/或DHCP指纹测试。 一旦确定可疑设备是连接到有线网络的流氓,就产生适当的警报。
-
公开(公告)号:US20070298720A1
公开(公告)日:2007-12-27
申请号:US11586137
申请日:2006-10-25
申请人: Alastair Wolman , Brian D. Zill , Jitendra D. Padhye , Raveer Chandra , Paramvir Bahl , Manpreet Singh , Lenin Ravindranath Sivalingam
发明人: Alastair Wolman , Brian D. Zill , Jitendra D. Padhye , Raveer Chandra , Paramvir Bahl , Manpreet Singh , Lenin Ravindranath Sivalingam
IPC分类号: H04B7/00
CPC分类号: H04W12/12 , H04L63/1408 , H04W88/08
摘要: A method of detecting rogue devices that are coupled to a wired network without generating false negative or false positive alerts is provided. When a wireless monitor detects an observed SSID and/or BSSID, various tests are run to determine whether the observed device is actually coupled to the wired network. To guard against the suspect device spoofing an authorized SSID and/or BSSID, location information is gathered so that the network administrator can pinpoint the location of the rogue device. If the device is not recognized, various other tests are run to determine whether the unrecognized device is actually connected to the wired network. These tests include an association test, a MAC address test, an ARP test, a packet replay test, a correlation test, and/or a DHCP fingerprint test. Once it is determined that the suspect device is a rogue connected to the wired network, an appropriate alert is generated.
摘要翻译: 提供了一种检测耦合到有线网络的恶意设备而不产生假否定或非正警告的方法。 当无线监视器检测到观察到的SSID和/或BSSID时,将进行各种测试以确定观察设备是否实际耦合到有线网络。 为了防范怀疑设备欺骗授权的SSID和/或BSSID,收集位置信息,以便网络管理员可以精确定位流氓设备的位置。 如果设备未识别,则会运行各种其他测试,以确定无法识别的设备是否实际连接到有线网络。 这些测试包括关联测试,MAC地址测试,ARP测试,分组重放测试,相关测试和/或DHCP指纹测试。 一旦确定可疑设备是连接到有线网络的流氓,就产生适当的警报。
-
公开(公告)号:US07668513B2
公开(公告)日:2010-02-23
申请号:US11474652
申请日:2006-06-26
IPC分类号: H04B17/00
CPC分类号: H04L43/12 , H04L41/0213
摘要: A framework for wireless network management applications in an enterprise environment using existing general purpose computing devices is presented. At least one of the devices is configured with a wireless adapter and is used as an AirMonitor to monitor one or more wireless networks. Other devices are configured as LandMonitors to monitor traffic on a wired network in the enterprise environment. At least one inference engine uses the LandMonitors and AirMonitors by assigning them monitoring tasks. Data from the monitoring tasks are stored in a database. Analysis of the data that is computationally intensive is generally performed by the inference engines. Wireless network management applications use the framework by installing and running application-specific components (e.g., filters) on the AirMonitors, LandMonitors, and/or inference engines.
摘要翻译: 介绍了使用现有通用计算设备的企业环境中无线网络管理应用的框架。 至少一个设备配置有无线适配器,并用作AirMonitor来监视一个或多个无线网络。 其他设备被配置为LandMonitor以监视企业环境中有线网络上的流量。 至少一个推理机通过分配监控任务来使用LandMonitor和AirMonitor。 来自监控任务的数据存储在数据库中。 计算密集的数据的分析通常由推理引擎执行。 无线网络管理应用程序通过在AirMonitor,LandMonitor和/或推理引擎上安装和运行特定于应用程序的组件(例如,过滤器)来使用该框架。
-
公开(公告)号:US20080201109A1
公开(公告)日:2008-08-21
申请号:US11680575
申请日:2007-02-28
IPC分类号: G06F11/30
CPC分类号: H04W24/08 , H04L41/5009 , H04L43/0829 , H04L43/0894
摘要: Wireless adapters are installed on one or more general purpose computing devices and are connected via a wireless network in an enterprise environment. The adapters are densely deployed at known locations throughout the environment and are configured as air monitors. The air monitors monitor wireless signals transmitted between transceiver devices and access points and records information about these signals. One or more analysis or inference engines may be deployed to analyze the signals received from the air monitors to obtain optimum performance and connectivity information about the wireless network.
摘要翻译: 无线适配器安装在一个或多个通用计算设备上,并通过企业环境中的无线网络连接。 适配器密集地部署在整个环境中的已知位置,并配置为空气监视器。 空中监视器监视在收发器设备和接入点之间传输的无线信号,并记录关于这些信号的信息。 可以部署一个或多个分析或推理引擎来分析从空中监视器接收的信号,以获得关于无线网络的最佳性能和连接信息。
-
公开(公告)号:US20070298779A1
公开(公告)日:2007-12-27
申请号:US11474652
申请日:2006-06-26
CPC分类号: H04L43/12 , H04L41/0213
摘要: A framework for wireless network management applications in an enterprise environment using existing general purpose computing devices is presented. At least one of the devices is configured with a wireless adapter and is used as an AirMonitor to monitor one or more wireless networks. Other devices are configured as LandMonitors to monitor traffic on a wired network in the enterprise environment. At least one inference engine uses the LandMonitors and AirMonitors by assigning them monitoring tasks. Data from the monitoring tasks are stored in a database. Analysis of the data that is computationally intensive is generally performed by the inference engines. Wireless network management applications use the framework by installing and running application-specific components (e.g., filters) on the AirMonitors, LandMonitors, and/or inference engines.
摘要翻译: 介绍了使用现有通用计算设备的企业环境中无线网络管理应用的框架。 至少一个设备配置有无线适配器,并用作AirMonitor来监视一个或多个无线网络。 其他设备被配置为LandMonitor以监视企业环境中有线网络上的流量。 至少一个推理机通过分配监控任务来使用LandMonitor和AirMonitor。 来自监控任务的数据存储在数据库中。 计算密集的数据的分析通常由推理引擎执行。 无线网络管理应用程序通过在AirMonitor,LandMonitor和/或推理引擎上安装和运行特定于应用程序的组件(例如,过滤器)来使用该框架。
-
公开(公告)号:US08155662B2
公开(公告)日:2012-04-10
申请号:US11753536
申请日:2007-05-24
CPC分类号: H04W24/02 , G01S5/02 , G01S5/14 , H04L41/0213 , H04L41/0806 , H04L41/0886 , H04L41/12 , H04W64/00 , H04W84/18
摘要: Wireless adapters are installed on one or more general purpose computing devices and are connected via a network in an enterprise environment. The adapters are densely deployed at known locations throughout the environment and are configured as air monitors. The air monitors monitor signals transmitted by one or more transceiver devices and records information about these signals. One or more analysis or inference engines may be deployed to obtain the recorded signal information and the air monitor locations to determine a location of the one or more wireless transceivers devices deployed in the environment.
摘要翻译: 无线适配器安装在一个或多个通用计算设备上,并通过企业环境中的网络连接。 适配器密集地部署在整个环境中的已知位置,并配置为空气监视器。 空气监视器监视由一个或多个收发器设备发送的信号并记录关于这些信号的信息。 可以部署一个或多个分析或推理引擎以获得记录的信号信息和空中监视器位置,以确定部署在环境中的一个或多个无线收发器设备的位置。
-
公开(公告)号:US20080200181A1
公开(公告)日:2008-08-21
申请号:US11753536
申请日:2007-05-24
IPC分类号: H04Q7/20
CPC分类号: H04W24/02 , G01S5/02 , G01S5/14 , H04L41/0213 , H04L41/0806 , H04L41/0886 , H04L41/12 , H04W64/00 , H04W84/18
摘要: Wireless adapters are installed on one or more general purpose computing devices and are connected via a network in an enterprise environment. The adapters are densely deployed at known locations throughout the environment and are configured as air monitors. The air monitors monitor signals transmitted by one or more transceiver devices and records information about these signals. One or more analysis or inference engines may be deployed to obtain the recorded signal information and the air monitor locations to determine a location of the one or more wireless transceivers devices deployed in the environment.
摘要翻译: 无线适配器安装在一个或多个通用计算设备上,并通过企业环境中的网络连接。 适配器密集地部署在整个环境中的已知位置,并配置为空气监视器。 空气监视器监视由一个或多个收发器设备发送的信号并记录关于这些信号的信息。 可以部署一个或多个分析或推理引擎以获得记录的信号信息和空中监视器位置,以确定部署在环境中的一个或多个无线收发器设备的位置。
-
公开(公告)号:US07516049B2
公开(公告)日:2009-04-07
申请号:US11680575
申请日:2007-02-28
IPC分类号: G06F11/30
CPC分类号: H04W24/08 , H04L41/5009 , H04L43/0829 , H04L43/0894
摘要: Wireless adapters are installed on one or more general purpose computing devices and are connected via a wireless network in an enterprise environment. The adapters are densely deployed at known locations throughout the environment and are configured as air monitors. The air monitors monitor wireless signals transmitted between transceiver devices and access points and records information about these signals. One or more analysis or inference engines may be deployed to analyze the signals received from the air monitors to obtain optimum performance and connectivity information about the wireless network.
摘要翻译: 无线适配器安装在一个或多个通用计算设备上,并通过企业环境中的无线网络连接。 适配器密集地部署在整个环境中的已知位置,并配置为空气监视器。 空中监视器监视在收发器设备和接入点之间传输的无线信号,并记录关于这些信号的信息。 可以部署一个或多个分析或推理引擎来分析从空中监视器接收的信号,以获得关于无线网络的最佳性能和连接信息。
-
公开(公告)号:US07099689B2
公开(公告)日:2006-08-29
申请号:US10610293
申请日:2003-06-30
申请人: Paramvir Bahl , Atul Adya , Alastair Wolman , Jitendra D. Padhye
发明人: Paramvir Bahl , Atul Adya , Alastair Wolman , Jitendra D. Padhye
IPC分类号: H04Q7/20
CPC分类号: H04W52/0277 , Y02D70/1222 , Y02D70/142 , Y02D70/144 , Y02D70/22
摘要: Described herein is an implementation that reduces the battery consumption of an energy-constrained computing device that is capable of communicating over a wireless network. As conditions and circumstances warrant, the implementation selects one of multiple radios (e.g., two)—with each having a unique combination of characteristics (in terms of power-consumption, data-rate, range and/or frequency band of operation) for wireless communications to and from a wireless device. The implementation selects one radio to minimize power-consumption while maintaining effective wireless data communication. This abstract itself is not intended to limit the scope of this patent. The scope of the present invention is pointed out in the appending claims.
摘要翻译: 这里描述了减少能够通过无线网络进行通信的能量约束计算设备的电池消耗的实现。 根据条件和情况的需要,实现选择多个无线电(例如两个)中的一个,每个具有针对无线的特征(在功耗,数据速率,范围和/或频带方面)的独特组合 与无线设备的通信。 实现选择一个无线电以最小化功耗,同时保持有效的无线数据通信。 本摘要本身并不旨在限制本专利的范围。 在所附权利要求中指出了本发明的范围。
-
-
-
-
-
-
-
-
-
搜索结果
249 条记录 (耗时 0.03 秒)
