CN106376003B - Detect WLAN connection and WLAN data transmission method for uplink and its device - Google Patents

Detect WLAN connection and WLAN data transmission method for uplink and its device Download PDF

Info

Publication number
CN106376003B
CN106376003B CN201510439627.1A CN201510439627A CN106376003B CN 106376003 B CN106376003 B CN 106376003B CN 201510439627 A CN201510439627 A CN 201510439627A CN 106376003 B CN106376003 B CN 106376003B
Authority
CN
China
Prior art keywords
data
sent
terminal
address
wlan
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201510439627.1A
Other languages
Chinese (zh)
Other versions
CN106376003A (en
Inventor
晁巍
罗红
路晓明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhongchang (hangzhou) Information Technology Co Ltd
China Mobile Communications Group Co Ltd
Original Assignee
Zhongchang (hangzhou) Information Technology Co Ltd
China Mobile Communications Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhongchang (hangzhou) Information Technology Co Ltd, China Mobile Communications Group Co Ltd filed Critical Zhongchang (hangzhou) Information Technology Co Ltd
Priority to CN201910952811.4A priority Critical patent/CN111093198B/en
Priority to CN201510439627.1A priority patent/CN106376003B/en
Publication of CN106376003A publication Critical patent/CN106376003A/en
Application granted granted Critical
Publication of CN106376003B publication Critical patent/CN106376003B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Small-Scale Networks (AREA)

Abstract

The invention discloses a kind of connection of detection WLAN and WLAN data transmission method for uplink and its device, include the SSID and BSSID of AP in broadcast message this method comprises: receiving the broadcast message of wireless access point device AP;Request is established WLAN with the first AP and is connect;After terminal establishes WLAN connection, the corresponding MAC Address of IP address of the first AP in the arp cache table of the terminal is obtained, the arp cache table is that terminal is generated according to the last received response message for carrying MAC Address;The SSID and BSSID of the first AP are determined from the broadcast message of AP;Determine whether the BSSID of the first AP MAC Address corresponding with the IP address is consistent, is determined if inconsistent and terminal currently establish the WLAN of connection there are ARP deceptions.For detect network whether safety and solve the problems, such as to cause user data information to be stolen since network is dangerous.

Description

Detect WLAN connection and WLAN data transmission method for uplink and its device
Technical field
The invention belongs to wireless network secure fields, and in particular to the connection of detection WLAN and wireless local area network data Sending method and its device.
Background technique
In a wireless local area network, the host in network can connect outer net, that is, radio network gateway by wireless aps, in net In network, the gateway of a default can be set under normal conditions, and the host in network, which is sent to whole messages outside local area network, to be sent out Be sent to default gateway, therefore, all can first be sent before host in network connection outside network resource ARP (address resolution protocol, Address Resolution Protocol) request message application default gateway medium access control (Medium Access Control, MAC) address, then default gateway sends back to the response message for carrying own MAC address to host, and terminal receives response IP address therein and physical address are stored in the machine arp cache table and are retained certain time after message, next time is straight when requesting Inquiry arp cache table is connect to economize on resources, normal wireless LAN connection is as shown in Figure 1.
The usually existing deception of WLAN connection is ARP deception, ARP deception be the common attack means of hacker it There are the deception of a kind of pair of arp cache table, usual this deceptions can occur in public wireless network environment for one, ARP deception, because It is bigger for this environment flow of the people, it can not be on the defensive by way of the others such as binding ARP table.
When, there are when the virus of ARP deception, the process that ARP virus is cheated is as follows: as the A master in local area network in network When machine sends data to outside local area network, A host can give whole network to send broadcast ARP request message, to apply for the MAC of gateway Location.When gateway receives ARP request message, an arp response message can be replied and give A host.The host of ARP virus is carried at this time Also a false arp response message can be replied and give A host, and usually false arp response message can be rung than the ARP of gateway Answer message delay for a period of time or multiple several.In this way, A host will learn the MAC Address of the gateway to mistake, that is, carry The message of the MAC Address of the host of ARP virus, the subsequent transmission of A host can arrive da virus host, so that A in local area network Host suspension or data import viral host, so that internet security is poor, user data information is stolen, therefore needs one For detecting network, whether safety and WLAN data transmission method for uplink are used for for the connection method of kind of detection WLAN Ensure the data safety in transmit process.
Summary of the invention
The embodiment of the present invention provides a kind of connection of detection WLAN and WLAN data transmission method for uplink and its dress Set, for detect network whether safety and solve the problems, such as to cause user data information to be stolen since network is dangerous.
The embodiment of the present invention includes a kind of methods of detection WLAN connection, this method comprises: receiving wireless access The broadcast message of point device AP includes the service set SSID and Basic Service Set Identification BSSID of AP in the broadcast message; Request is established WLAN with the first AP and is connect;After terminal establishes WLAN connection, the address of the terminal is obtained The corresponding medium access control MAC Address of IP address of first AP in analysis protocol arp cache table, the arp cache table are eventually End is generated according to the last received response message for carrying MAC Address;Determine the first AP's from the broadcast message of AP SSID and BSSID;Determine whether the BSSID MAC Address corresponding with the IP address of the first AP is consistent, if inconsistent It determines and the terminal currently establishes the WLAN of connection there are ARP deceptions.
In view of the problem of how ARP deception carries out Initiative Defense detected the presence of, the embodiment of the present invention also provides one kind The data transmission method for uplink of WLAN, this method comprises: Microsoft Loopback Adapter will be sent to after data encryption to be sent, it is described pending Sending data is the data for needing to be transmitted to network server by wireless access point device AP;After the Microsoft Loopback Adapter encapsulation encryption Data to be sent destination address be security server IP address, the data after encapsulation are sent to physical network card;It is described Data after the encapsulation are sent to the AP that connection is established with terminal by physical network card so that the AP by it is described it is encrypted to Transmission data are sent to the security server and are decrypted and are sent to the network by the security server after decryption Server
Based on same inventive concept, the embodiment of the present invention also provides a kind of device of detection WLAN connection, packet Include: receiving module includes the SSID and base of AP for receiving the broadcast message of wireless access point device AP, in the broadcast message Plinth service set BSSID;Link block is established WLAN with the first AP for request and is connect;Module is obtained, is used for After the terminal establishes WLAN connection, the IP of the first AP in the Address Resolution Protocol ARP cache table of the terminal is obtained The corresponding medium access control MAC Address in address, the arp cache table are terminals according to last received carrying MAC Address What response message generated;First determining module, for determining the SSID and BSSID of the first AP from the broadcast message of AP; Second determining module, whether the BSSID MAC Address corresponding with the IP address for determining the first AP is consistent, if not There are ARP deceptions for the consistent then determining WLAN for currently establishing connection.In addition the embodiment of the present invention also provides a kind of wireless The data sending device of local area network, comprising: encrypting module, it is described for Microsoft Loopback Adapter will to be sent to after data encryption to be sent Data to be sent are the data for needing to be transmitted to network server by wireless access point device AP;Package module, for encapsulating The destination address of encrypted data to be sent is the IP address of security server, and the data after encapsulation are sent to Physical Network Card.Data after the encapsulation are sent to the AP that connection is established with terminal by sending module, so that the AP will be after the encryption Data to be sent be sent to the security server and be decrypted and be sent to after decryption by the security server described Network server.
The embodiment of the present invention is established wireless by the BSSID and terminal of the first AP of the detection proposed vertical WLAN of terminal The MAC Address of the connection website of local area network whether unanimously come identify current connection website whether safety, another implementation of the invention Example by data encryption to be sent, and via the exit passageway of Microsoft Loopback Adapter, physical network card, connection AP and security server by sending out It send to network server, guarantees safety of the data in transmission process.
Detailed description of the invention
To describe the technical solutions in the embodiments of the present invention more clearly, make required in being described below to embodiment Attached drawing is briefly introduced, it should be apparent that, drawings in the following description are only some embodiments of the invention, for this For the those of ordinary skill in field, without any creative labor, it can also be obtained according to these attached drawings His attached drawing.
Fig. 1 is the interaction figure of terminal and AP in the prior art;
Fig. 2 is that detection WLAN provided in an embodiment of the present invention connects flow diagram;
Interaction figure when Fig. 3 is the deception provided in an embodiment of the present invention there are ARP;
Fig. 4 is the data transmission method for uplink flow diagram of WLAN provided in an embodiment of the present invention;
Fig. 5 is the interaction figure of terminal provided in an embodiment of the present invention and AP, security server;
Fig. 6 is detection wireless local area net connecting device provided in an embodiment of the present invention;
Fig. 7 is the data sending device of WLAN provided in an embodiment of the present invention.
Specific embodiment
To make the objectives, technical solutions, and advantages of the present invention clearer, below in conjunction with attached drawing to the present invention make into It is described in detail to one step, it is clear that the described embodiments are only some of the embodiments of the present invention, rather than whole implementation Example.Based on the embodiments of the present invention, obtained by those of ordinary skill in the art without making creative efforts All other embodiment, shall fall within the protection scope of the present invention.
Wireless aps (Access Point) are one comprising very wide title, be usually referred to as wireless access node, Session point or access bridge, it not only includes pure wireless access point, is similarly wireless router i.e. radio network gateway, nothing The general designation of the classes equipment such as gauze bridge.Wireless aps access point supports the wireless application of 2.4GHz frequency range, and susceptibility meets 802.11n mark Standard, and exported using two-way radio frequency, it, can be by wireless distribution system in the region of large area per 600 milliwatt of maximum output all the way Wireless coverage is disposed, is the wireless AP devices that large-scale public place develops wireless network indispensability.
It is shown in Figure 2, flow diagram, the process are connected for the detection WLAN that embodiment provides can include:
Step S101, the broadcast message of AP is received, includes the SSID and BSSID of AP in the broadcast message.
Step S102, request is established WLAN with the first AP and is connect.
Step S103, after terminal establishes WLAN connection, the Address Resolution Protocol ARP caching of the terminal is obtained The corresponding medium access control MAC Address of the IP address of first AP in table, the arp cache table are terminals according to last received Carry the response message generation of MAC Address.
Step S104, the SSID and BSSID of the first AP are determined from the broadcast message of AP.
Step S105, determine whether the BSSID MAC Address corresponding with the IP address of the first AP is consistent, if not There are ARP deceptions for the consistent then determining WLAN for currently establishing connection.
In step S101 and step S102, terminal can be to the WLAN of surrounding before establishing WLAN connection Signal is scanned, that is, obtains the broadcast message that WLAN issues, such as can be certainly after mobile phone open wifi connection The SSID name of the wifi signal searched is all set out for dynamic scanning, and then user searches for from the signal being set out Itself will connect SSID, and then input the corresponding password of the SSID and establish a connection, and the first AP in the step namely refers to The corresponding wireless router of terminal itself SSID to be connected in the above process.
When terminal establish after the wireless lan connection, usually just will form arp cache table, saved in the arp cache table Connection website IP address and MAC Address.Due to that may have ARP deception, institute in WLAN connection establishment process It is not necessarily exactly the MAC Address of the first AP with the MAC Address.
Further, it is obtained in the arp cache table of the terminal by the operating system application programming interfaces API of terminal The corresponding MAC Address of the IP address of one AP.Terminal above- mentioned information tool is obtained by the operating system application programming interfaces API of terminal Have the advantages that easy to operate, because this process only needs the Applied layer interface of terminal operating system to support, no longer needs The support for wanting terminal operating system bottom avoids the operation of the complexity such as bottom packet capturing.
At step 104, the SSID and corresponding BSSID of the first AP are determined from broadcast message, because what BSSID was represented It is the corresponding MAC Address of the first AP, can be used for determining whether the BSSID is consistent with the MAC Address in cache table, works as definitive result When being inconsistent, determines and terminal currently establish the WLAN of connection there are ARP deceptions.About determining the from broadcast message The SSID of one AP and corresponding BSSID, can be in a step 102, and terminal request is established WLAN with the first AP and connect In the process, the SSID and corresponding BSSID of the first AP is determined according to the broadcast message in step 101 and recorded;It is also possible to It is extracted from the broadcast message of periodic broadcast after step 103.
Terminal stores the corresponding MAC Address of the IP address into pre-set blacklist list, the blacklist List is for inquiring the last received response message for carrying MAC Address of terminal with the presence or absence of deception.Why black name is established Single-row table is to find that current wireless Local Area Network is connect as early as possible during terminal establishes connection with wireless access point device With the presence or absence of deception, after the response message that receiving terminal station point returns therefrom is resolved to MAC Address, from blacklist list Inquiring the MAC Address whether there is, and if there is can so obtain current connection at once, there are ARP deceptions, and it is slow to omit formation The step of depositing table and judging, improves the efficiency of detection.
Citing scene one below, as shown in figure 3, above-mentioned detection method is specifically described.
Assuming that the scene the corresponding SSID of a wireless aps be " library " covering radio local network environment in, in net There are three hosts, respectively host A, host B, host C.Host C is " library " corresponding wireless aps, each host it is detailed Information is described as follows:
The address of host A are as follows: IP:192.168.10.1;MAC:AA-AA-AA-AA-AA-AA
The address of host B are as follows: IP:192.168.10.2;MAC:BB-BB-BB-BB-BB-BB
The address of host C are as follows: IP:192.168.10.3;MAC:CC-CC-CC-CC-CC-CC
Under normal circumstances, host A can send broadcast ARP request message to whole network, to apply for the MAC Address of host C.When When host C receives ARP request message, an arp response message can be replied and give A host, connection is established between host A and host C After communicated.But host B sends the arp reply of oneself forgery, the response message in this response to host A at this time The MAC Address of IP address, that is, 192.168.10.3 and host B including host C are BB-BB-BB-BB-BB-BB.When host A most The response message received afterwards is the arp reply that host B is forged, and just will be updated the arp cache table of host A, and at this moment host B is just pseudo- Dress up host C.Meanwhile host B equally sends an arp reply to host C, the IP address of host A is in response bag 192.168.10.1 it with MAC Address, that is, BB-BB-BB-BB-BB-BB of host B, is answered when host C receives the ARP that host B is forged It answers, also will be updated the arp cache table of host C, at this moment B has just disguised oneself as A.Host A and C so is all cheated by host B, A and C it Between the data that communicate all have passed through B.The ARP that host B constitutes host A and host C is cheated.In order to detect host B, host A IP address and MAC Address are therefrom parsed after obtaining arp reply, and host A obtains the broadcast message issued by host C, extensively It broadcasts and contains BSSID in message, whether host A compares BSSID consistent with MAC Address, if it find that it is inconsistent, then can sentence Disconnected host B out is illegal host, it is believed that is viral host.
In view of transmitting the problem of data safety of data in a wireless local area network, the embodiment of the present invention also provides a kind of wireless The data transmission method for uplink flow diagram of local area network, as shown in figure 4, the process can include:
Step S201, will be sent to Microsoft Loopback Adapter after data encryption to be sent, the data to be sent are to need by AP It is transmitted to the data of network server.
Step S202, the destination address that the Microsoft Loopback Adapter encapsulates encrypted data to be sent is the IP of security server Data after encapsulation are sent to physical network card by address.
Data after the encapsulation are sent to the AP that connection is established with terminal by step S203, the physical network card, so that The encrypted data to be sent are sent to the security server and are decrypted and after decryption by the peace by the AP Full server is sent to the network server.
Wherein, in executing step S201, the mode of data encryption to be sent is generally executed by VPN client, specifically, The information such as IP address, the port of software input destination vpn server, terminal are opened after terminal installation vpn client The data of transmission are completed to encrypt by the process of VPN client by VPN client, the purpose for the arrangement is that not yet reaching in data First data are encrypted before physical network card, even if network is dangerous there are ARP deception, illegitimate site receives encryption data Original data can not be also parsed later.
Before executing step S201, terminal needs to be pre-created Microsoft Loopback Adapter and route table items is arranged, the routing table Item makes that the data to be sent are sent to the Microsoft Loopback Adapter and the terminal and the security server establishes virtual private Network connection, so-called security server refer generally to vpn server.
Before terminal sends connection request to vpn server, terminal first carries out above-mentioned detection WLAN connection side Method, that is, step S101 to step S105, in this way, suggesting that terminal executes the embodiment of the present invention when terminal discovery network is dangerous Step S201 to step S203, when terminal finds network security can directly by AP connection network so that user according to Actual needs is selected, and more practical, user experience is more preferable.
After terminal sends data to network side by above step, the feedback of network side just will receive, therefore also wrap The process that terminal receives data is included, specifically, the physical network card receives adding by the AP network server forwarded Ciphertext data, the encryption data are to be encrypted by the vpn server to the feedback data for receiving the network server; The encryption data is sent to the Microsoft Loopback Adapter by the physical network card;The Microsoft Loopback Adapter forwards encryption data to safety clothes The corresponding client of device be engaged in complete the decryption to the encryption data.
In order to be further described through above-mentioned WLAN data transmission method for uplink process, specific terminal is provided below With the interaction figure of other equipment, as shown in Figure 5.
When terminal detects WLAN connection in the presence of cheating dangerous, terminal creates Microsoft Loopback Adapter, and road is arranged By list item, as shown by the solid line in the drawings, wherein the process of terminal transmission data is as follows for data transmit-receive process: terminal sends first when data Data to be sent are encrypted by the corresponding client of security server, then Microsoft Loopback Adapter is by the IP of security server Location is loaded into the header in encryption data, then the data after encapsulation are sent to physical network card, and physical network card is by the encapsulation Data afterwards are sent to the AP that connection is established with terminal, which is sent to the security service for encrypted data to be sent Device, the data of encryption are decrypted and then are connected outside network resource by security server, on the contrary, terminal receives the mistake of data Journey are as follows: outside network resource feedbacks data to security server, and security server will be passed through after the data encryption of feedback and be sent by AP To terminal, the physical network card of terminal inner receives encrypted Data Concurrent and send to Microsoft Loopback Adapter, virtual to forward encryption data extremely The corresponding client of security server, then client completes the decryption to the encryption data.
When terminal detects WLAN connection there is no in the case where deception i.e. network security, the data of terminal can Directly to connect outside network resource by AP.
As it can be seen that terminal can according to circumstances select above two different implementation one of, such terminal with Network side can secure communication, it is ensured that safety of the data in transmit process, entire realization process are only needed in terminal side Be previously-completed configuration can, without the cooperation of other hardware such as AP etc., this method realize process facilitate it is feasible, convenient for business Application implementation.
Based on the same technical idea, the embodiment of the invention also provides detection wireless local area net connecting device, the devices The detection WLAN connection method process of implementable above-described embodiment description.
As shown in fig. 6, the device can include: receiving module 301, link block 302 obtain module 303, and first determines mould Block 304, the second determining module 305, in which:
Receiving module 301 includes SSID and the infrastructure service of AP for receiving the broadcast message of AP, in the broadcast message Set identifier BSSID;
Link block 302 is established WLAN with the first AP for request and is connect;
Module 303 is obtained, for obtaining the address resolution of the terminal after the terminal establishes WLAN connection The corresponding medium access control MAC Address of IP address of the first AP, the arp cache table are terminal roots in agreement arp cache table It is generated according to the last received response message for carrying MAC Address;
First determining module 304, for determining the SSID and BSSID of the first AP from the broadcast message of AP;
Second determining module 305, for determining that the BSSID MAC Address corresponding with the IP address of the first AP is It is no consistent, determine that there are ARP deceptions for the current WLAN for establishing connection if inconsistent.
Further, it obtains module 303 to be specifically used for: institute is obtained by the operating system application programming interfaces API of terminal The corresponding MAC Address of IP address of the first AP in the arp cache table of terminal is stated, this have the effect that only need terminal operation system The Applied layer interface of system is supported, it is no longer necessary to which the support of terminal operating system bottom avoids the complexity such as bottom packet capturing Operation, operate it is more convenient feasible.
Further, the second determining module 305 is specifically used for: when definitive result is inconsistent, by the IP address pair The MAC Address answered is stored into pre-set blacklist list, and the blacklist list is last received for inquiring terminal The response message of MAC Address is carried with the presence or absence of deception.Why establishing blacklist list is in order in terminal and wireless access Point device finds current wireless Local Area Network connection with the presence or absence of deception, because of receiving terminal station point as early as possible during establishing connection The response message of return, terminal can therefrom be resolved to MAC Address, if having inquired the MAC Address from blacklist list, It can so show that there are ARP deceptions for current connection at once, in this way, can simplify the process of detection WLAN connection, mention The efficiency of high detection.
Based on technical concept identical with transfer approach in WLAN, the embodiment of the invention also provides wireless local areas The data sending device of net, the data transmission method for uplink process of the WLAN of the implementable above-described embodiment description of the device.
As shown in fig. 7, the device can include: encrypting module 401, package module 402, sending module 403, in which:
Encrypting module 401, for will be sent to Microsoft Loopback Adapter after data encryption to be sent, the data to be sent are to need The data of network server are transmitted to by wireless access point device AP;
Package module 402, the destination address for encapsulating encrypted data to be sent are the IP address of security server, Data after encapsulation are sent to physical network card.
Data after the encapsulation are sent to the AP that connection is established with terminal by sending module 403, so that the AP is by institute It states encrypted data to be sent and is sent to the security server and be decrypted and sent out after decryption by the security server Give the network server.
Further, further includes: setup module, for creating Microsoft Loopback Adapter and route table items being arranged, the route table items So that the data to be sent are sent to the Microsoft Loopback Adapter;
Link block is established, is connect for establishing Virtual Private Network with the vpn server.
Whether detection module pacifies for the method detection current wireless Local Area Network connection using step S101 to step S105 Entirely, it is executed if inconsistent to Virtual Private Network vpn server and sends connection request, in this way, when terminal discovery network is uneasy It is full-time to suggest that terminal executes step of embodiment of the present invention S201 to step S203, it can be straight when terminal finds network security AP connection network was connected, so that user selects according to actual needs, more practical, user experience is more preferable.
After terminal sends data to network side by above step, the feedback of network side just will receive, therefore also wrap The process that terminal receives data is included, therefore the encrypting module is also used to: receiving the network server forwarded by the AP Encryption data, the encryption data be by the vpn server to receive the network server feedback data carry out Encryption;Sending module is also used to the encryption data for being sent to the Microsoft Loopback Adapter being forwarded to the corresponding visitor of security server Family end is to complete the decryption to the encryption data.
Terminal and network side can secure communications by apparatus above in this way, it is ensured that peace of the data in transmit process Entirely, entire realization process only need terminal side be previously-completed configuration can, should without the cooperation of other hardware such as AP etc. It is feasible that method realizes that process facilitates, and is convenient for business application.
In conclusion on the one hand the embodiment of the present invention passes through the current connection website of detection WLAN connection method identification It is whether safe, safe lane is on the other hand established by WLAN data transmission method for uplink so that the number that terminal sends or receives It is forwarded according to by the safe lane, guarantees safety of the data in transmission process, this method is easy to operate feasible, is convenient for Business application.
The present invention be referring to according to the method for the embodiment of the present invention, the process of equipment (system) and computer program product Figure and/or block diagram describe.It should be understood that every one stream in flowchart and/or the block diagram can be realized by computer program instructions The combination of process and/or box in journey and/or box and flowchart and/or the block diagram.It can provide these computer programs Instruct the processor of general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices to produce A raw machine, so that being generated by the instruction that computer or the processor of other programmable data processing devices execute for real The device for the function of being specified in present one or more flows of the flowchart and/or one or more blocks of the block diagram.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates, Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one The step of function of being specified in a box or multiple boxes.
Although preferred embodiments of the present invention have been described, it is created once a person skilled in the art knows basic Property concept, then additional changes and modifications may be made to these embodiments.So it includes excellent that the following claims are intended to be interpreted as It selects embodiment and falls into all change and modification of the scope of the invention.
Obviously, various changes and modifications can be made to the invention without departing from essence of the invention by those skilled in the art Mind and range.In this way, if these modifications and changes of the present invention belongs to the range of the claims in the present invention and its equivalent technologies Within, then the present invention is also intended to include these modifications and variations.

Claims (12)

1. a kind of method of detection WLAN connection, which is characterized in that this method comprises:
The broadcast message of wireless access point device AP is received, includes service set SSID and the basis of AP in the broadcast message Service set BSSID;
Request is established WLAN with the first AP and is connect;
After terminal establishes WLAN connection, the first AP in the Address Resolution Protocol ARP cache table of the terminal is obtained The corresponding medium access control MAC Address of IP address, the arp cache table are terminals according to last received carrying MAC Address Response message generate;
The SSID and BSSID of the first AP are determined from the broadcast message of AP;
Determine whether the BSSID MAC Address corresponding with the IP address of the first AP consistent, if inconsistent determine described in Terminal currently establishes the WLAN of connection, and there are ARP deceptions.
2. the method as described in claim 1, which is characterized in that with obtaining in the arp cache table of the terminal IP of the first AP The corresponding MAC Address in location, comprising:
The IP address of the first AP in the arp cache table of the terminal is obtained by the operating system application programming interfaces API of terminal Corresponding MAC Address.
3. the method as described in any claim of claim 1 to 2, which is characterized in that further include:
When definitive result is inconsistent, the corresponding MAC Address of the IP address is stored to pre-set blacklist list In, the blacklist list is used to inquire the last received response message for carrying MAC Address of terminal with the presence or absence of deception.
4. the method as described in claim 1, which is characterized in that determine that the terminal currently establishes the nothing of connection if inconsistent There are the subsequent processing of data to be sent after ARP deception, this method for line local area network further include:
Microsoft Loopback Adapter will be sent to after data encryption to be sent, the data to be sent are to need by wireless access point device AP It is transmitted to the data of network server;
The destination address that the Microsoft Loopback Adapter encapsulates encrypted data to be sent is the IP address of security server, after encapsulation Data be sent to physical network card;
Data after the encapsulation are sent to the AP that connection is established with terminal by the physical network card, so that the AP described will add Data to be sent after close are sent to the security server and are decrypted and are sent to after decryption by the security server The network server.
5. method as claimed in claim 4, which is characterized in that the security server is Virtual Private Network vpn server;
It is described that data to be sent are sent to before Microsoft Loopback Adapter, further includes:
Simultaneously route table items are arranged in creation Microsoft Loopback Adapter, and the route table items make the data to be sent be sent to the virtual net Card;
Virtual Private Network is established with the vpn server to connect.
6. method as claimed in claim 4, which is characterized in that further include:
The physical network card receives the encryption data by the AP network server forwarded, and the encryption data is by institute Security server is stated to encrypt the feedback data for receiving the network server;
The encryption data is sent to the Microsoft Loopback Adapter by the physical network card;
The Microsoft Loopback Adapter forwards the encryption data to the corresponding client of the security server to complete to the encryption The decryption of data.
7. a kind of device of detection WLAN connection characterized by comprising
Receiving module, for receiving the broadcast message of wireless access point device AP, SSID in the broadcast message including AP and Basic Service Set Identification BSSID;
Link block is established WLAN with the first AP for request and is connect;
Module is obtained, for after terminal establishes WLAN connection, obtaining the Address Resolution Protocol ARP caching of the terminal The corresponding medium access control MAC Address of the IP address of first AP in table, the arp cache table are terminals according to last received Carry the response message generation of MAC Address;
First determining module, for determining the SSID and BSSID of the first AP from the broadcast message of AP;
Second determining module, whether the BSSID MAC Address corresponding with the IP address for determining the first AP is consistent, Determine that there are ARP deceptions for the current WLAN for establishing connection if inconsistent.
8. device as claimed in claim 7, which is characterized in that the acquisition module is specifically used for:
The IP address of the first AP in the arp cache table of the terminal is obtained by the operating system application programming interfaces API of terminal Corresponding MAC Address.
9. device as claimed in claim 7, which is characterized in that second determining module is specifically used for:
When definitive result is inconsistent, the corresponding MAC Address of the IP address is stored to pre-set blacklist list In, the blacklist list is used to inquire the last received response message for carrying MAC Address of terminal with the presence or absence of deception.
10. a kind of data sending device of WLAN characterized by comprising
Detection module, for receiving the broadcast message of wireless access point device AP, SSID in the broadcast message including AP and Basic Service Set Identification BSSID;
Request is established WLAN with the first AP and is connect;
After terminal establishes WLAN connection, the first AP in the Address Resolution Protocol ARP cache table of the terminal is obtained The corresponding medium access control MAC Address of IP address, the arp cache table are terminals according to last received carrying MAC Address Response message generate;
The SSID and BSSID of the first AP are determined from the broadcast message of AP;
Determine whether the BSSID MAC Address corresponding with the IP address of the first AP is consistent, it will be to be sent if inconsistent Microsoft Loopback Adapter is sent to after data encryption;
Encrypting module currently establishes the WLAN of connection there are after ARP deception for determining in the detection module, will be to It is sent to Microsoft Loopback Adapter after sending data encryption, the data to be sent are to need to be transmitted to net by wireless access point device AP The data of network server;
Package module, the destination address for encapsulating encrypted data to be sent are the IP address of security server, will be encapsulated Data afterwards are sent to physical network card;
Data after the encapsulation are sent to the AP that connection is established with terminal by sending module, so that the AP is by the encryption Data to be sent afterwards are sent to the security server and are decrypted and are sent to institute by the security server after decryption State network server.
11. device as claimed in claim 10, which is characterized in that the security server is Virtual Private Network VPN service Device, further includes:
Setup module, for creating Microsoft Loopback Adapter and route table items being arranged, the route table items make the data hair to be sent Give the Microsoft Loopback Adapter;
Link block is established, is connect for establishing Virtual Private Network with the vpn server.
12. device as claimed in claim 10, which is characterized in that the encrypting module is also used to: reception is forwarded by the AP The network server encryption data, the encryption data is by the security server to receiving the network service The feedback data of device is encrypted;
It is corresponding that sending module is also used to for the encryption data for being sent to the Microsoft Loopback Adapter being forwarded to the security server Client to complete the decryption to the encryption data.
CN201510439627.1A 2015-07-23 2015-07-23 Detect WLAN connection and WLAN data transmission method for uplink and its device Active CN106376003B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201910952811.4A CN111093198B (en) 2015-07-23 2015-07-23 Wireless local area network data transmission method and device
CN201510439627.1A CN106376003B (en) 2015-07-23 2015-07-23 Detect WLAN connection and WLAN data transmission method for uplink and its device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510439627.1A CN106376003B (en) 2015-07-23 2015-07-23 Detect WLAN connection and WLAN data transmission method for uplink and its device

Related Child Applications (1)

Application Number Title Priority Date Filing Date
CN201910952811.4A Division CN111093198B (en) 2015-07-23 2015-07-23 Wireless local area network data transmission method and device

Publications (2)

Publication Number Publication Date
CN106376003A CN106376003A (en) 2017-02-01
CN106376003B true CN106376003B (en) 2019-11-19

Family

ID=57880246

Family Applications (2)

Application Number Title Priority Date Filing Date
CN201510439627.1A Active CN106376003B (en) 2015-07-23 2015-07-23 Detect WLAN connection and WLAN data transmission method for uplink and its device
CN201910952811.4A Active CN111093198B (en) 2015-07-23 2015-07-23 Wireless local area network data transmission method and device

Family Applications After (1)

Application Number Title Priority Date Filing Date
CN201910952811.4A Active CN111093198B (en) 2015-07-23 2015-07-23 Wireless local area network data transmission method and device

Country Status (1)

Country Link
CN (2) CN106376003B (en)

Families Citing this family (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106714092A (en) * 2017-02-13 2017-05-24 惠州Tcl移动通信有限公司 Mobile terminal-based WIFI data processing method and system
CN108574672A (en) * 2017-03-10 2018-09-25 武汉安天信息技术有限责任公司 The method and device of ARP attack perception applied to mobile terminal
CN109428862A (en) * 2017-08-29 2019-03-05 武汉安天信息技术有限责任公司 A kind of method and apparatus detecting ARP attack in local area network
CN107508931B (en) * 2017-09-29 2019-08-30 Oppo广东移动通信有限公司 Wireless network communication method, device, storage medium and computer equipment
KR20190076313A (en) * 2017-12-22 2019-07-02 (주)노르마 System and method for detecting arp spoofing
CN108124301A (en) * 2017-12-29 2018-06-05 深圳市智搜信息技术有限公司 A kind of connection method of wireless aps and its system
CN108768937B (en) * 2018-04-13 2021-06-25 上海尚往网络科技有限公司 Method and equipment for detecting ARP spoofing in wireless local area network
CN108430063B (en) * 2018-04-13 2021-11-19 上海尚往网络科技有限公司 Method and equipment for monitoring ARP spoofing in wireless local area network
CN108989173B (en) * 2018-07-09 2020-04-28 新华三技术有限公司 Message transmission method and device
CN109067751B (en) * 2018-08-14 2021-01-01 腾讯科技(深圳)有限公司 ARP spoofing detection method and device under non-Root environment and terminal
CN109041101B (en) * 2018-08-24 2022-03-18 北京小米移动软件有限公司 WIFI cut-off processing method, terminal, server and storage medium
CN109067764B (en) * 2018-08-29 2020-09-04 新华三技术有限公司 Method and device for establishing equipment table entry
CN111194019A (en) * 2018-11-14 2020-05-22 杭州海康威视数字技术股份有限公司 Control method and control device for vehicle-mounted equipment
JP7263098B2 (en) * 2018-12-27 2023-04-24 パナソニック インテレクチュアル プロパティ コーポレーション オブ アメリカ Terminal, communication method and program
CN110943984B (en) * 2019-11-25 2021-09-28 中国联合网络通信集团有限公司 Asset safety protection method and device
CN111093250B (en) * 2019-12-26 2022-02-25 Oppo(重庆)智能科技有限公司 Network scanning method, device, terminal and storage medium
CN111885621B (en) * 2020-07-10 2023-06-06 深圳创维数字技术有限公司 Wireless message grabbing method, system, terminal and storage medium
CN113194445A (en) * 2021-04-15 2021-07-30 厦门亿联网络技术股份有限公司 Connection method and device
CN113411809B (en) * 2021-07-30 2023-03-17 浙江大华技术股份有限公司 Method and device for preventing access pseudo AP and AP hijacking

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101110821A (en) * 2007-09-06 2008-01-23 华为技术有限公司 Method and apparatus for preventing ARP address cheating attack
CN101605077A (en) * 2008-06-10 2009-12-16 上海贝尔阿尔卡特股份有限公司 A kind of providing by the WiFi network moved method and the device thereof that inserts
CN103561449A (en) * 2013-11-08 2014-02-05 福建星网锐捷网络有限公司 Wireless access method and wireless access point
CN104219339A (en) * 2014-09-17 2014-12-17 北京金山安全软件有限公司 Method and device for detecting address resolution protocol attack in local area network

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1852192A (en) * 2005-10-21 2006-10-25 华为技术有限公司 Network identifying method in wireless local network
CN101272246B (en) * 2008-04-09 2011-06-01 西安西电捷通无线网络通信股份有限公司 Data safety transmission method and system of virtual network card and physical network card
CN104168173B (en) * 2010-08-20 2018-01-16 华为技术有限公司 The method, apparatus and network system of terminal crosses private network and server communication in IMS core net
CN102801695B (en) * 2011-05-27 2015-10-14 华耀(中国)科技有限公司 Virtual private network (VPN) communication equipment and data pack transmission method thereof
CN103139071B (en) * 2011-11-29 2016-07-13 华为技术有限公司 Message forwarding method, device and system
CN102664896A (en) * 2012-04-28 2012-09-12 郑州信大捷安信息技术股份有限公司 Safety network transmission system and method based on hardware encryption
CN103052094B (en) * 2013-01-30 2015-05-13 公安部第三研究所 Method for acquiring service set identifier of wireless mobile terminal

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101110821A (en) * 2007-09-06 2008-01-23 华为技术有限公司 Method and apparatus for preventing ARP address cheating attack
CN101605077A (en) * 2008-06-10 2009-12-16 上海贝尔阿尔卡特股份有限公司 A kind of providing by the WiFi network moved method and the device thereof that inserts
CN103561449A (en) * 2013-11-08 2014-02-05 福建星网锐捷网络有限公司 Wireless access method and wireless access point
CN104219339A (en) * 2014-09-17 2014-12-17 北京金山安全软件有限公司 Method and device for detecting address resolution protocol attack in local area network

Also Published As

Publication number Publication date
CN111093198B (en) 2023-04-28
CN111093198A (en) 2020-05-01
CN106376003A (en) 2017-02-01

Similar Documents

Publication Publication Date Title
CN106376003B (en) Detect WLAN connection and WLAN data transmission method for uplink and its device
US20220360634A1 (en) User plane model for non-3gpp access to fifth generation core network
CN110087236A (en) For establishing the agreement of secure communication session by wireless network and anonymous host
US11451510B2 (en) Method and apparatus for processing service request
US9003527B2 (en) Automated method and system for monitoring local area computer networks for unauthorized wireless access
US9967738B2 (en) Methods and arrangements for enabling data transmission between a mobile device and a static destination address
CN107819732B (en) Method and device for user terminal to access local network
CN104883217B (en) A kind of method, system and the equipment of transmitting satellite message
CN104967595A (en) Method and apparatus for registering devices on Internet of things platform
EA013147B1 (en) Method and system for providing an access specific key
CN107005430B (en) Communication method, device and system based on data link layer
US11805416B2 (en) Systems and methods for multi-link device privacy protection
CN104619040A (en) Method and system for quickly connecting WIFI equipment
US8982861B2 (en) Mobile access controller for fixed mobile convergence of data service over an enterprise WLAN
CN113068181B (en) Multi-type intelligent terminal safety network access method
CN106454814A (en) GTP tunnel communication system and method
CN108093390A (en) A kind of smart machine of feature based information finds method
CN104955036A (en) Secure networking method and device in public Wi-Fi (wireless fidelity) environment
CN113518475B (en) Communication method, device and system
US8724506B2 (en) Detecting double attachment between a wired network and at least one wireless network
EP3220584A1 (en) Wifi sharing method and system, home gateway and wireless local area network gateway
CN105898720B (en) A kind of processing method of short message, apparatus and system
CN103916849A (en) Method and apparatus for wireless LAN communication
CN101938735B (en) Method for accessing terminal to a WiMAX core network through WiFi network and interworking network
US10111097B2 (en) Method for network traffic routing

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant