CN106376003B - Detect WLAN connection and WLAN data transmission method for uplink and its device - Google Patents
Detect WLAN connection and WLAN data transmission method for uplink and its device Download PDFInfo
- Publication number
- CN106376003B CN106376003B CN201510439627.1A CN201510439627A CN106376003B CN 106376003 B CN106376003 B CN 106376003B CN 201510439627 A CN201510439627 A CN 201510439627A CN 106376003 B CN106376003 B CN 106376003B
- Authority
- CN
- China
- Prior art keywords
- data
- sent
- terminal
- address
- wlan
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention discloses a kind of connection of detection WLAN and WLAN data transmission method for uplink and its device, include the SSID and BSSID of AP in broadcast message this method comprises: receiving the broadcast message of wireless access point device AP;Request is established WLAN with the first AP and is connect;After terminal establishes WLAN connection, the corresponding MAC Address of IP address of the first AP in the arp cache table of the terminal is obtained, the arp cache table is that terminal is generated according to the last received response message for carrying MAC Address;The SSID and BSSID of the first AP are determined from the broadcast message of AP;Determine whether the BSSID of the first AP MAC Address corresponding with the IP address is consistent, is determined if inconsistent and terminal currently establish the WLAN of connection there are ARP deceptions.For detect network whether safety and solve the problems, such as to cause user data information to be stolen since network is dangerous.
Description
Technical field
The invention belongs to wireless network secure fields, and in particular to the connection of detection WLAN and wireless local area network data
Sending method and its device.
Background technique
In a wireless local area network, the host in network can connect outer net, that is, radio network gateway by wireless aps, in net
In network, the gateway of a default can be set under normal conditions, and the host in network, which is sent to whole messages outside local area network, to be sent out
Be sent to default gateway, therefore, all can first be sent before host in network connection outside network resource ARP (address resolution protocol,
Address Resolution Protocol) request message application default gateway medium access control (Medium Access
Control, MAC) address, then default gateway sends back to the response message for carrying own MAC address to host, and terminal receives response
IP address therein and physical address are stored in the machine arp cache table and are retained certain time after message, next time is straight when requesting
Inquiry arp cache table is connect to economize on resources, normal wireless LAN connection is as shown in Figure 1.
The usually existing deception of WLAN connection is ARP deception, ARP deception be the common attack means of hacker it
There are the deception of a kind of pair of arp cache table, usual this deceptions can occur in public wireless network environment for one, ARP deception, because
It is bigger for this environment flow of the people, it can not be on the defensive by way of the others such as binding ARP table.
When, there are when the virus of ARP deception, the process that ARP virus is cheated is as follows: as the A master in local area network in network
When machine sends data to outside local area network, A host can give whole network to send broadcast ARP request message, to apply for the MAC of gateway
Location.When gateway receives ARP request message, an arp response message can be replied and give A host.The host of ARP virus is carried at this time
Also a false arp response message can be replied and give A host, and usually false arp response message can be rung than the ARP of gateway
Answer message delay for a period of time or multiple several.In this way, A host will learn the MAC Address of the gateway to mistake, that is, carry
The message of the MAC Address of the host of ARP virus, the subsequent transmission of A host can arrive da virus host, so that A in local area network
Host suspension or data import viral host, so that internet security is poor, user data information is stolen, therefore needs one
For detecting network, whether safety and WLAN data transmission method for uplink are used for for the connection method of kind of detection WLAN
Ensure the data safety in transmit process.
Summary of the invention
The embodiment of the present invention provides a kind of connection of detection WLAN and WLAN data transmission method for uplink and its dress
Set, for detect network whether safety and solve the problems, such as to cause user data information to be stolen since network is dangerous.
The embodiment of the present invention includes a kind of methods of detection WLAN connection, this method comprises: receiving wireless access
The broadcast message of point device AP includes the service set SSID and Basic Service Set Identification BSSID of AP in the broadcast message;
Request is established WLAN with the first AP and is connect;After terminal establishes WLAN connection, the address of the terminal is obtained
The corresponding medium access control MAC Address of IP address of first AP in analysis protocol arp cache table, the arp cache table are eventually
End is generated according to the last received response message for carrying MAC Address;Determine the first AP's from the broadcast message of AP
SSID and BSSID;Determine whether the BSSID MAC Address corresponding with the IP address of the first AP is consistent, if inconsistent
It determines and the terminal currently establishes the WLAN of connection there are ARP deceptions.
In view of the problem of how ARP deception carries out Initiative Defense detected the presence of, the embodiment of the present invention also provides one kind
The data transmission method for uplink of WLAN, this method comprises: Microsoft Loopback Adapter will be sent to after data encryption to be sent, it is described pending
Sending data is the data for needing to be transmitted to network server by wireless access point device AP;After the Microsoft Loopback Adapter encapsulation encryption
Data to be sent destination address be security server IP address, the data after encapsulation are sent to physical network card;It is described
Data after the encapsulation are sent to the AP that connection is established with terminal by physical network card so that the AP by it is described it is encrypted to
Transmission data are sent to the security server and are decrypted and are sent to the network by the security server after decryption
Server
Based on same inventive concept, the embodiment of the present invention also provides a kind of device of detection WLAN connection, packet
Include: receiving module includes the SSID and base of AP for receiving the broadcast message of wireless access point device AP, in the broadcast message
Plinth service set BSSID;Link block is established WLAN with the first AP for request and is connect;Module is obtained, is used for
After the terminal establishes WLAN connection, the IP of the first AP in the Address Resolution Protocol ARP cache table of the terminal is obtained
The corresponding medium access control MAC Address in address, the arp cache table are terminals according to last received carrying MAC Address
What response message generated;First determining module, for determining the SSID and BSSID of the first AP from the broadcast message of AP;
Second determining module, whether the BSSID MAC Address corresponding with the IP address for determining the first AP is consistent, if not
There are ARP deceptions for the consistent then determining WLAN for currently establishing connection.In addition the embodiment of the present invention also provides a kind of wireless
The data sending device of local area network, comprising: encrypting module, it is described for Microsoft Loopback Adapter will to be sent to after data encryption to be sent
Data to be sent are the data for needing to be transmitted to network server by wireless access point device AP;Package module, for encapsulating
The destination address of encrypted data to be sent is the IP address of security server, and the data after encapsulation are sent to Physical Network
Card.Data after the encapsulation are sent to the AP that connection is established with terminal by sending module, so that the AP will be after the encryption
Data to be sent be sent to the security server and be decrypted and be sent to after decryption by the security server described
Network server.
The embodiment of the present invention is established wireless by the BSSID and terminal of the first AP of the detection proposed vertical WLAN of terminal
The MAC Address of the connection website of local area network whether unanimously come identify current connection website whether safety, another implementation of the invention
Example by data encryption to be sent, and via the exit passageway of Microsoft Loopback Adapter, physical network card, connection AP and security server by sending out
It send to network server, guarantees safety of the data in transmission process.
Detailed description of the invention
To describe the technical solutions in the embodiments of the present invention more clearly, make required in being described below to embodiment
Attached drawing is briefly introduced, it should be apparent that, drawings in the following description are only some embodiments of the invention, for this
For the those of ordinary skill in field, without any creative labor, it can also be obtained according to these attached drawings
His attached drawing.
Fig. 1 is the interaction figure of terminal and AP in the prior art;
Fig. 2 is that detection WLAN provided in an embodiment of the present invention connects flow diagram;
Interaction figure when Fig. 3 is the deception provided in an embodiment of the present invention there are ARP;
Fig. 4 is the data transmission method for uplink flow diagram of WLAN provided in an embodiment of the present invention;
Fig. 5 is the interaction figure of terminal provided in an embodiment of the present invention and AP, security server;
Fig. 6 is detection wireless local area net connecting device provided in an embodiment of the present invention;
Fig. 7 is the data sending device of WLAN provided in an embodiment of the present invention.
Specific embodiment
To make the objectives, technical solutions, and advantages of the present invention clearer, below in conjunction with attached drawing to the present invention make into
It is described in detail to one step, it is clear that the described embodiments are only some of the embodiments of the present invention, rather than whole implementation
Example.Based on the embodiments of the present invention, obtained by those of ordinary skill in the art without making creative efforts
All other embodiment, shall fall within the protection scope of the present invention.
Wireless aps (Access Point) are one comprising very wide title, be usually referred to as wireless access node,
Session point or access bridge, it not only includes pure wireless access point, is similarly wireless router i.e. radio network gateway, nothing
The general designation of the classes equipment such as gauze bridge.Wireless aps access point supports the wireless application of 2.4GHz frequency range, and susceptibility meets 802.11n mark
Standard, and exported using two-way radio frequency, it, can be by wireless distribution system in the region of large area per 600 milliwatt of maximum output all the way
Wireless coverage is disposed, is the wireless AP devices that large-scale public place develops wireless network indispensability.
It is shown in Figure 2, flow diagram, the process are connected for the detection WLAN that embodiment provides can include:
Step S101, the broadcast message of AP is received, includes the SSID and BSSID of AP in the broadcast message.
Step S102, request is established WLAN with the first AP and is connect.
Step S103, after terminal establishes WLAN connection, the Address Resolution Protocol ARP caching of the terminal is obtained
The corresponding medium access control MAC Address of the IP address of first AP in table, the arp cache table are terminals according to last received
Carry the response message generation of MAC Address.
Step S104, the SSID and BSSID of the first AP are determined from the broadcast message of AP.
Step S105, determine whether the BSSID MAC Address corresponding with the IP address of the first AP is consistent, if not
There are ARP deceptions for the consistent then determining WLAN for currently establishing connection.
In step S101 and step S102, terminal can be to the WLAN of surrounding before establishing WLAN connection
Signal is scanned, that is, obtains the broadcast message that WLAN issues, such as can be certainly after mobile phone open wifi connection
The SSID name of the wifi signal searched is all set out for dynamic scanning, and then user searches for from the signal being set out
Itself will connect SSID, and then input the corresponding password of the SSID and establish a connection, and the first AP in the step namely refers to
The corresponding wireless router of terminal itself SSID to be connected in the above process.
When terminal establish after the wireless lan connection, usually just will form arp cache table, saved in the arp cache table
Connection website IP address and MAC Address.Due to that may have ARP deception, institute in WLAN connection establishment process
It is not necessarily exactly the MAC Address of the first AP with the MAC Address.
Further, it is obtained in the arp cache table of the terminal by the operating system application programming interfaces API of terminal
The corresponding MAC Address of the IP address of one AP.Terminal above- mentioned information tool is obtained by the operating system application programming interfaces API of terminal
Have the advantages that easy to operate, because this process only needs the Applied layer interface of terminal operating system to support, no longer needs
The support for wanting terminal operating system bottom avoids the operation of the complexity such as bottom packet capturing.
At step 104, the SSID and corresponding BSSID of the first AP are determined from broadcast message, because what BSSID was represented
It is the corresponding MAC Address of the first AP, can be used for determining whether the BSSID is consistent with the MAC Address in cache table, works as definitive result
When being inconsistent, determines and terminal currently establish the WLAN of connection there are ARP deceptions.About determining the from broadcast message
The SSID of one AP and corresponding BSSID, can be in a step 102, and terminal request is established WLAN with the first AP and connect
In the process, the SSID and corresponding BSSID of the first AP is determined according to the broadcast message in step 101 and recorded;It is also possible to
It is extracted from the broadcast message of periodic broadcast after step 103.
Terminal stores the corresponding MAC Address of the IP address into pre-set blacklist list, the blacklist
List is for inquiring the last received response message for carrying MAC Address of terminal with the presence or absence of deception.Why black name is established
Single-row table is to find that current wireless Local Area Network is connect as early as possible during terminal establishes connection with wireless access point device
With the presence or absence of deception, after the response message that receiving terminal station point returns therefrom is resolved to MAC Address, from blacklist list
Inquiring the MAC Address whether there is, and if there is can so obtain current connection at once, there are ARP deceptions, and it is slow to omit formation
The step of depositing table and judging, improves the efficiency of detection.
Citing scene one below, as shown in figure 3, above-mentioned detection method is specifically described.
Assuming that the scene the corresponding SSID of a wireless aps be " library " covering radio local network environment in, in net
There are three hosts, respectively host A, host B, host C.Host C is " library " corresponding wireless aps, each host it is detailed
Information is described as follows:
The address of host A are as follows: IP:192.168.10.1;MAC:AA-AA-AA-AA-AA-AA
The address of host B are as follows: IP:192.168.10.2;MAC:BB-BB-BB-BB-BB-BB
The address of host C are as follows: IP:192.168.10.3;MAC:CC-CC-CC-CC-CC-CC
Under normal circumstances, host A can send broadcast ARP request message to whole network, to apply for the MAC Address of host C.When
When host C receives ARP request message, an arp response message can be replied and give A host, connection is established between host A and host C
After communicated.But host B sends the arp reply of oneself forgery, the response message in this response to host A at this time
The MAC Address of IP address, that is, 192.168.10.3 and host B including host C are BB-BB-BB-BB-BB-BB.When host A most
The response message received afterwards is the arp reply that host B is forged, and just will be updated the arp cache table of host A, and at this moment host B is just pseudo-
Dress up host C.Meanwhile host B equally sends an arp reply to host C, the IP address of host A is in response bag
192.168.10.1 it with MAC Address, that is, BB-BB-BB-BB-BB-BB of host B, is answered when host C receives the ARP that host B is forged
It answers, also will be updated the arp cache table of host C, at this moment B has just disguised oneself as A.Host A and C so is all cheated by host B, A and C it
Between the data that communicate all have passed through B.The ARP that host B constitutes host A and host C is cheated.In order to detect host B, host A
IP address and MAC Address are therefrom parsed after obtaining arp reply, and host A obtains the broadcast message issued by host C, extensively
It broadcasts and contains BSSID in message, whether host A compares BSSID consistent with MAC Address, if it find that it is inconsistent, then can sentence
Disconnected host B out is illegal host, it is believed that is viral host.
In view of transmitting the problem of data safety of data in a wireless local area network, the embodiment of the present invention also provides a kind of wireless
The data transmission method for uplink flow diagram of local area network, as shown in figure 4, the process can include:
Step S201, will be sent to Microsoft Loopback Adapter after data encryption to be sent, the data to be sent are to need by AP
It is transmitted to the data of network server.
Step S202, the destination address that the Microsoft Loopback Adapter encapsulates encrypted data to be sent is the IP of security server
Data after encapsulation are sent to physical network card by address.
Data after the encapsulation are sent to the AP that connection is established with terminal by step S203, the physical network card, so that
The encrypted data to be sent are sent to the security server and are decrypted and after decryption by the peace by the AP
Full server is sent to the network server.
Wherein, in executing step S201, the mode of data encryption to be sent is generally executed by VPN client, specifically,
The information such as IP address, the port of software input destination vpn server, terminal are opened after terminal installation vpn client
The data of transmission are completed to encrypt by the process of VPN client by VPN client, the purpose for the arrangement is that not yet reaching in data
First data are encrypted before physical network card, even if network is dangerous there are ARP deception, illegitimate site receives encryption data
Original data can not be also parsed later.
Before executing step S201, terminal needs to be pre-created Microsoft Loopback Adapter and route table items is arranged, the routing table
Item makes that the data to be sent are sent to the Microsoft Loopback Adapter and the terminal and the security server establishes virtual private
Network connection, so-called security server refer generally to vpn server.
Before terminal sends connection request to vpn server, terminal first carries out above-mentioned detection WLAN connection side
Method, that is, step S101 to step S105, in this way, suggesting that terminal executes the embodiment of the present invention when terminal discovery network is dangerous
Step S201 to step S203, when terminal finds network security can directly by AP connection network so that user according to
Actual needs is selected, and more practical, user experience is more preferable.
After terminal sends data to network side by above step, the feedback of network side just will receive, therefore also wrap
The process that terminal receives data is included, specifically, the physical network card receives adding by the AP network server forwarded
Ciphertext data, the encryption data are to be encrypted by the vpn server to the feedback data for receiving the network server;
The encryption data is sent to the Microsoft Loopback Adapter by the physical network card;The Microsoft Loopback Adapter forwards encryption data to safety clothes
The corresponding client of device be engaged in complete the decryption to the encryption data.
In order to be further described through above-mentioned WLAN data transmission method for uplink process, specific terminal is provided below
With the interaction figure of other equipment, as shown in Figure 5.
When terminal detects WLAN connection in the presence of cheating dangerous, terminal creates Microsoft Loopback Adapter, and road is arranged
By list item, as shown by the solid line in the drawings, wherein the process of terminal transmission data is as follows for data transmit-receive process: terminal sends first when data
Data to be sent are encrypted by the corresponding client of security server, then Microsoft Loopback Adapter is by the IP of security server
Location is loaded into the header in encryption data, then the data after encapsulation are sent to physical network card, and physical network card is by the encapsulation
Data afterwards are sent to the AP that connection is established with terminal, which is sent to the security service for encrypted data to be sent
Device, the data of encryption are decrypted and then are connected outside network resource by security server, on the contrary, terminal receives the mistake of data
Journey are as follows: outside network resource feedbacks data to security server, and security server will be passed through after the data encryption of feedback and be sent by AP
To terminal, the physical network card of terminal inner receives encrypted Data Concurrent and send to Microsoft Loopback Adapter, virtual to forward encryption data extremely
The corresponding client of security server, then client completes the decryption to the encryption data.
When terminal detects WLAN connection there is no in the case where deception i.e. network security, the data of terminal can
Directly to connect outside network resource by AP.
As it can be seen that terminal can according to circumstances select above two different implementation one of, such terminal with
Network side can secure communication, it is ensured that safety of the data in transmit process, entire realization process are only needed in terminal side
Be previously-completed configuration can, without the cooperation of other hardware such as AP etc., this method realize process facilitate it is feasible, convenient for business
Application implementation.
Based on the same technical idea, the embodiment of the invention also provides detection wireless local area net connecting device, the devices
The detection WLAN connection method process of implementable above-described embodiment description.
As shown in fig. 6, the device can include: receiving module 301, link block 302 obtain module 303, and first determines mould
Block 304, the second determining module 305, in which:
Receiving module 301 includes SSID and the infrastructure service of AP for receiving the broadcast message of AP, in the broadcast message
Set identifier BSSID;
Link block 302 is established WLAN with the first AP for request and is connect;
Module 303 is obtained, for obtaining the address resolution of the terminal after the terminal establishes WLAN connection
The corresponding medium access control MAC Address of IP address of the first AP, the arp cache table are terminal roots in agreement arp cache table
It is generated according to the last received response message for carrying MAC Address;
First determining module 304, for determining the SSID and BSSID of the first AP from the broadcast message of AP;
Second determining module 305, for determining that the BSSID MAC Address corresponding with the IP address of the first AP is
It is no consistent, determine that there are ARP deceptions for the current WLAN for establishing connection if inconsistent.
Further, it obtains module 303 to be specifically used for: institute is obtained by the operating system application programming interfaces API of terminal
The corresponding MAC Address of IP address of the first AP in the arp cache table of terminal is stated, this have the effect that only need terminal operation system
The Applied layer interface of system is supported, it is no longer necessary to which the support of terminal operating system bottom avoids the complexity such as bottom packet capturing
Operation, operate it is more convenient feasible.
Further, the second determining module 305 is specifically used for: when definitive result is inconsistent, by the IP address pair
The MAC Address answered is stored into pre-set blacklist list, and the blacklist list is last received for inquiring terminal
The response message of MAC Address is carried with the presence or absence of deception.Why establishing blacklist list is in order in terminal and wireless access
Point device finds current wireless Local Area Network connection with the presence or absence of deception, because of receiving terminal station point as early as possible during establishing connection
The response message of return, terminal can therefrom be resolved to MAC Address, if having inquired the MAC Address from blacklist list,
It can so show that there are ARP deceptions for current connection at once, in this way, can simplify the process of detection WLAN connection, mention
The efficiency of high detection.
Based on technical concept identical with transfer approach in WLAN, the embodiment of the invention also provides wireless local areas
The data sending device of net, the data transmission method for uplink process of the WLAN of the implementable above-described embodiment description of the device.
As shown in fig. 7, the device can include: encrypting module 401, package module 402, sending module 403, in which:
Encrypting module 401, for will be sent to Microsoft Loopback Adapter after data encryption to be sent, the data to be sent are to need
The data of network server are transmitted to by wireless access point device AP;
Package module 402, the destination address for encapsulating encrypted data to be sent are the IP address of security server,
Data after encapsulation are sent to physical network card.
Data after the encapsulation are sent to the AP that connection is established with terminal by sending module 403, so that the AP is by institute
It states encrypted data to be sent and is sent to the security server and be decrypted and sent out after decryption by the security server
Give the network server.
Further, further includes: setup module, for creating Microsoft Loopback Adapter and route table items being arranged, the route table items
So that the data to be sent are sent to the Microsoft Loopback Adapter;
Link block is established, is connect for establishing Virtual Private Network with the vpn server.
Whether detection module pacifies for the method detection current wireless Local Area Network connection using step S101 to step S105
Entirely, it is executed if inconsistent to Virtual Private Network vpn server and sends connection request, in this way, when terminal discovery network is uneasy
It is full-time to suggest that terminal executes step of embodiment of the present invention S201 to step S203, it can be straight when terminal finds network security
AP connection network was connected, so that user selects according to actual needs, more practical, user experience is more preferable.
After terminal sends data to network side by above step, the feedback of network side just will receive, therefore also wrap
The process that terminal receives data is included, therefore the encrypting module is also used to: receiving the network server forwarded by the AP
Encryption data, the encryption data be by the vpn server to receive the network server feedback data carry out
Encryption;Sending module is also used to the encryption data for being sent to the Microsoft Loopback Adapter being forwarded to the corresponding visitor of security server
Family end is to complete the decryption to the encryption data.
Terminal and network side can secure communications by apparatus above in this way, it is ensured that peace of the data in transmit process
Entirely, entire realization process only need terminal side be previously-completed configuration can, should without the cooperation of other hardware such as AP etc.
It is feasible that method realizes that process facilitates, and is convenient for business application.
In conclusion on the one hand the embodiment of the present invention passes through the current connection website of detection WLAN connection method identification
It is whether safe, safe lane is on the other hand established by WLAN data transmission method for uplink so that the number that terminal sends or receives
It is forwarded according to by the safe lane, guarantees safety of the data in transmission process, this method is easy to operate feasible, is convenient for
Business application.
The present invention be referring to according to the method for the embodiment of the present invention, the process of equipment (system) and computer program product
Figure and/or block diagram describe.It should be understood that every one stream in flowchart and/or the block diagram can be realized by computer program instructions
The combination of process and/or box in journey and/or box and flowchart and/or the block diagram.It can provide these computer programs
Instruct the processor of general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices to produce
A raw machine, so that being generated by the instruction that computer or the processor of other programmable data processing devices execute for real
The device for the function of being specified in present one or more flows of the flowchart and/or one or more blocks of the block diagram.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy
Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates,
Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or
The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting
Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or
The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one
The step of function of being specified in a box or multiple boxes.
Although preferred embodiments of the present invention have been described, it is created once a person skilled in the art knows basic
Property concept, then additional changes and modifications may be made to these embodiments.So it includes excellent that the following claims are intended to be interpreted as
It selects embodiment and falls into all change and modification of the scope of the invention.
Obviously, various changes and modifications can be made to the invention without departing from essence of the invention by those skilled in the art
Mind and range.In this way, if these modifications and changes of the present invention belongs to the range of the claims in the present invention and its equivalent technologies
Within, then the present invention is also intended to include these modifications and variations.
Claims (12)
1. a kind of method of detection WLAN connection, which is characterized in that this method comprises:
The broadcast message of wireless access point device AP is received, includes service set SSID and the basis of AP in the broadcast message
Service set BSSID;
Request is established WLAN with the first AP and is connect;
After terminal establishes WLAN connection, the first AP in the Address Resolution Protocol ARP cache table of the terminal is obtained
The corresponding medium access control MAC Address of IP address, the arp cache table are terminals according to last received carrying MAC Address
Response message generate;
The SSID and BSSID of the first AP are determined from the broadcast message of AP;
Determine whether the BSSID MAC Address corresponding with the IP address of the first AP consistent, if inconsistent determine described in
Terminal currently establishes the WLAN of connection, and there are ARP deceptions.
2. the method as described in claim 1, which is characterized in that with obtaining in the arp cache table of the terminal IP of the first AP
The corresponding MAC Address in location, comprising:
The IP address of the first AP in the arp cache table of the terminal is obtained by the operating system application programming interfaces API of terminal
Corresponding MAC Address.
3. the method as described in any claim of claim 1 to 2, which is characterized in that further include:
When definitive result is inconsistent, the corresponding MAC Address of the IP address is stored to pre-set blacklist list
In, the blacklist list is used to inquire the last received response message for carrying MAC Address of terminal with the presence or absence of deception.
4. the method as described in claim 1, which is characterized in that determine that the terminal currently establishes the nothing of connection if inconsistent
There are the subsequent processing of data to be sent after ARP deception, this method for line local area network further include:
Microsoft Loopback Adapter will be sent to after data encryption to be sent, the data to be sent are to need by wireless access point device AP
It is transmitted to the data of network server;
The destination address that the Microsoft Loopback Adapter encapsulates encrypted data to be sent is the IP address of security server, after encapsulation
Data be sent to physical network card;
Data after the encapsulation are sent to the AP that connection is established with terminal by the physical network card, so that the AP described will add
Data to be sent after close are sent to the security server and are decrypted and are sent to after decryption by the security server
The network server.
5. method as claimed in claim 4, which is characterized in that the security server is Virtual Private Network vpn server;
It is described that data to be sent are sent to before Microsoft Loopback Adapter, further includes:
Simultaneously route table items are arranged in creation Microsoft Loopback Adapter, and the route table items make the data to be sent be sent to the virtual net
Card;
Virtual Private Network is established with the vpn server to connect.
6. method as claimed in claim 4, which is characterized in that further include:
The physical network card receives the encryption data by the AP network server forwarded, and the encryption data is by institute
Security server is stated to encrypt the feedback data for receiving the network server;
The encryption data is sent to the Microsoft Loopback Adapter by the physical network card;
The Microsoft Loopback Adapter forwards the encryption data to the corresponding client of the security server to complete to the encryption
The decryption of data.
7. a kind of device of detection WLAN connection characterized by comprising
Receiving module, for receiving the broadcast message of wireless access point device AP, SSID in the broadcast message including AP and
Basic Service Set Identification BSSID;
Link block is established WLAN with the first AP for request and is connect;
Module is obtained, for after terminal establishes WLAN connection, obtaining the Address Resolution Protocol ARP caching of the terminal
The corresponding medium access control MAC Address of the IP address of first AP in table, the arp cache table are terminals according to last received
Carry the response message generation of MAC Address;
First determining module, for determining the SSID and BSSID of the first AP from the broadcast message of AP;
Second determining module, whether the BSSID MAC Address corresponding with the IP address for determining the first AP is consistent,
Determine that there are ARP deceptions for the current WLAN for establishing connection if inconsistent.
8. device as claimed in claim 7, which is characterized in that the acquisition module is specifically used for:
The IP address of the first AP in the arp cache table of the terminal is obtained by the operating system application programming interfaces API of terminal
Corresponding MAC Address.
9. device as claimed in claim 7, which is characterized in that second determining module is specifically used for:
When definitive result is inconsistent, the corresponding MAC Address of the IP address is stored to pre-set blacklist list
In, the blacklist list is used to inquire the last received response message for carrying MAC Address of terminal with the presence or absence of deception.
10. a kind of data sending device of WLAN characterized by comprising
Detection module, for receiving the broadcast message of wireless access point device AP, SSID in the broadcast message including AP and
Basic Service Set Identification BSSID;
Request is established WLAN with the first AP and is connect;
After terminal establishes WLAN connection, the first AP in the Address Resolution Protocol ARP cache table of the terminal is obtained
The corresponding medium access control MAC Address of IP address, the arp cache table are terminals according to last received carrying MAC Address
Response message generate;
The SSID and BSSID of the first AP are determined from the broadcast message of AP;
Determine whether the BSSID MAC Address corresponding with the IP address of the first AP is consistent, it will be to be sent if inconsistent
Microsoft Loopback Adapter is sent to after data encryption;
Encrypting module currently establishes the WLAN of connection there are after ARP deception for determining in the detection module, will be to
It is sent to Microsoft Loopback Adapter after sending data encryption, the data to be sent are to need to be transmitted to net by wireless access point device AP
The data of network server;
Package module, the destination address for encapsulating encrypted data to be sent are the IP address of security server, will be encapsulated
Data afterwards are sent to physical network card;
Data after the encapsulation are sent to the AP that connection is established with terminal by sending module, so that the AP is by the encryption
Data to be sent afterwards are sent to the security server and are decrypted and are sent to institute by the security server after decryption
State network server.
11. device as claimed in claim 10, which is characterized in that the security server is Virtual Private Network VPN service
Device, further includes:
Setup module, for creating Microsoft Loopback Adapter and route table items being arranged, the route table items make the data hair to be sent
Give the Microsoft Loopback Adapter;
Link block is established, is connect for establishing Virtual Private Network with the vpn server.
12. device as claimed in claim 10, which is characterized in that the encrypting module is also used to: reception is forwarded by the AP
The network server encryption data, the encryption data is by the security server to receiving the network service
The feedback data of device is encrypted;
It is corresponding that sending module is also used to for the encryption data for being sent to the Microsoft Loopback Adapter being forwarded to the security server
Client to complete the decryption to the encryption data.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910952811.4A CN111093198B (en) | 2015-07-23 | 2015-07-23 | Wireless local area network data transmission method and device |
CN201510439627.1A CN106376003B (en) | 2015-07-23 | 2015-07-23 | Detect WLAN connection and WLAN data transmission method for uplink and its device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510439627.1A CN106376003B (en) | 2015-07-23 | 2015-07-23 | Detect WLAN connection and WLAN data transmission method for uplink and its device |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910952811.4A Division CN111093198B (en) | 2015-07-23 | 2015-07-23 | Wireless local area network data transmission method and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106376003A CN106376003A (en) | 2017-02-01 |
CN106376003B true CN106376003B (en) | 2019-11-19 |
Family
ID=57880246
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510439627.1A Active CN106376003B (en) | 2015-07-23 | 2015-07-23 | Detect WLAN connection and WLAN data transmission method for uplink and its device |
CN201910952811.4A Active CN111093198B (en) | 2015-07-23 | 2015-07-23 | Wireless local area network data transmission method and device |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910952811.4A Active CN111093198B (en) | 2015-07-23 | 2015-07-23 | Wireless local area network data transmission method and device |
Country Status (1)
Country | Link |
---|---|
CN (2) | CN106376003B (en) |
Families Citing this family (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106714092A (en) * | 2017-02-13 | 2017-05-24 | 惠州Tcl移动通信有限公司 | Mobile terminal-based WIFI data processing method and system |
CN108574672A (en) * | 2017-03-10 | 2018-09-25 | 武汉安天信息技术有限责任公司 | The method and device of ARP attack perception applied to mobile terminal |
CN109428862A (en) * | 2017-08-29 | 2019-03-05 | 武汉安天信息技术有限责任公司 | A kind of method and apparatus detecting ARP attack in local area network |
CN107508931B (en) * | 2017-09-29 | 2019-08-30 | Oppo广东移动通信有限公司 | Wireless network communication method, device, storage medium and computer equipment |
KR20190076313A (en) * | 2017-12-22 | 2019-07-02 | (주)노르마 | System and method for detecting arp spoofing |
CN108124301A (en) * | 2017-12-29 | 2018-06-05 | 深圳市智搜信息技术有限公司 | A kind of connection method of wireless aps and its system |
CN108768937B (en) * | 2018-04-13 | 2021-06-25 | 上海尚往网络科技有限公司 | Method and equipment for detecting ARP spoofing in wireless local area network |
CN108430063B (en) * | 2018-04-13 | 2021-11-19 | 上海尚往网络科技有限公司 | Method and equipment for monitoring ARP spoofing in wireless local area network |
CN108989173B (en) * | 2018-07-09 | 2020-04-28 | 新华三技术有限公司 | Message transmission method and device |
CN109067751B (en) * | 2018-08-14 | 2021-01-01 | 腾讯科技(深圳)有限公司 | ARP spoofing detection method and device under non-Root environment and terminal |
CN109041101B (en) * | 2018-08-24 | 2022-03-18 | 北京小米移动软件有限公司 | WIFI cut-off processing method, terminal, server and storage medium |
CN109067764B (en) * | 2018-08-29 | 2020-09-04 | 新华三技术有限公司 | Method and device for establishing equipment table entry |
CN111194019A (en) * | 2018-11-14 | 2020-05-22 | 杭州海康威视数字技术股份有限公司 | Control method and control device for vehicle-mounted equipment |
JP7263098B2 (en) * | 2018-12-27 | 2023-04-24 | パナソニック インテレクチュアル プロパティ コーポレーション オブ アメリカ | Terminal, communication method and program |
CN110943984B (en) * | 2019-11-25 | 2021-09-28 | 中国联合网络通信集团有限公司 | Asset safety protection method and device |
CN111093250B (en) * | 2019-12-26 | 2022-02-25 | Oppo(重庆)智能科技有限公司 | Network scanning method, device, terminal and storage medium |
CN111885621B (en) * | 2020-07-10 | 2023-06-06 | 深圳创维数字技术有限公司 | Wireless message grabbing method, system, terminal and storage medium |
CN113194445A (en) * | 2021-04-15 | 2021-07-30 | 厦门亿联网络技术股份有限公司 | Connection method and device |
CN113411809B (en) * | 2021-07-30 | 2023-03-17 | 浙江大华技术股份有限公司 | Method and device for preventing access pseudo AP and AP hijacking |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101110821A (en) * | 2007-09-06 | 2008-01-23 | 华为技术有限公司 | Method and apparatus for preventing ARP address cheating attack |
CN101605077A (en) * | 2008-06-10 | 2009-12-16 | 上海贝尔阿尔卡特股份有限公司 | A kind of providing by the WiFi network moved method and the device thereof that inserts |
CN103561449A (en) * | 2013-11-08 | 2014-02-05 | 福建星网锐捷网络有限公司 | Wireless access method and wireless access point |
CN104219339A (en) * | 2014-09-17 | 2014-12-17 | 北京金山安全软件有限公司 | Method and device for detecting address resolution protocol attack in local area network |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1852192A (en) * | 2005-10-21 | 2006-10-25 | 华为技术有限公司 | Network identifying method in wireless local network |
CN101272246B (en) * | 2008-04-09 | 2011-06-01 | 西安西电捷通无线网络通信股份有限公司 | Data safety transmission method and system of virtual network card and physical network card |
CN104168173B (en) * | 2010-08-20 | 2018-01-16 | 华为技术有限公司 | The method, apparatus and network system of terminal crosses private network and server communication in IMS core net |
CN102801695B (en) * | 2011-05-27 | 2015-10-14 | 华耀(中国)科技有限公司 | Virtual private network (VPN) communication equipment and data pack transmission method thereof |
CN103139071B (en) * | 2011-11-29 | 2016-07-13 | 华为技术有限公司 | Message forwarding method, device and system |
CN102664896A (en) * | 2012-04-28 | 2012-09-12 | 郑州信大捷安信息技术股份有限公司 | Safety network transmission system and method based on hardware encryption |
CN103052094B (en) * | 2013-01-30 | 2015-05-13 | 公安部第三研究所 | Method for acquiring service set identifier of wireless mobile terminal |
-
2015
- 2015-07-23 CN CN201510439627.1A patent/CN106376003B/en active Active
- 2015-07-23 CN CN201910952811.4A patent/CN111093198B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101110821A (en) * | 2007-09-06 | 2008-01-23 | 华为技术有限公司 | Method and apparatus for preventing ARP address cheating attack |
CN101605077A (en) * | 2008-06-10 | 2009-12-16 | 上海贝尔阿尔卡特股份有限公司 | A kind of providing by the WiFi network moved method and the device thereof that inserts |
CN103561449A (en) * | 2013-11-08 | 2014-02-05 | 福建星网锐捷网络有限公司 | Wireless access method and wireless access point |
CN104219339A (en) * | 2014-09-17 | 2014-12-17 | 北京金山安全软件有限公司 | Method and device for detecting address resolution protocol attack in local area network |
Also Published As
Publication number | Publication date |
---|---|
CN111093198B (en) | 2023-04-28 |
CN111093198A (en) | 2020-05-01 |
CN106376003A (en) | 2017-02-01 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106376003B (en) | Detect WLAN connection and WLAN data transmission method for uplink and its device | |
US20220360634A1 (en) | User plane model for non-3gpp access to fifth generation core network | |
CN110087236A (en) | For establishing the agreement of secure communication session by wireless network and anonymous host | |
US11451510B2 (en) | Method and apparatus for processing service request | |
US9003527B2 (en) | Automated method and system for monitoring local area computer networks for unauthorized wireless access | |
US9967738B2 (en) | Methods and arrangements for enabling data transmission between a mobile device and a static destination address | |
CN107819732B (en) | Method and device for user terminal to access local network | |
CN104883217B (en) | A kind of method, system and the equipment of transmitting satellite message | |
CN104967595A (en) | Method and apparatus for registering devices on Internet of things platform | |
EA013147B1 (en) | Method and system for providing an access specific key | |
CN107005430B (en) | Communication method, device and system based on data link layer | |
US11805416B2 (en) | Systems and methods for multi-link device privacy protection | |
CN104619040A (en) | Method and system for quickly connecting WIFI equipment | |
US8982861B2 (en) | Mobile access controller for fixed mobile convergence of data service over an enterprise WLAN | |
CN113068181B (en) | Multi-type intelligent terminal safety network access method | |
CN106454814A (en) | GTP tunnel communication system and method | |
CN108093390A (en) | A kind of smart machine of feature based information finds method | |
CN104955036A (en) | Secure networking method and device in public Wi-Fi (wireless fidelity) environment | |
CN113518475B (en) | Communication method, device and system | |
US8724506B2 (en) | Detecting double attachment between a wired network and at least one wireless network | |
EP3220584A1 (en) | Wifi sharing method and system, home gateway and wireless local area network gateway | |
CN105898720B (en) | A kind of processing method of short message, apparatus and system | |
CN103916849A (en) | Method and apparatus for wireless LAN communication | |
CN101938735B (en) | Method for accessing terminal to a WiMAX core network through WiFi network and interworking network | |
US10111097B2 (en) | Method for network traffic routing |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |