KR101625437B1 - Method and System for analyzing wireless device using unlicensed wireless signal detection standard - Google Patents
Method and System for analyzing wireless device using unlicensed wireless signal detection standard Download PDFInfo
- Publication number
- KR101625437B1 KR101625437B1 KR1020150173424A KR20150173424A KR101625437B1 KR 101625437 B1 KR101625437 B1 KR 101625437B1 KR 1020150173424 A KR1020150173424 A KR 1020150173424A KR 20150173424 A KR20150173424 A KR 20150173424A KR 101625437 B1 KR101625437 B1 KR 101625437B1
- Authority
- KR
- South Korea
- Prior art keywords
- wireless
- signal
- module
- list
- wireless device
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W48/00—Access restriction; Network selection; Access point selection
- H04W48/16—Discovering, processing access restriction or access information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W64/00—Locating users or terminals or network equipment for network management purposes, e.g. mobility management
- H04W64/003—Locating users or terminals or network equipment for network management purposes, e.g. mobility management locating network equipment
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W88/00—Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
- H04W88/08—Access point devices
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
Description
The present invention relates to a wireless signal analysis technique, and more particularly, to a wireless device analysis method that supports functions for detecting and / or tracking wireless devices used as unauthorized persons by utilizing a general tablet PC (or Android OS) And systems.
In particular, the present invention relates to a wireless device analysis method and system capable of detecting, tracking, and managing unauthorized smart devices, wireless printers, and unauthorized mobile wireless networks (ad-hoc) .
Recently, there has been a rapid increase in the number of smart devices, such as a hotspot generating a wireless signal, an ad-hoc mobile AP (access point) product that can be configured as a wireless signal between WiBro or smart devices, And various IoT (Internet Of Things) devices are rapidly increasing. Using such a smart device, various types of networks can be constructed and utilized.
However, these wireless infrastructures, which have to be operated at the relevant sites through sufficient security level and legal procedures, are sometimes used as illegal activities such as misuse or internal data leakage. A more serious problem is that white users do not comply with wireless security standards, so they become black users and can even be used as targets for hackers.
Many companies have introduced Wireless Intrusion Prevention System (WIPS) to control and manage sensors in their buildings. However, it is not cost-effective to detect, block, and manage unlicensed radio signals in military or large-scale business sites, and measures against shadow areas (undetected areas) are also insufficient.
In addition, it is very difficult to distribute it to the security officer as a high cost product in the case of the use of foreign foreign radio detection equipment which is used as a measuring instrument. Therefore, it is required to develop an unmanned wireless signal detection system based on the Android platform based on the existing Android platform and an analysis system using the same for a business site where it is difficult to introduce a high cost blocking system such as WIPS or commercial foreign radio detection equipment or because it is difficult to detect because of many shadow areas.
In addition, since unauthorized wireless APs can be connected to a downstream connection client (eg, laptop, tablet, etc.), various internal data can be leaked.
The present invention has been proposed in order to solve the problem according to the above background art, and it is an object of the present invention to provide a wireless device which supports functions for detecting and / or tracking wireless devices used as unauthorized users by utilizing a general tablet PC (or Android OS) And an analysis method and system.
In particular, the present invention provides a wireless device analysis method and system capable of detecting, tracking, and managing unauthorized smart devices, wireless printers, and unauthorized mobile wireless networks (ad-hoc) There is another purpose.
The present invention provides a method of analyzing a wireless device supporting functions for detecting and / or tracking wireless devices being used as unauthorized persons by utilizing a general tablet PC (or Android OS) device.
The wireless device analysis method includes:
An administrator registration step of receiving the manager information from the manager and registering the manager information in the manager information DB (DataBase);
A wireless signal detection step in which a wireless access point (AP) signal detection module detects a wireless signal of a wireless AP based on a current location;
Checking the black list or the white list according to whether the unauthorized wireless AP is applicable to the wireless AP and storing the black list or the white list in the wireless AP list DB;
A location tracking step in which a wireless AP location tracking module tracks a location for the wireless signal; And
And a connection detecting step in which the connection device output module detects wireless connection devices connected to the wireless AP.
The wireless device analysis method may further include, after the connection detection step, the wireless device map generation module outputs the matching devices on a map.
The wireless AP signal detection module may include a non-directional antenna for searching for the wireless signal.
The wireless device analysis method may further include, after the connection detection step, tracking the wireless signal by replacing the wireless AP location tracking module with a directional antenna to track additional wireless connection devices connected to the wireless AP; And storing the additional wireless connection devices detected as a result of the tracking in an unauthorized device DB.
Wherein the detection of the wireless connection devices is performed by comparing the intensity of the first collected wireless signal with a first threshold value that is set in advance and the detection of the additional wireless connected devices is performed after the first acquisition, And comparing the intensity with a preset second threshold value, wherein the first threshold value and the second threshold value are different from each other.
Also, the secondary collection may be performed after moving to a predetermined distance in the direction of the lowest signal among the signal directions indicated by the antenna at the time of the primary collection.
The collection information for the wireless AP and the wireless connection devices includes a BBSID (Basic Service Set IDentification) indicating a MAC (Media Access Control) address for distinguishing 48-bit BBS (Basic Service Set) in 802.11, An SSID (Service Set IDentifier) indicating a unique identifier present, a level indicating a degree of detection of the wireless signal, and a GPS indicating location information of the wireless AP and the wireless connection device to be detected.
According to another aspect of the present invention, there is provided an information processing apparatus including an administrator registration module, a wireless AP signal detection module, a black-white list detection module, a connected device output module, And a management server unit (220) having a wireless AP list DB, wherein the manager registration module receives manager information from an administrator and transmits the manager information to the manager information DB DataBase), and the wireless AP signal detection module detects a wireless signal of the wireless AP based on the current location, and the black-white list detection module detects whether or not the wireless AP is an unauthorized wireless AP And stores the black list or the white list in the wireless AP list DB, Tracking module monitors a position of the wireless signal, and the connection device output module detects wireless connection devices connected to the wireless AP.
According to the present invention, in the case of a wireless signal, a 2.4 GHz to 5 GHz wireless band wireless equipment signal using the 802.11x standard protocol is extensively detected using an omnidirectional antenna and output, (One-fifth of the cost of a commercial product).
In addition, another effect of the present invention is that it is very portable because it was developed as an application based on an Android OS (Operating System). That is, the technique used in the present invention can be directly applied to vehicle navigation, commercial drones, and various Android-based devices, so that it can be applied versatile.
Another effect of the present invention is to detect when there is communication between a wireless AP and a device and to support management of the detected wireless AP signal in a black / .
As another effect of the present invention, it is possible to easily support antenna replacement by using an external wireless LAN adapter using an OTG (On The Go) cable to connect an external antenna (directional or non-directional) to a conventional tablet PC .
FIG. 1 is a block diagram of a wireless
2 is a flowchart illustrating a radio signal tracking process according to an embodiment of the present invention.
3 is a diagram illustrating a visualization state of an unlicensed wireless device according to an exemplary embodiment of the present invention.
While the invention is susceptible to various modifications and alternative forms, specific embodiments thereof are shown by way of example in the drawings and will herein be described in detail. It is to be understood, however, that the invention is not to be limited to the specific embodiments, but includes all modifications, equivalents, and alternatives falling within the spirit and scope of the invention.
Like reference numerals are used for similar elements in describing each drawing.
The terms first, second, etc. may be used to describe various components, but the components should not be limited by the terms. The terms are used only for the purpose of distinguishing one component from another.
For example, without departing from the scope of the present invention, the first component may be referred to as a second component, and similarly, the second component may also be referred to as a first component. The term "and / or" includes any combination of a plurality of related listed items or any of a plurality of related listed items.
Unless otherwise defined, all terms used herein, including technical or scientific terms, have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs.
Terms such as those defined in commonly used dictionaries are to be interpreted as having a meaning consistent with the contextual meaning of the related art and are to be interpreted as either ideal or overly formal in the sense of the present application Should not.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, a method and system for analyzing a wireless device using an unauthorized wireless signal detection system according to an embodiment of the present invention will be described in detail with reference to the accompanying drawings.
The present invention utilizes existing Tablet PC (Android OS) devices to support functions for detecting and / or tracking unauthorized wireless devices. In the case of radio signals, 2.4GHz to 5GHz radio band using the 802.11x standard protocol. Wireless equipment signals are detected extensively using an omnidirectional antenna, and the position can be tracked using a directional antenna for this signal. . At this time, it supports easy antenna replacement by using OTG (On The Go) cable and external wireless LAN adapter to connect an external antenna (directional or non-directional) to the existing tablet PC. It also detects communication between a wireless access point (AP) and a client. It supports to manage the detected wireless AP signal in black / white list. A configuration according to an embodiment of the present invention for realizing this is shown in FIG.
FIG. 1 is a block diagram of a wireless
The application unit 110 includes an administrator registration module 110a for registering basic information of an administrator, a wireless AP signal detection module 110b for detecting a wireless access point (AP) signal, and wireless device information connected to the wireless AP A wireless AP location tracking module 110d for tracking an unauthorized wireless AP or an additional wireless device connected to the AP, a black / white list detection module 110e for detecting whether an unauthorized AP is registered, And the like.
Meanwhile, the management server unit 220 includes an
First, the management entity collects manager information as basic information such as the name, affiliation, etc. of the actual security officer who is the manager through the manager registration module 110a, thereby identifying the inspection subject. The manager information is stored and managed in the
The application executed by the manager searches the wireless signal (2.4 GHz to 5 GHz) in the 100-m radius region by the wireless AP signal detection module 110b with a non-directional antenna and detects the wireless signal. If there is a detected wireless AP, the Black / White list detection module 110e confirms whether the wireless AP is registered, and when the wireless AP is unauthorized, it transmits and manages the information to the wireless AP list DB 220b.
In addition, the connection device output module 110c extracts information of wireless connection devices connected to the wireless AP. At this time, the wireless AP tracking module 110d tracks the wireless signal by using a directional antenna to track an unauthorized wireless AP or an additional wireless device connected to the unauthorized wireless AP. A diagram showing this is shown in Fig. 2, which will be described later.
At this time, the information of the additional unauthorized additional wireless connection devices detected at this time is stored in the unauthorized device DB 220c, and is integratedly managed by the black / white list management module 220d. The collected information of the wireless AP and / or the wireless connection devices managed and stored at this time is shown in Table 1 below.
Here, the unlicensed wireless device may include a wireless AP, a wireless connection device, and an additional wireless connection device.
Finally, the GPS location information of the last unlicensed wireless device (i.e., the wireless AP, the wireless connection device, and the additional wireless connection device) detected through the wireless device map generation module 220e is mapped to the Google map, And graphically displays and manages the visualization. A diagram showing this is shown in Fig.
2 is a flowchart illustrating a radio signal tracking process according to an embodiment of the present invention. Referring to FIG. 2, until a radio signal of 70 dB or less (x <70 dB, x: first search wireless signal strength) is detected through an antenna (not shown) provided in the wireless AP signal detection module 110b And searches around the inspection area (steps S210 and S220).
In step S220, when a radio signal of 70 dB or less is detected, the mobile station rotates 360 degrees at the corresponding point and moves in y direction in the direction of the lowest signal (dB) of the direction indicated by the directional antenna. However, if the signal can not be collected properly, the wireless AP signal detection module 110b of FIG. 1 repeats the search again (step S230).
However, if the primary radio signal is less than 40 dB, the surrounding search is performed immediately by the search (step S250). Otherwise, if it is greater than 40 dB but less than 70 dB, the wireless AP signal detection module (110 b in FIG. 1) moves y 'meters until the signal strength is caught within the secondary threshold range (step S240). (40dB <x` <50dB, x`: Secondary Search Radio Signal Strength)
However, if the signal can not be collected properly, the wireless AP signal detection module (110b in FIG. 1) is tried to search again. Generally, when the wireless signal is less than 40 dB, the unauthorized wireless equipment is about 5 to 10 meters in radius. Therefore, the surrounding is searched through the inquiry inquiry (step S250).
3 is a diagram illustrating a visualization state of an unlicensed wireless device according to an exemplary embodiment of the present invention. Referring to FIG. 3, the GPS position information of the last unlicensed wireless device (i.e., wireless AP, wireless connection device, and additional wireless connection device) detected through the wireless device map generation module 220e is mapped to a Google map, The status of unlicensed wireless equipment is graphically displayed.
100: Wireless equipment analysis system
110:
110a: Manager registration module 110b: Wireless AP (Access Point) signal detection module
110c: connection device output module
110d: wireless AP position tracking module
110e: Black White List Detection Module
220: management server section
220a: Manager information DB (DataBase)
220b: wireless AP list DB
220c: Unincorporated device DB
220d: Black White List Management Module
220e: Wireless diverse map generation module
Claims (8)
A wireless signal detection step in which a wireless access point (AP) signal detection module detects a wireless signal of a wireless AP based on a current location;
Checking the black list or the white list according to whether the unauthorized wireless AP is applicable to the wireless AP and storing the black list or the white list in the wireless AP list DB;
A location tracking step in which a wireless AP location tracking module tracks a location for the wireless signal; And
And a connection detecting step in which the connection device output module detects wireless connection devices connected to the wireless AP,
And a step in which the wireless device map generation module, after the connection detection step, matches the connected devices on a map and outputs the wireless devices.
Wherein the wireless AP signal detection module includes a non-directional antenna for searching for the wireless signal.
Tracking the wireless signal after the connection detection step by replacing the wireless AP location tracking module with a directional antenna to track additional wireless connection devices connected to the wireless AP; And
And storing the detected additional wireless connection devices in an unauthorized device DB as a result of the tracking of the unauthorized wireless signal detection system.
Wherein the detection of the wireless connection devices is performed by comparing the intensity of the first collected wireless signal with a first threshold value that is set in advance and the detection of the additional wireless connected devices detects the intensity of the second wireless signal collected after the first acquisition Wherein the first threshold value and the second threshold value are different from each other in comparison with a preset second threshold value, and the first threshold value and the second threshold value are different from each other.
Wherein the secondary acquisition is performed after moving to a predetermined distance in the lowest signal direction among the signal directions indicated by the antenna at the time of the primary acquisition.
The collection information for the wireless AP and the wireless connection devices includes BBSID (Basic Service Set IDentification) indicating a MAC (Media Access Control) address for distinguishing a 48-bit BBS (Basic Service Set) in 802.11, An SSID (Service Set IDentifier) indicating a unique identifier, a level indicating a degree of detection of the wireless signal, and a GPS indicating location information of the wireless AP and the wireless connection device to be detected. Wireless device analysis method.
The manager registration module receives manager information from an administrator and registers the manager information in an administrator information DB (Data Base), and the wireless AP signal detection module detects a wireless signal of the wireless AP based on the current position , The black-white list detection module checks a black list or a white list according to whether the unauthorized wireless AP is applicable to the wireless AP, stores the black list or the white list in the wireless AP list DB, Detects the wireless connection devices connected to the wireless AP, and after the wireless connection devices are detected, the wireless device map generation module outputs the matching devices on the map Which uses an unlicensed wireless signal detection system Wireless device analysis method.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150173424A KR101625437B1 (en) | 2015-12-07 | 2015-12-07 | Method and System for analyzing wireless device using unlicensed wireless signal detection standard |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150173424A KR101625437B1 (en) | 2015-12-07 | 2015-12-07 | Method and System for analyzing wireless device using unlicensed wireless signal detection standard |
Publications (1)
Publication Number | Publication Date |
---|---|
KR101625437B1 true KR101625437B1 (en) | 2016-05-30 |
Family
ID=57124765
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020150173424A KR101625437B1 (en) | 2015-12-07 | 2015-12-07 | Method and System for analyzing wireless device using unlicensed wireless signal detection standard |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR101625437B1 (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR102482245B1 (en) * | 2022-06-17 | 2022-12-28 | (주)노르마 | A moving robot monitoring on networks and operating method of the same |
CN117118561A (en) * | 2023-08-28 | 2023-11-24 | 苏州市职业大学(苏州开放大学) | Signal shielding device for information network security |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101198329B1 (en) * | 2011-07-29 | 2012-11-08 | 킹스정보통신(주) | Wireless network security system of client foundation and method thereof |
-
2015
- 2015-12-07 KR KR1020150173424A patent/KR101625437B1/en active IP Right Grant
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101198329B1 (en) * | 2011-07-29 | 2012-11-08 | 킹스정보통신(주) | Wireless network security system of client foundation and method thereof |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR102482245B1 (en) * | 2022-06-17 | 2022-12-28 | (주)노르마 | A moving robot monitoring on networks and operating method of the same |
US11772273B1 (en) | 2022-06-17 | 2023-10-03 | Norma Inc. | Mobile robot for monitoring network and operation method for same |
CN117118561A (en) * | 2023-08-28 | 2023-11-24 | 苏州市职业大学(苏州开放大学) | Signal shielding device for information network security |
CN117118561B (en) * | 2023-08-28 | 2024-04-26 | 苏州市职业大学(苏州开放大学) | Signal shielding device for information network security |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7561554B2 (en) | Method and system for detecting rogue access points and device for identifying rogue access points | |
US7426383B2 (en) | Wireless LAN intrusion detection based on location | |
Robyns et al. | Noncooperative 802.11 mac layer fingerprinting and tracking of mobile devices | |
CN104717721B (en) | WiFi access system | |
CN104284337A (en) | Base station detection method and system | |
US20090210935A1 (en) | Scanning Apparatus and System for Tracking Computer Hardware | |
CN103843380A (en) | Monitoring system for monitoring unauthorized access points, monitoring server, method and program | |
CN101478819A (en) | Method of determining a location of a base station in a wireless communication network and base station in a wireless communication network | |
US7605695B2 (en) | Automatic discovery and classification of detectors used in unattended ground sensor systems | |
Matte | Wi-Fi tracking: Fingerprinting attacks and counter-measures | |
US11950170B2 (en) | Passive sensor tracking using observations of Wi-Fi access points | |
CN104093145A (en) | Authentication method between users of two adjacent mobile terminals | |
Kalantar et al. | Analyzing the effect of Bluetooth low energy (BLE) with randomized MAC addresses in IoT applications | |
KR101625437B1 (en) | Method and System for analyzing wireless device using unlicensed wireless signal detection standard | |
Yuan et al. | In-vehicle localization based on multi-channel Bluetooth Low Energy received signal strength indicator | |
Amoordon et al. | A single supervised learning model to detect fake access points, frequency sweeping jamming and deauthentication attacks in IEEE 802.11 networks | |
García-Otero et al. | Secure neighbor discovery in wireless sensor networks using range-free localization techniques | |
EP4118848A1 (en) | Passive sensor tracking using observations of wi-fi access points | |
KR20150041407A (en) | Trust Access Point connection Apparatus and Method | |
TW202135548A (en) | Passive sensor tracking using observations of wi-fi access points | |
TW202135546A (en) | Passive asset tracking using observations of wi-fi access points | |
CN107295520A (en) | The method of infrared assisted lookup pseudo-base station | |
Schauer | Wi-Fi tracking threatens users’ privacy in fingerprinting techniques | |
Alawami et al. | Locid: A secure and usable location-based smartphone unlocking scheme using wi-fi signals and light intensity | |
KR101410274B1 (en) | Method and Apparatus for detecting large-cell unlicensed radio equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
E701 | Decision to grant or registration of patent right | ||
GRNT | Written decision to grant | ||
FPAY | Annual fee payment |
Payment date: 20190503 Year of fee payment: 4 |