CN113630782B - Wireless sharing detection method, device and system and computer readable storage medium - Google Patents
Wireless sharing detection method, device and system and computer readable storage medium Download PDFInfo
- Publication number
- CN113630782B CN113630782B CN202110927298.0A CN202110927298A CN113630782B CN 113630782 B CN113630782 B CN 113630782B CN 202110927298 A CN202110927298 A CN 202110927298A CN 113630782 B CN113630782 B CN 113630782B
- Authority
- CN
- China
- Prior art keywords
- access point
- terminal
- access
- detection
- wireless
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 227
- 238000000034 method Methods 0.000 claims abstract description 23
- 238000012544 monitoring process Methods 0.000 claims description 85
- 230000002159 abnormal effect Effects 0.000 claims description 36
- 238000004590 computer program Methods 0.000 claims description 5
- 230000005540 biological transmission Effects 0.000 claims 2
- 238000004891 communication Methods 0.000 abstract description 7
- 238000010586 diagram Methods 0.000 description 10
- 230000006870 function Effects 0.000 description 7
- 238000007726 management method Methods 0.000 description 6
- 230000009471 action Effects 0.000 description 3
- 230000006399 behavior Effects 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 238000004458 analytical method Methods 0.000 description 2
- 239000000523 sample Substances 0.000 description 2
- 238000013500 data storage Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000013519 translation Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W16/00—Network planning, e.g. coverage or traffic planning tools; Network deployment, e.g. resource partitioning or cells structures
- H04W16/14—Spectrum sharing arrangements between different networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W16/00—Network planning, e.g. coverage or traffic planning tools; Network deployment, e.g. resource partitioning or cells structures
- H04W16/18—Network planning tools
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The application provides a wireless sharing detection method, a wireless sharing detection device, a wireless sharing detection system and a computer readable storage medium, and relates to the technical field of network communication. Wherein the method applied to the radio access controller comprises the following steps: detecting the existence of an abnormally deployed wireless network; controlling each terminal access point to send an access point detection message to each connected access terminal so that the access terminals shared by the wireless network send out the access point detection message, wherein the access point detection message has access point specific message characteristics, and the access point specific message characteristics corresponding to each terminal access point are different; after the detection access point receives the message which is not sent by the terminal access point and accords with the specific message characteristics of the access point, the terminal access point which is shared by the wireless network of the access terminal is determined based on the corresponding relation between the specific message characteristics of the access point and each terminal access point. Therefore, the detection of wireless sharing is completed through the wireless network system, and gateway equipment with the wireless network sharing detection function is not required to be deployed.
Description
Technical Field
The present application relates to the field of network communications technologies, and in particular, to a wireless sharing detection method, device, system, and computer readable storage medium.
Background
Under the normal condition of network communication, legal terminals can normally access a wireless network to perform legal network access, but a plurality of terminal devices have a wireless network sharing function, and the legal terminals share the wireless network to terminals without network access permission in a network sharing mode.
The wireless network sharing is generally performed by legal terminals using NAT (Network Address Translation ), and when a terminal without network access authority accesses a network, information of the legal terminal is converted into information of a lock connection to perform network connection.
At present, the main means for detecting the shared wireless network are as follows: and collecting and analyzing the terminal flow through the exit gateway equipment, and finally detecting whether network sharing behaviors exist according to the analysis result. In the prior art, whether the network sharing behavior exists in the network is judged by analyzing the traffic, so that the requirement on the computing capacity of the export gateway is higher, and the deployment cost is higher.
Disclosure of Invention
In view of the above, an object of the embodiments of the present application is to provide a wireless sharing detection method, device, system and computer readable storage medium, so as to solve the problems in the prior art that whether a network sharing behavior exists in a network needs to be determined by analyzing traffic, and therefore, the requirement on the computing capacity of an egress gateway is high and the deployment cost is high.
The embodiment of the application provides a wireless sharing detection method, which is applied to a wireless access controller, wherein the wireless access controller is connected with terminal access points and detection access points through a switch, one or more terminal access points are provided, and the method comprises the following steps: detecting the existence of an abnormally deployed wireless network; controlling each terminal access point to send an access point detection message to each connected access terminal so that the access terminals in wireless network sharing send the access point detection messages, wherein the access point detection messages have access point specific message characteristics, and the access point specific message characteristics corresponding to each terminal access point are different; and after the detection access point receives the message which is not sent by the terminal access point and accords with the specific message characteristics of the access point, determining that the wireless network sharing terminal access point exists in the access terminal based on the corresponding relation between the specific message characteristics of the access point and each terminal access point.
In the implementation manner, the wireless access controller controls the terminal access points to send the access point detection messages to the access terminals connected respectively, so that the access points can send out the characteristics of relevant data of the access point detection messages when the access terminals share wireless networks, the terminal access points with wireless network sharing are positioned according to the data received by the detection access points, the wireless network system can carry out shared wireless network detection by utilizing the monitoring of the access point detection messages, the gateway equipment does not need to be additionally deployed or the gateway equipment is required to have the wireless network sharing detection capability, the network deployment cost is reduced, and meanwhile, the access point detection messages are monitored by adopting the detection access points, so that illegal terminals can be detected whether the illegal terminals carry out external network access or internal network access.
Optionally, the detecting that the abnormal deployment wireless network exists includes: transmitting a channel to be monitored to the detection access point so that the detection access point acquires first monitoring data in the channel to be monitored; and after the first monitoring data indicates that the wireless network which does not belong to the release of the wireless access controller exists, the abnormal deployment wireless network is detected.
In the implementation manner, the wireless access controller monitors the channel to be monitored through the detection access point, and deploys the preconditions for the monitoring trigger of the abnormal deployment wireless network, so that the real-time monitoring of the abnormal deployment wireless network in a specified range is ensured, and the discovery timeliness of the abnormal deployment wireless network is improved.
Optionally, after determining that the access terminal to which the wireless network sharing exists based on the correspondence between the specific message characteristic and each terminal access point, the method further includes: generating a terminal detection message aiming at each access terminal connected with a terminal access point shared by wireless networks, wherein the terminal detection message has terminal specific message characteristics, and the terminal specific message characteristics corresponding to each access terminal are different; controlling the terminal access point shared by the wireless networks to send a terminal detection message corresponding to each access terminal; and after the detection access point receives the message which is not sent by the access terminal and accords with the specific message characteristics of the terminal, detecting the access terminal sharing the wireless network based on the corresponding relation between the specific message characteristics of the terminal and each access terminal.
In the implementation manner, the message monitoring based on the specific message characteristics is performed by positioning the access terminal shared by the wireless network in the same manner as the terminal access point for detecting the wireless network sharing, so that the terminal shared by the wireless network can be accurately positioned and the information of the shared wireless network can be determined, and meanwhile, the message monitored based on the terminal specific message characteristics also provides a condition for positioning the terminal using the wireless network.
The embodiment of the application also provides a wireless sharing detection method, which is applied to detecting the access point, wherein the detecting access point is connected with the wireless access controller through the switch, and the method comprises the following steps: acquiring first monitoring data in a channel to be monitored; transmitting the first monitoring data to the wireless access controller so that the wireless access controller detects that an abnormal deployment wireless network exists, and controlling each terminal access point to transmit an access point detection message to each connected access terminal, wherein the access point detection message has access point specific message characteristics, and the access point specific message characteristics corresponding to each terminal access point are different; and acquiring second monitoring data in the channel to be monitored, and sending the second monitoring data to the wireless access controller, so that the wireless access controller determines that a wireless network shared terminal access point exists in an access terminal according to the corresponding relation between the specific message characteristics of the access point and each terminal access point after the second monitoring data indicates that the message which is not sent by the terminal access point and accords with the specific message characteristics of the access point is received, and the specific message characteristics of the access point corresponding to each terminal access point are different.
In the implementation manner, the detection access point monitors the channel under the control of the wireless access controller, and monitors the message conforming to the specific message characteristics of the access point according to the characteristics that the access terminal can send out the relevant data of the access point detection message when sharing the wireless network, so that the wireless network system can share the wireless network detection by utilizing the monitoring of the access point detection message in cooperation with the wireless access controller, and the gateway equipment does not need to be additionally deployed or is required to have the wireless network sharing detection capability, thereby reducing the network deployment cost.
Optionally, the method further comprises: and acquiring third monitoring data in the channel to be monitored, and transmitting the third monitoring data to the wireless access controller, so that the wireless access controller detects that the access terminal shared by the wireless network exists based on the corresponding relation between the terminal specific message characteristics and each access terminal after the detection access point receives the message which is not transmitted by the access terminal and accords with the terminal specific message characteristics, and the terminal specific message characteristics corresponding to each access terminal are different.
In the implementation manner, the message monitoring based on the specific message characteristics is performed by positioning the access terminal shared by the wireless network in the same manner as the terminal access point for detecting the wireless network sharing, so that the terminal shared by the wireless network can be accurately positioned and the information of the shared wireless network can be determined, and meanwhile, the message monitored based on the terminal specific message characteristics also provides a condition for positioning the terminal using the wireless network.
Optionally, the specific message characteristic of the access point is different message lengths and/or message sending intervals corresponding to each terminal access point, and the specific message characteristic of the terminal is different message lengths and/or message sending intervals corresponding to each access terminal.
The embodiment of the application also provides a wireless sharing detection device, which is applied to a wireless access controller, wherein the wireless access controller is connected with a terminal access point and a detection access point through a switch, one or more terminal access points are provided, and the device comprises: the abnormal network detection module is used for detecting that an abnormal deployment wireless network exists; a detection message sending module, configured to control each terminal access point to send an access point detection message to each access terminal connected to the terminal, so that the access terminal in wireless network sharing sends the access point detection message, where the access point detection message has access point specific message characteristics, and the access point specific message characteristics corresponding to each terminal access point are different; and the access point positioning module is used for determining that a wireless network shared terminal access point exists in the affiliated access terminal based on the corresponding relation between the specific message characteristics of the access point and each terminal access point after the detection access point receives the message which is not sent by the terminal access point and accords with the specific message characteristics of the access point.
In the implementation manner, the wireless access controller controls the terminal access points to send the access point detection messages to the access terminals connected respectively, so that the access points can send out the characteristics of relevant data of the access point detection messages when the access terminals share wireless networks, the terminal access points with wireless network sharing are positioned according to the data received by the detection access points, the wireless network system can carry out shared wireless network detection by utilizing the monitoring of the access point detection messages, the gateway equipment does not need to be additionally deployed or the gateway equipment is required to have the wireless network sharing detection capability, the network deployment cost is reduced, and meanwhile, the access point detection messages are monitored by adopting the detection access points, so that illegal terminals can be detected whether the illegal terminals carry out external network access or internal network access.
Optionally, the abnormal network detection module is specifically configured to: transmitting a channel to be monitored to the detection access point so that the detection access point acquires first monitoring data in the channel to be monitored; and after the first monitoring data indicates that the wireless network which does not belong to the release of the wireless access controller exists, the abnormal deployment wireless network is detected.
In the implementation manner, the wireless access controller monitors the channel to be monitored through the detection access point, and deploys the preconditions for the monitoring trigger of the abnormal deployment wireless network, so that the real-time monitoring of the abnormal deployment wireless network in a specified range is ensured, and the discovery timeliness of the abnormal deployment wireless network is improved.
Optionally, the wireless sharing detection device further includes: the terminal positioning module is used for generating a terminal detection message aiming at each access terminal connected with a terminal access point shared by wireless networks, wherein the terminal detection message has terminal specific message characteristics, and the terminal specific message characteristics corresponding to each access terminal are different; controlling the terminal access point shared by the wireless networks to send a terminal detection message corresponding to each access terminal; and after the detection access point receives the message which is not sent by the access terminal and accords with the specific message characteristics of the terminal, detecting the access terminal sharing the wireless network based on the corresponding relation between the specific message characteristics of the terminal and each access terminal.
In the implementation manner, the message monitoring based on the specific message characteristics is performed by positioning the access terminal shared by the wireless network in the same manner as the terminal access point for detecting the wireless network sharing, so that the terminal shared by the wireless network can be accurately positioned and the information of the shared wireless network can be determined, and meanwhile, the message monitored based on the terminal specific message characteristics also provides a condition for positioning the terminal using the wireless network.
The embodiment of the application also provides a wireless sharing detection device, which is applied to detecting an access point, wherein the detecting access point is connected with a wireless access controller through a switch, and the device comprises: the monitoring module is used for acquiring first monitoring data in a channel to be monitored; a first sending module, configured to send the first monitoring data to the radio access controller, so that the radio access controller detects that an abnormal deployment radio network exists, and control each terminal access point to send an access point detection message to each connected access terminal, where the access point detection message has access point specific message characteristics, and the access point specific message characteristics corresponding to each terminal access point are different; and the second sending module is used for acquiring second monitoring data in the channel to be monitored and sending the second monitoring data to the wireless access controller so that the wireless access controller determines that a wireless network shared terminal access point exists in the access terminal of the wireless access terminal based on the corresponding relation between the specific message characteristics of the access point and each terminal access point after the second monitoring data indicates that the message which is not sent by the terminal access point and accords with the specific message characteristics of the access point is received, and the specific message characteristics of the access point corresponding to each terminal access point are different.
In the implementation manner, the detection access point monitors the channel under the control of the wireless access controller, and monitors the message conforming to the specific message characteristics of the access point according to the characteristics that the access terminal can send out the relevant data of the access point detection message when sharing the wireless network, so that the wireless network system can share the wireless network detection by utilizing the monitoring of the access point detection message in cooperation with the wireless access controller, and the gateway equipment does not need to be additionally deployed or is required to have the wireless network sharing detection capability, thereby reducing the network deployment cost.
Optionally, the wireless sharing detection device further includes: and the third sending module is used for acquiring third monitoring data in the channel to be monitored and sending the third monitoring data to the wireless access controller so that the wireless access controller detects that the access terminal shared by the wireless network exists based on the corresponding relation between the terminal specific message characteristics and each access terminal after receiving the message which is not sent by the access terminal and accords with the terminal specific message characteristics by the detection access point, and the terminal specific message characteristics corresponding to each access terminal are different.
In the implementation manner, the message monitoring based on the specific message characteristics is performed by positioning the access terminal shared by the wireless network in the same manner as the terminal access point for detecting the wireless network sharing, so that the terminal shared by the wireless network can be accurately positioned and the information of the shared wireless network can be determined, and meanwhile, the message monitored based on the terminal specific message characteristics also provides a condition for positioning the terminal using the wireless network.
The embodiment of the application also provides a wireless sharing detection system, which comprises a wireless access controller, a switch, a terminal access point and a detection access point, wherein the wireless access controller is connected with the terminal access point and the detection access point through the switch; the terminal access point is used for acquiring monitoring data in a channel to be monitored; the switch is used for carrying out data exchange between the wireless access controller and the terminal access point and the detection access point; the wireless access controller is used for controlling each terminal access point to send the access point detection message to each connected access terminal after detecting that the abnormal deployment wireless network exists, wherein the access point detection message has access point specific message characteristics, and the access point specific message characteristics corresponding to each terminal access point are different; each terminal access point is used for sending the access point detection message to the access terminal connected with each terminal; and the detection access point is used for determining that the wireless network sharing terminal access point exists in the access terminal of the detection access point based on the corresponding relation between the specific message characteristics of the access point and each terminal access point after the detection access point receives the message which is not sent by the terminal access point and accords with the specific message characteristics of the access point.
Embodiments of the present application also provide a computer readable storage medium having stored therein computer program instructions which, when read and executed by a processor, perform the steps of any of the above implementations.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the embodiments of the present application will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and should not be considered as limiting the scope, and other related drawings can be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a schematic structural diagram of a wireless sharing detection device according to an embodiment of the present application.
Fig. 2 is a flow chart of a wireless sharing detection method according to an embodiment of the present application.
Fig. 3 is a schematic block diagram of a wireless sharing detection device applied to a wireless access controller according to an embodiment of the present application.
Fig. 4 is a schematic block diagram of a wireless sharing detection device for detecting an access point according to an embodiment of the present application.
Icon: 10-a wireless shared detection system; 11-a radio access controller; 12-a switch; 121-core switch; 122-access switch; 13-terminal access point; 14-detecting an access point; 15-an access terminal; 16-an egress gateway; 17-the internet; 20-wireless sharing detection means; 21-an abnormal network detection module; 22-detecting a message sending module; 23-an access point positioning module; 30-wireless sharing detection means; 31-a monitoring module; 32-a first transmitting module; 33-a second transmitting module.
Detailed Description
The technical solutions in the embodiments of the present application will be described below with reference to the accompanying drawings in the embodiments of the present application.
First, a wireless sharing detection system 10 that may be involved in performing a wireless sharing detection method according to an embodiment of the present application is described, and referring to fig. 1, fig. 1 is a schematic structural diagram of a wireless sharing detection system according to an embodiment of the present application.
The wireless sharing detection system 10 includes a wireless access controller 11, a switch 12, a terminal access point 13, and a detection access point 14, where the wireless access controller 11 is communicatively connected to the terminal access point 13 and the detection access point 14 through the switch 12, and the terminal access point 13 is communicatively connected to an access terminal 15.
The radio access Controller 11, abbreviated as AC (WIRELESS ACCESS Point Controller), is a network device for centralized control of a wireless access Point (Acess Point, AP), and is generally used for performing operations such as configuration issuing, configuration parameter modification, radio frequency intelligent management, access security control, etc. on the AP. The terminal access point 13 is a wireless access point to which a terminal is connected, and the detection access point 14 is a wireless access point for detecting whether or not a shared wireless network exists.
Optionally, the switch 12 in this embodiment may include a core switch 121 and an access switch 122, the main purpose of the core switch 121 being to provide a fast and reliable backbone transport structure by high speed forwarding communications, and the access switch 122 being to allow end users to connect to the network, so that the core switch 121 in this embodiment is also communicatively connected to the internet 17 via the egress gateway 16.
The number of terminal access points 13 may be one or more, each terminal access point 13 is configured to connect to an access terminal 15 through a wireless network, and the access terminal 15 to which each terminal access point 13 has access may be one or more.
Alternatively, the terminal access point 13 in this embodiment may be a route switching access integrated device, a pure access point device, or other access devices with terminal access functions.
It should be understood that the detection access point 14 in this embodiment may be a wireless access point of the same type as the terminal access point 13, but the detection access point 14 does not provide access to the access terminal 15, but rather performs data monitoring of the wireless network in the surrounding environment.
For the access terminal 15, there may be a case that the access terminal 15 of a legal access terminal access point 13 shares the wireless network through the network sharing tool for other terminals to use, and by adopting the wireless sharing detection device 10, the detection of wireless sharing can be completed through the wireless network system itself, and no gateway device with the wireless network sharing detection function is required to be deployed.
Referring to fig. 2, fig. 2 is a flow chart of a wireless sharing detection method according to an embodiment of the present application, where specific steps of the wireless sharing detection method may be as follows:
The terminal access points 13 are registered with the radio access controller 11, and the radio access controller 11 controls one or more terminal access points 13 to release the normally deployed wireless network by the management of the terminal access points 13 by the radio access controller 11.
The radio access controller 11 issues information about the channel to be monitored to the detection access point 14, and the detection access point 14 monitors the channel to be monitored according to the information about the channel to be monitored.
Optionally, the detecting access point 14 in this embodiment may monitor the channel to be monitored in a polling manner to obtain the first monitoring data.
Optionally, the first listening data may include one or more data capable of representing identities of the wireless network and the communication device, such as a beacon frame, a probe request, a probe response, and a terminal data packet.
The detection access point 14 analyzes the wireless network existing in each channel based on the monitoring data, or the detection access point 14 transmits the monitoring data to the radio access controller 11, and the wireless network existing in each channel is analyzed by the radio access controller 11 according to the monitoring data.
Next, the detecting access point 14 determines whether the wireless network is a normal deployment wireless network released by the radio access controller 11 based on the name of the wireless network obtained by the analysis, the BSSID (Basic SERVICE SET IDENTITY) of the wireless network, or the like.
Specifically, when the information such as the name of the wireless network and the BSSID of the wireless network indicates that the wireless network is not configured by the wireless access controller 11, it indicates that the detection access point 14 detects that the wireless network is an abnormally deployed wireless network.
When the detecting access point 14 detects that an abnormally deployed wireless network exists, relevant information of the abnormally deployed wireless network (such as the name of the wireless network, the BSSID and the working channel of the wireless network, etc.) is recorded.
After the detection access point 14 finishes the polling detection of the channel to be monitored, the detected and recorded related information of the abnormal deployment wireless network is reported to the wireless access controller 11.
Alternatively, in this embodiment, the detection access point 14 may directly send related information of the wireless network (such as the name of the wireless network, the BSSID of the wireless network, and the working channel) to the wireless access controller 11, so that the wireless access controller 11 may determine whether the wireless network is a normal deployment wireless network released by the wireless access controller 11 based on the name of the wireless network, the BSSID of the wireless network, and the like, without performing abnormal deployment or normal deployment of the wireless network.
After determining that the abnormal deployment wireless network exists, the wireless access controller 11 sends a management message to the terminal access points 13 in the area of the abnormal deployment wireless network, where the management message includes an access point specific message feature configuration corresponding to each terminal access point 13, so as to inform the terminal access points 13 in the area of the abnormal deployment wireless network to generate an access point detection message based on the corresponding access point specific message feature configuration, and send the corresponding access point detection message to the access terminals 15 connected with each other.
The message length and/or the message sending interval configured by the different terminal access points 13 are used as access point specific message characteristics corresponding to the different terminal access points 13, and the access point specific message characteristics of the access point detection messages corresponding to each terminal access point 13 are different.
Alternatively, the terminal access point 13 may send an access point detection message to the respective connected access terminal 15 through the UDP (User Datagram Protocol ) communication port being used.
After receiving the access point detection message, the terminal access point 13 sends the access point detection message through the connected access terminal 15 if the access point detection message is in a wireless network sharing state, and if the access terminal 15 of the terminal access point 13 has illegal wireless network sharing, the access terminal 15 sends the access point detection message through an abnormally deployed wireless network.
The specific message characteristics of the access point may be that the message length and the message sending interval are different.
For the message length, the radio access controller 11 needs to locally calculate the actual message length when the shared radio network is not encrypted and a different encryption algorithm is used. In addition, the terminal access point 13 needs to keep track of the UDP port being used by the access terminal 15 accessing itself.
Next, the radio access controller 11 issues data of the wireless network configured to require the detection access point 14 to monitor the channel and BSSID corresponding to the abnormally deployed wireless network, and issues access point specific message characteristics to be detected to the detection access point 14.
For example, when the detecting access point 14 detects an abnormally deployed wireless network with a BSSID of 1.1.1 and a channel of 11, the wireless access controller 11 issues a configuration request to the detecting access point 14 to monitor all messages with a BSSID of 1.1.1 and a channel of 11.
And by detecting the continuous monitoring of the access point 14, acquiring second monitoring data in a channel to be monitored, analyzing the message length and/or the message sending interval of the message in the second monitoring data, when the message with the same message length and/or message sending interval as the specific message characteristics of the access point exists in the second monitoring data, judging that the message meets the specific message characteristics of the access point, and sending the message meeting the specific message characteristics of the access point in the second monitoring data to the wireless access controller 11 as a detection result.
Alternatively, in this embodiment, the detecting access point 14 may directly send the second monitoring data to the radio access controller 11, and the radio access controller 11 determines whether there is a message satisfying the specific message characteristics of the access point in the second monitoring data.
After receiving the message meeting the specific message characteristics of the access point sent by the detection access point 14, the radio access controller 11 determines that the terminal access point 13 of the abnormally deployed wireless network exists based on the message meeting the specific message characteristics of the access point, and records the wireless network SSID (SERVICE SET IDENTIFIER ), BSSID, channel, encryption mode and the like of the abnormally deployed wireless network.
Alternatively, the method for determining whether the terminal access point 13 of the abnormal deployment wireless network exists based on the message satisfying the specific message characteristic of the access point may be to determine that the terminal access point 13 corresponding to the message exists of the abnormal deployment wireless network when the message is not sent by the registered terminal access point 13 in the wireless access controller 11 and has the specific message characteristic of the access point.
Since the above-mentioned message satisfying the specific message characteristics of the access point is the same as the first monitoring data as the second monitoring data, and includes data capable of representing the wireless network and the identity of the communication device, the terminal access point 13 having an abnormally deployed network can be located based on the message.
Thus far, the present embodiment completes positioning of the terminal access point 13 for illegal wireless network sharing, and then may also position the access terminal 15 for illegal wireless network sharing.
The wireless access controller 11 sends a management message to each access terminal 15 connected to the terminal access point 13 according to the monitored existence of the terminal access point 13 shared by the wireless network, where the management message includes a terminal specific message feature configuration corresponding to each access terminal 15, so as to inform the terminal access point 13 in the abnormally deployed wireless network area to generate a terminal detection message based on the corresponding terminal specific message feature configuration, and send the corresponding terminal detection message to each connected access terminal 15.
The message length and/or the message sending interval configured by different access terminals 15 are used as terminal specific message characteristics corresponding to different access terminals 15, and the terminal specific message characteristics of the terminal detection messages corresponding to each access terminal 15 are different. It should be understood that, in this embodiment, the positioning steps of the radio access controller 11, the terminal access point 13 and the detecting access point 14 for subsequently positioning the access terminal 15 for wireless network sharing are similar to the steps of determining the terminal access point 13 for wireless network sharing, except that the radio access controller 11 is configured to send a terminal detection message to the access terminal 15 connected to the terminal access point 13 for illegal wireless network sharing, and then detect a message with a terminal specific message feature through the detecting access point 14, and other steps are not repeated herein.
It should be understood that the present embodiment repeatedly performs detection and positioning of an abnormally deployed wireless network for each of the terminal access points 13 and the access terminals 15, and may perform detection of illegal wireless network sharing for all the terminal access points 13 and the access terminals 15 controlled by the wireless access controller 11.
Alternatively, the radio access controller 11 in this embodiment may perform the above-described wireless sharing detection method according to a specified period of time according to a manual instruction to turn on or perform the detection of illegal wireless network sharing according to a cycle.
In order to match the wireless sharing detection method, the embodiment of the application provides a wireless sharing detection device respectively aiming at being applied to a wireless access controller and a detection access point.
Referring to fig. 3, fig. 3 is a schematic block diagram of a wireless sharing detection device applied to a radio access controller according to an embodiment of the present application.
The wireless sharing detection apparatus 20 applied to the wireless access controller includes:
An abnormal network detection module 21 for detecting that an abnormal deployment wireless network exists;
A detection message sending module 22, configured to control each terminal access point to send an access point detection message to each access terminal connected to the terminal, so that the access terminal in wireless network sharing sends out the access point detection message, where the access point detection message has access point specific message characteristics, and the access point specific message characteristics corresponding to each terminal access point are different;
The access point positioning module 23 is configured to determine, after the detection access point receives a message that is not sent by the terminal access point and conforms to the specific message feature of the access point, that a terminal access point that is shared by the wireless network exists in the access terminal to which the detection access point belongs based on the correspondence between the specific message feature of the access point and each terminal access point.
Alternatively, the abnormal network detection module 21 is specifically configured to: transmitting a channel to be monitored to the detection access point so that the detection access point acquires first monitoring data in the channel to be monitored; and after the first monitoring data indicates that the wireless network which does not belong to the release of the wireless access controller exists, the abnormal deployment of the wireless network is detected.
Optionally, the wireless sharing detection apparatus 20 further includes: the terminal positioning module is used for generating a terminal detection message aiming at each access terminal connected with a terminal access point shared by wireless networks, wherein the terminal detection message has terminal specific message characteristics, and the terminal specific message characteristics corresponding to each access terminal are different; controlling a terminal access point with wireless network sharing to send a terminal detection message corresponding to each access terminal; after the detection access point receives the message which is not sent by the access terminal and accords with the specific message characteristics of the terminal, the access terminal sharing the wireless network is detected based on the corresponding relation between the specific message characteristics of the terminal and each access terminal.
Referring to fig. 4, fig. 4 is a schematic block diagram of a wireless sharing detection device for detecting an access point according to an embodiment of the present application.
The wireless sharing detection device 30 applied to detect an access point includes:
a monitoring module 31, configured to obtain first monitoring data in a channel to be monitored;
A first sending module 32, configured to send first monitoring data to the radio access controller, so that the radio access controller detects that an abnormal deployment radio network exists, and control each terminal access point to send an access point detection message to each access terminal connected to the radio access controller, where the access point detection message has access point specific message characteristics, and the access point specific message characteristics corresponding to each terminal access point are different;
the second sending module 33 is configured to obtain second monitoring data in a channel to be monitored, and send the second monitoring data to the radio access controller, so that the radio access controller determines, after the second monitoring data indicates that a message which is not sent by the terminal access point and accords with the specific message characteristic of the access point is received, that the access terminal to which the access terminal belongs has a wireless network sharing access point based on a corresponding relationship between the specific message characteristic of the access point and each terminal access point, where the specific message characteristic of the access point corresponding to each terminal access point is different.
Optionally, the wireless sharing detection apparatus 30 further includes: and the third sending module is used for acquiring third monitoring data in a channel to be monitored and sending the third monitoring data to the wireless access controller, so that the wireless access controller detects that the access terminal shared by the wireless network exists based on the corresponding relation between the terminal specific message characteristics and each access terminal after detecting that the access point receives the message which is not sent by the access terminal and accords with the terminal specific message characteristics, and the terminal specific message characteristics corresponding to each access terminal are different.
Optionally, the access point specific message is characterized by different message lengths and/or message sending intervals corresponding to each terminal access point, and the terminal specific message is characterized by different message lengths and/or message sending intervals corresponding to each access terminal.
The embodiment of the application also provides a computer readable storage medium, wherein the computer readable storage medium stores computer program instructions, and the computer program instructions execute the steps in the wireless sharing detection method when being read and executed by a processor.
In summary, the embodiments of the present application provide a wireless sharing detection method, device, system and computer readable storage medium, where the method applied to a wireless access controller includes: detecting the existence of an abnormally deployed wireless network; controlling each terminal access point to send an access point detection message to each connected access terminal so that the access terminals in wireless network sharing send the access point detection messages, wherein the access point detection messages have access point specific message characteristics, and the access point specific message characteristics corresponding to each terminal access point are different; and after the detection access point receives the message which is not sent by the terminal access point and accords with the specific message characteristics of the access point, determining that the wireless network sharing terminal access point exists in the access terminal based on the corresponding relation between the specific message characteristics of the access point and each terminal access point.
In the implementation manner, the wireless access controller controls the terminal access points to send the access point detection messages to the access terminals connected respectively, so that the access points can send out the characteristics of relevant data of the access point detection messages when the access terminals share wireless networks, the terminal access points with wireless network sharing are positioned according to the data received by the detection access points, the wireless network system can carry out shared wireless network detection by utilizing the monitoring of the access point detection messages, the gateway equipment does not need to be additionally deployed or the gateway equipment is required to have the wireless network sharing detection capability, the network deployment cost is reduced, and meanwhile, the access point detection messages are monitored by adopting the detection access points, so that illegal terminals can be detected whether the illegal terminals carry out external network access or internal network access.
In the several embodiments provided in the present application, it should be understood that the disclosed apparatus may be implemented in other manners. The apparatus embodiments described above are merely illustrative, for example, block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of devices according to various embodiments of the present application. In this regard, each block in the block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams, and combinations of blocks in the block diagrams, can be implemented by special purpose hardware-based systems that perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In addition, functional modules in the embodiments of the present application may be integrated together to form a single part, or each module may exist alone, or two or more modules may be integrated to form a single part.
The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. The present embodiment therefore also provides a readable storage medium having stored therein computer program instructions which, when read and executed by a processor, perform the steps of any one of the methods of block data storage. Based on this understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server, a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a RanDom Access Memory (RAM), a magnetic disk or an optical disk, or other various media capable of storing program codes.
The above description is only an example of the present application and is not intended to limit the scope of the present application, and various modifications and variations will be apparent to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the protection scope of the present application. It should be noted that: like reference numerals and letters denote like items in the following figures, and thus once an item is defined in one figure, no further definition or explanation thereof is necessary in the following figures.
It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
Claims (9)
1. A wireless sharing detection method, which is characterized by being applied to a wireless access controller, wherein the wireless access controller is connected with a terminal access point and detection access points through a switch, and one or more terminal access points are provided, and the method comprises the following steps:
transmitting a channel to be monitored to the detection access point so that the detection access point acquires first monitoring data in the channel to be monitored;
receiving the first monitoring data sent by the detection access point, and after the first monitoring data indicate that the wireless network which does not belong to the wireless access controller is released, indicating that the abnormal deployment wireless network exists;
Controlling each terminal access point to send an access point detection message to each connected access terminal so that the access terminals in wireless network sharing send the access point detection messages, wherein the access point detection messages have access point specific message characteristics, and the access point specific message characteristics corresponding to each terminal access point are different;
And after the detection access point receives the message which is not sent by the terminal access point and accords with the specific message characteristics of the access point, determining that the wireless network sharing terminal access point exists in the access terminal based on the corresponding relation between the specific message characteristics of the access point and each terminal access point.
2. The method of claim 1, wherein after said determining that a wireless network-shared terminal access point exists for the access terminal of interest based on the correspondence of the access point-specific message characteristics with each of the terminal access points, the method further comprises:
Generating a terminal detection message aiming at each access terminal connected with a terminal access point shared by wireless networks, wherein the terminal detection message has terminal specific message characteristics, and the terminal specific message characteristics corresponding to each access terminal are different;
Controlling the terminal access point shared by the wireless networks to send a terminal detection message corresponding to each access terminal;
and after the detection access point receives the message which is not sent by the access terminal and accords with the specific message characteristics of the terminal, detecting the access terminal sharing the wireless network based on the corresponding relation between the specific message characteristics of the terminal and each access terminal.
3. A wireless sharing detection method, applied to a detection access point, where the detection access point is connected to a wireless access controller through a switch, the method comprising:
Receiving a channel to be monitored sent by the wireless access controller, and acquiring first monitoring data in the channel to be monitored;
Sending the first monitoring data to the wireless access controller, so that the wireless access controller indicates that an abnormal deployment wireless network exists after the first monitoring data indicates that the wireless network which does not belong to the wireless access controller is released, and controls each terminal access point to send an access point detection message to each connected access terminal, wherein the access point detection message has access point specific message characteristics, and the access point specific message characteristics corresponding to each terminal access point are different;
and acquiring second monitoring data in the channel to be monitored, and sending the second monitoring data to the wireless access controller, so that the wireless access controller determines that a wireless network shared terminal access point exists in an access terminal according to the corresponding relation between the specific message characteristics of the access point and each terminal access point after the second monitoring data indicates that the message which is not sent by the terminal access point and accords with the specific message characteristics of the access point is received, and the specific message characteristics of the access point corresponding to each terminal access point are different.
4. A method according to claim 3, characterized in that the method further comprises:
And acquiring third monitoring data in the channel to be monitored, and transmitting the third monitoring data to the wireless access controller, so that the wireless access controller detects that the access terminal shared by the wireless network exists based on the corresponding relation between the terminal specific message characteristics and each access terminal after the detection access point receives the message which is not transmitted by the access terminal and accords with the terminal specific message characteristics, and the terminal specific message characteristics corresponding to each access terminal are different.
5. The method of claim 4, wherein the access point specific message is characterized by a different message length and/or message transmission interval corresponding to each terminal access point, and wherein the terminal specific message is characterized by a different message length and/or message transmission interval corresponding to each access terminal.
6. A wireless sharing detection device, characterized by being applied to a wireless access controller, wherein the wireless access controller is connected with a terminal access point and a detection access point through a switch, and one or more terminal access points are provided, and the device comprises:
the abnormal network detection module is used for detecting that an abnormal deployment wireless network exists;
A detection message sending module, configured to control each terminal access point to send an access point detection message to each access terminal connected to the terminal, so that the access terminal in wireless network sharing sends the access point detection message, where the access point detection message has access point specific message characteristics, and the access point specific message characteristics corresponding to each terminal access point are different;
the access point positioning module is used for determining a terminal access point which is shared by wireless networks of the access terminal and belongs to the access terminal based on the corresponding relation between the specific message characteristics of the access point and each terminal access point after the detection access point receives the message which is not sent by the terminal access point and accords with the specific message characteristics of the access point;
the abnormal network detection module is specifically configured to send a channel to be monitored to the detection access point, so that the detection access point obtains first monitoring data in the channel to be monitored; and receiving the first monitoring data sent by the detection access point, and after the first monitoring data indicate that the wireless network which does not belong to the wireless access controller is released, indicating that the abnormal deployment wireless network exists.
7. A wireless shared detection apparatus for detecting an access point, the detection access point being connected to a wireless access controller through a switch, the apparatus comprising:
The monitoring module is used for acquiring first monitoring data in a channel to be monitored;
the first sending module is used for sending the first monitoring data to the wireless access controller so that the wireless access controller sends a channel to be monitored to the detection access point, and the detection access point can acquire the first monitoring data in the channel to be monitored; after the first monitoring data indicate that a wireless network which does not belong to the wireless access controller is released exists, the wireless network is detected to exist in an abnormal deployment mode, each terminal access point is controlled to send an access point detection message to each access terminal connected with the terminal access point, the access point detection message has access point specific message characteristics, and the access point specific message characteristics corresponding to each terminal access point are different;
And the second sending module is used for acquiring second monitoring data in the channel to be monitored and sending the second monitoring data to the wireless access controller so that the wireless access controller determines that a wireless network shared terminal access point exists in the access terminal of the wireless access terminal based on the corresponding relation between the specific message characteristics of the access point and each terminal access point after the second monitoring data indicates that the message which is not sent by the terminal access point and accords with the specific message characteristics of the access point is received, and the specific message characteristics of the access point corresponding to each terminal access point are different.
8. The wireless sharing detection system is characterized by comprising a wireless access controller, a switch, a terminal access point and a detection access point, wherein the wireless access controller is connected with the terminal access point and the detection access point through the switch;
the terminal access point is used for acquiring monitoring data in a channel to be monitored;
the switch is used for carrying out data exchange between the wireless access controller and the terminal access point and the detection access point;
The wireless access controller is used for sending a channel to be monitored to the detection access point so that the detection access point can acquire first monitoring data in the channel to be monitored; receiving the first monitoring data sent by the detection access point, after the first monitoring data indicate that a wireless network which does not belong to the wireless network released by the wireless access controller exists, and after the first monitoring data indicate that an abnormal deployment wireless network exists, controlling each terminal access point to send an access point detection message to each connected access terminal, wherein the access point detection message has access point specific message characteristics, and the access point specific message characteristics corresponding to each terminal access point are different;
each terminal access point is used for sending the access point detection message to the access terminal connected with each terminal;
And the detection access point is used for determining that the wireless network sharing terminal access point exists in the access terminal of the detection access point based on the corresponding relation between the specific message characteristics of the access point and each terminal access point after the detection access point receives the message which is not sent by the terminal access point and accords with the specific message characteristics of the access point.
9. A computer readable storage medium, characterized in that the computer readable storage medium has stored therein computer program instructions which, when executed by a processor, perform the steps of the method according to any of claims 1-5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110927298.0A CN113630782B (en) | 2021-08-09 | 2021-08-09 | Wireless sharing detection method, device and system and computer readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110927298.0A CN113630782B (en) | 2021-08-09 | 2021-08-09 | Wireless sharing detection method, device and system and computer readable storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113630782A CN113630782A (en) | 2021-11-09 |
| CN113630782B true CN113630782B (en) | 2024-06-18 |
Family
ID=78385050
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110927298.0A Active CN113630782B (en) | 2021-08-09 | 2021-08-09 | Wireless sharing detection method, device and system and computer readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113630782B (en) |
Family Cites Families (21)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8782745B2 (en) * | 2006-08-25 | 2014-07-15 | Qwest Communications International Inc. | Detection of unauthorized wireless access points |
| KR20120019520A (en) * | 2010-08-26 | 2012-03-07 | 삼성전자주식회사 | Method and apparatus for providing tethering service in a wireless local area network terminal supporting mobile infrastructure mode |
| KR101784746B1 (en) * | 2011-05-19 | 2017-10-12 | 주식회사 케이티 | System and method for detecting tethering |
| CN102843684A (en) * | 2011-06-21 | 2012-12-26 | 航天信息股份有限公司 | Method and system for detecting rogue wireless access point in local area network |
| EP2600648A1 (en) * | 2011-11-30 | 2013-06-05 | British Telecommunications public limited company | Rogue access point detection |
| US8745225B2 (en) * | 2011-12-19 | 2014-06-03 | At&T Intellectual Property I, L.P. | Method and apparatus for detecting tethering in a communications network |
| EP2868131A4 (en) * | 2012-06-29 | 2016-03-02 | Nokia Technologies Oy | Method and apparatus for access parameter sharing |
| CN103139015B (en) * | 2013-02-08 | 2016-08-03 | 华为技术有限公司 | Network shares detection method, device and equipment |
| US9178896B2 (en) * | 2013-05-09 | 2015-11-03 | Avaya Inc. | Rogue AP detection |
| US9226141B1 (en) * | 2013-11-04 | 2015-12-29 | Sprint Communications Company L.P. | Identifying unsubscribed tethering in a wireless network |
| CN103780430B (en) * | 2014-01-20 | 2017-11-17 | 华为技术有限公司 | The method and apparatus for monitoring the network equipment |
| CN104378761A (en) * | 2014-12-05 | 2015-02-25 | 迈普通信技术股份有限公司 | Method, device and system for detecting illegal access devices |
| CN104852894B (en) * | 2014-12-10 | 2016-08-24 | 北京奇虎科技有限公司 | A kind of air message listening detection method, system and control server |
| CN105119901B (en) * | 2015-07-17 | 2018-07-17 | 中国科学院信息工程研究所 | A kind of detection method and system of fishing hot spot |
| CN106385683A (en) * | 2015-07-28 | 2017-02-08 | 中兴通讯股份有限公司 | Wireless hot spot safety detection method, apparatus and user equipment thereof |
| CN106658509B (en) * | 2016-10-31 | 2020-02-04 | 迈普通信技术股份有限公司 | Method and equipment for countering illegal wireless access point and wireless local area network |
| CN106507363B (en) * | 2017-01-06 | 2019-04-02 | 北京锐云通信息技术有限公司 | A method of discovery fishing access point |
| CN106973401B (en) * | 2017-03-30 | 2020-12-15 | 深圳市网是科技有限公司 | Detection suppression method for illegal AP in wireless networking environment |
| CN107277771A (en) * | 2017-07-06 | 2017-10-20 | 杭州敦崇科技股份有限公司 | A kind of rogue AP detection suppression technology based on wireless location |
| CN110012469B (en) * | 2019-04-29 | 2021-03-30 | 四川英得赛克科技有限公司 | Method for rapidly judging validity of wireless hotspot in industrial control environment |
| CN113194520A (en) * | 2021-05-21 | 2021-07-30 | 中国联合网络通信集团有限公司 | Network sharing method and device |
-
2021
- 2021-08-09 CN CN202110927298.0A patent/CN113630782B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN113630782A (en) | 2021-11-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110351385B (en) | Home gateway system and data forwarding method | |
| JP4220189B2 (en) | Information network system control method and information network system | |
| KR101453521B1 (en) | Wireless access point apparatus and method for detecting unauthorized wireless lan node | |
| EP3928469B1 (en) | Method and system for detecting stations in wireless local area networks | |
| US10243974B2 (en) | Detecting deauthentication and disassociation attack in wireless local area networks | |
| CN104540134B (en) | Wireless access node detection method, wireless network detecting system and server | |
| CN114697945B (en) | Method and device for generating discovery response message and method for processing discovery message | |
| KR102323712B1 (en) | Wips sensor and method for preventing an intrusion of an illegal wireless terminal using wips sensor | |
| CN112469044B (en) | Edge access control method and controller for heterogeneous terminal | |
| CN104852894A (en) | Wireless message monitor detecting method, system and central control server | |
| CN104580141A (en) | Method and apparatus for detecting unauthorized access point | |
| US11250172B2 (en) | Handling wireless client devices associated with a role indicating a stolen device | |
| CN106302373A (en) | A kind of connection control method and terminal | |
| CN101345773A (en) | Method, system and equipment for cross-platform monitoring remote device by using mobile terminal | |
| WO2014049997A1 (en) | Server device capable of analyzing communication behavior, control method for mobile terminal, and computer program | |
| CN113630782B (en) | Wireless sharing detection method, device and system and computer readable storage medium | |
| CN111770094B (en) | Access control method of wireless network and related device | |
| US11057769B2 (en) | Detecting unauthorized access to a wireless network | |
| EP2955945B1 (en) | Method and system for implementing authentication and accounting in interaction between wireless local area network and fixed network | |
| JP2002164899A (en) | Network monitoring method and its equipment | |
| KR101335293B1 (en) | System for blocking internal network intrusion and method the same | |
| Vanjale et al. | Multi parameter based robust and efficient rogue AP detection approach | |
| KR102455515B1 (en) | Security System and Method for Home Network Access | |
| JP5175898B2 (en) | Wireless communication apparatus, connection release method, and program | |
| CN112422896A (en) | Management method and gateway of video monitoring terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |