IPC분류정보
국가/구분 |
United States(US) Patent
등록
|
국제특허분류(IPC7판) |
|
출원번호 |
US-0464043
(2006-08-11)
|
등록번호 |
US-8281392
(2012-10-02)
|
발명자
/ 주소 |
- Sinha, Amit
- Darrow, Nicholas John
|
출원인 / 주소 |
|
대리인 / 주소 |
|
인용정보 |
피인용 횟수 :
4 인용 특허 :
139 |
초록
▼
Methods and systems for disrupting potential attacks on a wireless network through transmission of random data are disclosed. Specifically, this disclosure relates to systems and methods for disrupting the breaking of the secret key or passphrase by an adversary or rogue device for Wi-Fi networks us
Methods and systems for disrupting potential attacks on a wireless network through transmission of random data are disclosed. Specifically, this disclosure relates to systems and methods for disrupting the breaking of the secret key or passphrase by an adversary or rogue device for Wi-Fi networks using wired equivalent privacy (WEP) and Wi-Fi protected access (WPA).
대표청구항
▼
1. A method of disrupting attempts to break encryption or authentication associated with a wireless network, the method comprising the steps of: monitoring the wireless network to detect weak initialization vectors, wherein the weak initialization vectors are weak due to reuse over a specified time
1. A method of disrupting attempts to break encryption or authentication associated with a wireless network, the method comprising the steps of: monitoring the wireless network to detect weak initialization vectors, wherein the weak initialization vectors are weak due to reuse over a specified time period on the wireless network;monitoring the wireless network to detect known wired equivalent privacy keys being used; andtransmitting random wired equivalent privacy encrypted frames on the wireless network responsive to the monitoring steps, the random wired equivalent privacy encrypted frames are operable to confuse unauthorized devices attempting to capture wired equivalent privacy encrypted frames to break the wired equivalent privacy key, wherein the random wired equivalent privacy encrypted frames each comprise random data encrypted with a different wired equivalent privacy key and random initialization vectors generated at a rate derived in response to monitored traffic, and wherein the random initialization vectors are different from monitored initialization vectors but logically correct and in sequence, wherein the random initialization vectors are invalid packets and are configured to pass validity checks while preventing an attacker to filter out the invalid packets thereby preventing decryption of the wired equivalent privacy key;wherein the monitoring step is performed by a plurality of distributed monitoring devices, the plurality of monitoring devices are connected to one or more servers; andwherein the servers are operable to receive and correlate data, events, and statistics from the distributed monitoring devices and to direct the distributed monitoring devices to perform the transmitting step responsive to any of a periodic interval, an intrusion alarm, a manual request, and an automatic request based on policy. 2. The method of claim 1, wherein the condition comprises any of a periodic interval, an intrusion alarm, a manual request, and an automatic request based on policy. 3. The method of claim 1, wherein the plurality of distributed monitoring devices comprise any of wireless sensors, wireless access points, wireless client devices configured with a software agent, and combinations thereof. 4. The method of claim 1, wherein the monitoring step and the transmitting step are performed by a stand-alone wireless radio. 5. The method of claim 1, wherein the monitoring step and the transmitting step are performed simultaneously on a plurality of wireless channels. 6. The method of claim 1, wherein the condition is an injection attack. 7. A method of thwarting an attack designed to obtain a secret passphrase of a Wi-Fi protected access wireless network, the method comprising the steps of: monitoring the wireless network to detect a rogue device monitoring the Wi-Fi protected access wireless network for keys;transmitting challenge-response frames on the wireless network responsive to the monitoring step, the challenge-response frames are operable to thwart attacks designed to obtain the secret passphrase, and wherein the challenge-response frames comprise a fake handshake using SNonce and ANonce transmissions during a four way handshake and key exchange designed to obfuscate actual challenge-response frames from the rogue device monitoring the wireless network; andperiodically simulating fake handshakes when authorized devices are already connected with proper handshakes;wherein the monitoring step is performed by a plurality of distributed monitoring devices, the plurality of monitoring devices are connected to one or more servers; andwherein the servers are operable to receive and correlate data, events, and statistics from the distributed monitoring devices and to direct the distributed monitoring devices to perform the transmitting step responsive to any of a periodic interval, an intrusion alarm, a manual request, and an automatic request based on policy. 8. The method of claim 7, wherein the plurality of distributed monitoring devices comprise any of wireless sensors, wireless access points, wireless client devices configured with a software agent, and combinations thereof. 9. The method of claim 7, wherein the monitoring step and the transmitting step are performed by a stand-alone wireless radio. 10. A method of disrupting attempts to break encryption or authentication associated with a wireless network, the method comprising the steps of: receiving a protection request from a monitoring device responsive to detecting weakness due to reuse over a specified time period on the wireless network, the protection request comprising an instruction to protect a wireless network from any of a plurality of wireless attacks;transmitting random protection frames on the wireless network based upon the protection request, the random protection frames being operable to confuse unauthorized devices attempting to collect information from the wireless network, wherein the random protection frames comprising one of random wired equivalent privacy encrypted frames and forged Wi-Fi protected access handshake frames;wherein the random wired equivalent privacy encrypted frames each comprise simulated data with a different wired equivalent privacy key and random initialization vectors generated at a rate derived in response to monitored traffic, and wherein the random initialization vectors are different from monitored initialization vectors but logically correct and in sequence, and wherein the random initialization vectors are invalid packets and are configured to pass validity checks while preventing an attacker to filter out the invalid packets thereby preventing decryption; andwherein weak initialization vectors are reused during a streaming cipher. 11. The method of claim 10, further comprising determining which of a plurality of types of random protection frames to transmit based upon the protection request. 12. The method of claim 10, further comprising signaling the protection request based upon a periodic schedule. 13. The method of claim 10, further comprising: detecting an unauthorized device attempting to attack the wireless network; andsignaling the protection request based on detecting an unauthorized device attempting to attack the wireless network. 14. The method of claim 10, further comprising receiving an intrusion alert from any of a plurality of wireless monitoring devices; and signaling the protection request based upon the intrusion alert. 15. The method of claim 1, wherein the weak initialization vectors comprise a 24 bit initialization vector. 16. The method of claim 1, wherein the weak initialization vectors are reused during a streaming cipher. 17. The method of claim 10, wherein the monitored initialization vectors comprise a 24 bit initialization vector.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.