Wireless computer networks have grown in recent years not only for business enterprise environments but also for the small office/home office, universities and even cafes. The wireless local area networks (WLAN) make it very convenient for users to access information in a computer network, whether for work or recreation.
A WLAN makes use of wireless access points (AP) to send and receive signals to connect computers wirelessly to a central computer or server. Organizations provide WLANs to facilitate their employees, business partners, students or customers to access their servers.
However, unlike a wired local area network (LAN) where access means that a user's computer has to be physically connected to a network socket via a wire or cable, access to wireless LANs only require a user to have a wireless access card on his computer for access to the network.
This wireless access card may also be present as an in-built capability in computers and other wireless computing devices such as personal digital assistants (PDAs), tablet computers, mobile telephones and combination devices with features of these wireless computing devices.
In a WLAN deployment, while servers and access points have native security measures, these may not be sufficiently or properly enabled due to ignorance, or are intentionally circumvented by users who desire faster access to the network.
Numerous methods and devices to restrict access to a WLAN to authorized users only abound. However, when an unauthorized or rogue user is detected, existing methods and devices of the prior art are not able to detect the geographical location of these rogue users.
To detect rogue users, the techniques of the prior art may use a wireless monitoring device that stores Media Access Control (MAC) addresses of users to compare the device number of each access point used against a list of authorized APs. This information may be correlated to Received Signal Strength Indicator values so as to give an idea of the distance the rogue user is from an AP of the network. However, determining and geographically locating the AP in question more precisely is not possible with the methods of the prior art.
To locate any rogue users in the network, a person has to use another device, a customized receiver with a directional antenna. This device is brought to the area where the rogue user is suspected to be in, to “home in” on his signals. Such a device may be couple to a Global Positioning System device as is taught by WO02/089507 (Younis).
Another invention uses a time acquisition unit to determine the distance of a mobile terminal from an AP (WO03/046600, Dietrich and Kraemer). Yet another invention (US2003023876, Bardsley), correlates network and intrusion information to find the physical connection port into the protected device rather than the geographical location of the rogue user.
However, all these inventions cannot detect and locate the rogue user without having to physically be on the ground, in the area covered by the WLAN. As such, these methods of the prior art are limited by requiring a human to physically patrol the area with a receiver to locate rogue users. Therefore, a method of detecting and determining the geographical location of unauthorized or rogue access users without having to be physically on the ground, will add an extra layer of protection to critical network resources without having to incur high costs, especially in human resources. Such an invention will be welcome to address this deficiency in the prior art.