The present invention relates to wireless local area networks (WLANs). In particular the invention relates to methods for detecting unauthorized access or attempted access to the wireless local area network.
The tremendous success of WLAN has made it a popular target of hackers (known as “whackers”) who are actively developing new methods for attacking and intruding WLANs. New WLAN hacking tools are published on the internet at an alarming rate. Many industry surveys show that WLAN security is the top concern for most corporate Chief Information Officers considering WLAN deployment. Unfortunately, contemporary WLAN security solutions are either flawed or unproven.
In co-pending application Ser. No. 09/528,697, filed Mar. 17, 2000, which is owned by the assignee of the present application and incorporated herein by reference, there is described a system which follows the protocol of IEEE Standard 802.11, but which uses a combination of RF Ports (also called “access ports”) and Cell Controllers to perform the functions of Access Points of a classical 802.11 data communications system. Lower level MAC functions are performed by the RF Ports and higher level MAC functions, including association and roaming functions, are performed by the cell controller. The term “access point” as used herein is intended to include conventional access points, such as those which follow the protocol of IEEE Standard 802.11 and perform all MAC functions, as well as RF Ports operating with cell controllers, as described in the incorporated co-pending application.
In co-pending application Ser. No. 10/679,524, filed Oct. 6, 2003, which is owned by the assignee of the present application and incorporated herein by reference, there is described a system for use in a wireless local area data communications network wherein mobile units communicate with access points, and wherein the system is arranged to locate transmitters using signals transmitted by the transmitters. A database relating authorized transmitters to location is maintained. Selected signals are detected at the access points and location data corresponding to the selected signals for use in locating a source of the signals is recorded. The source is located using the location data, and the source location is compared to a corresponding location in the database. An alarm is signaled if the source location is inconsistent with the corresponding database location.
It is an object of the present invention to provide an improved system and method for detecting unauthorized access or attempted access to a WLAN.