1. Field of the Invention
The present patent document relates generally to detecting security breaches in wireless networks and more particularly to a method and system to ascertain the security of a wireless computer network system and actively detect attacks in wireless computer network systems.
2. Background of the Related Art
Traditional wireless intrusion detection/prevention (WIPS) technologies are focused almost exclusively on the radio frequency (RF) spectrum to reactively detect malicious wireless traffic. Capabilities usually include detection of “Evil Twin” access points (AP's), man in the middle, denial of service, and static known attack signatures. Responses of a traditional WIPS include de-authentication of devices, black listing, and rogue AP reporting.
In much the same way, traditional network resident intrusion detection and prevention systems are focused on matching signatures (using a rule set) of network traffic transiting a network interface and blocking or alerting to bad traffic.
All of these techniques are not usable on foreign, or unknown wireless computer networks, where the security and control of the foreign computer network system is unknown. Accordingly, there is a need in the industry for a user to be able to determine whether participation in a foreign or unknown wireless computer network is a security risk prior to joining the wireless computer network with.