U.S. Patent Allowed for Ability to Detect Counterfeit Access Points

AirMagnet Inc. today announced the company has received a notice of allowance for a U.S. Patent covering multiple methods of identifying "spoofed" or counterfeit devices in a wireless LAN.Developed by AirMagnet's CTO, Chia-Chee Kuan, as well as ahief architect, Miles Wu, and president and CEO, Dean Au, the patent further strengthens the company's intellectual property and product portfolio (adding to the company's extensive other patents), delivering a vital element for effective security and intrusion detection associated with wireless network assurance.

Device spoofing is a fundamental technique of wireless hackers and attack tools that routinely attempt to spoof the identity of another wireless device in order to infiltrate a network or hide the source of a network attack.

"This is a critical piece of our wireless IDS technology because so many exploits rely on AP spoofing as a prerequisite to an attack," said Chia-Chee Kuan, CTO of AirMagnet. "Hackers will use AP spoofing as the first step for Man-in-the-Middle attacks, some Denial-of-Service attacks, intrusion techniques and even attempts to avoid detection as a Rogue AP. As a result, the techniques covered in this allowed patent application enable us to detect threats to a WLAN immediately from the onset of an attack."

According to the company, this technology further promotes AirMagnet's leadership in the WLAN space and strengthens the company's wireless network assurance product suite. More specifically, the technology in the patent application detects counterfeit APs by finding anomalies in wireless traffic, such as devices whose actual beacon frame rate differs from the announced or expected frame rate. Additionally, counterfeit APs can be identified by detecting an abundance of out of sequence packets, which could indicate that potentially two devices are transmitting with the same identity.