1. Intrusion Detection System (IDS)
At present, wireless networks (or wireless LAN, that is, WLAN) use the IEEE802.11b standard in a unified manner. On the physical layer, IEEE802.11b uses a wireless frequency of 2 to 45 GHz and the maximum bit rate reaches l1Mbps, use Direct Sequence Spread Spectrum (DSSS) transmission technology.
On the MAC Sub-layer of the data link layer, 802.11b uses the "CSMA/CA" Media Access Control (MAC) protocol. Because WLAN uses public electromagnetic waves as the carrier and anyone has conditional eavesdropping or interference information, unauthorized access and eavesdropping are not easy to guard against.
The Intrusion Detection System (IDS) monitors wireless data packets by setting a monitoring proxy in the network, and uses the detection engine to detect unauthorized AP and disguised MAC addresses for monitoring, recording, and reporting warning information.
Currently, the most common IDS detection method is feature matching, which compares the network packet data with the "attack content" or features written in advance in the rule to determine whether the data packet is aggressive. Most IDS matching algorithms are similar to the multi-mode detection algorithm of Snort, an open-source Intrusion Detection System. exception detection is another IDS detection method, which is usually used as a supplement to feature matching.
In the face of a variety of network attacks and intrusions, this technology needs to be constantly improved. Currently, wireless network security products are developed based on Intrusion Detection. In fact, such security products cannot prevent external attacks from the source, especially in the case of targeted and professional attacks, security of confidential information cannot be guaranteed.
For ordinary wireless network users, the use of wireless networks requires both portable, high-speed, and secure features. Therefore, IDS is an important development direction, however, for applications that require higher confidentiality in the military, a more secure solution is required.
2. electromagnetic interference and electromagnetic shielding technology
Electromagnetic interference (EMI) is an electronic noise that interferes with cable signals and reduces signal integrity. EMI is usually produced by sources of electromagnetic radiation, such as motors and machines.
Electromagnetic interference EMI (ElectromagneticInterference) is divided into two types: conducting interference and radiation interference. Conduction Interference refers to the signal coupling (interference) on an electrical network to another electrical network through conductive media. Radiation interference means that the interference source coupling (interference) its signal to another electrical network through space.
Electromagnetic interference transmission channels are generally divided into two types: conduction coupling mode and radiation coupling mode. Any electromagnetic interference must occur through transmission or transmission channels of interference energy ). Electromagnetic interference is usually considered to have two transmission modes: one is transmission mode and the other is radiation transmission mode. Therefore, interference coupling can be divided into two categories: conduction coupling and radiation coupling.
Transmission must have a complete circuit connection between the interference source and the sensor. Interference signals are transmitted along the connection circuit to the sensor. This transmission circuit can include the power supply, public impedance, grounding flat, resistance, inductance, capacitance and mutual inductance of wires, conductive components of the equipment. Radiation transmission is carried out in the form of electromagnetic waves, and the interference energy is emitted to the surrounding space according to the laws of the electromagnetic field.
Common radiation coupling consists of three types::
1. the electromagnetic waves emitted by antenna A are accidentally accepted by antenna B, which is called Antenna Coupling to the antenna;
2. Spatial electromagnetic fields are coupled by wire induction, which is called field-to-wire coupling;
3. High-Frequency Signal Sensing between two parallel wires is called line-to-line inductive coupling.
Electromagnetic Shielding is one of the main measures of Electromagnetic Compatibility Technology.
The technical principle of electromagnetic shielding is to use metal shielding materials to block the electromagnetic interference source, so that the external electromagnetic intensity is lower than the allowable value; or use a metal shielding material to close the electromagnetic sensitive circuit so that its internal electromagnetic field strength is lower than the allowable value.
1. electrostatic Shielding: a complete metal shielding body is used to enclose a positive conductor. On the inside of the shield body, a negative charge equivalent to that of a charged conductor is generated, and a positive charge equivalent to that of a charged conductor appears on the outside, if the metal shielding body is grounded, the positive charge on the outside will flow to the earth, and there will be no electric field on the outside, that is, the electric field with the positive conductor will be shielded in the metal shielding body.
2. Alternating Electric Field shielding: to reduce the coupling interference voltage of the alternating electric field on the sensitive circuit, a metal shielding body with good conductivity can be set between the disturbance source and the sensitive circuit, and the metal shielding body is grounded. The interference voltage of the alternating electric field on the coupling Station of the sensitive circuit depends on the accumulation of alternating electric field voltage, coupling capacitance and grounding resistance of the metal shielding body. As long as the metal shield is properly grounded, the interference voltage of the alternating electric field on the coupling Station of the sensitive circuit becomes very small. The electric field shielding is dominated by reflection, so the thickness of the shielding body does not have to be too large, and the structural strength is the main factor.
3. alternating magnetic field shielding: alternating magnetic field shielding can be divided into high-frequency and low-frequency shielding. Low Frequency Magnetic Field shielding uses materials with high magnetic permeability to form a low magnetic resistance path, so that most of the magnetic fields are concentrated in the shielding body. The higher the permeability of the shielding body, the larger the thickness and the smaller the reluctance, the better the shielding effect of the magnetic field. Of course, it must be in line with the weight of the device.
The shielding of high-frequency magnetic fields is achieved by using the reverse magnetic field of eddy current generated by materials with high conductivity to offset the interference magnetic field.
4. alternating electromagnetic field shielding: material with high conductivity is generally used as the shielding body, and the shielding body is grounded. It uses the shielding body under the action of high-frequency magnetic field to generate the reverse direction of the eddy current magnetic field and the original magnetic field to offset and weaken the interference of the high-frequency magnetic field, and achieves the electric field shielding due to the grounding of the shielding body. The thickness of the shielding body does not need to be too large, but the main factor is skin depth and structural strength.
After the shielding body is completed, the shielding performance should be checked.
The TIPTOP wireless network blocking system can send interference signals within a certain distance to effectively block the communications between the wireless networks in the specified network channel, while maintaining the normal communication of the preset network channel. It meets certain communication requirements of wireless networks and provides reliable protection for confidential information in wireless network environments.
The TIPTOP wireless network blocking system directly analyzes wireless network channels and blocks them through signal interference. Therefore, it can meet the confidentiality needs of high-level confidential sites. Its unique feature is that it can preset trusted channels to conduct electromagnetic interference on wireless network channels other than trusted channels. This selective blocking not only eliminates the possibility of hacker attacks, at the same time, communication with the outside world is retained.
The TIPTOP wireless network blocking system controls wireless network signals based on network communication protocols from the perspective of the network physical layer. Similar wireless network security products usually analyze MAC addresses and protocols, detects MAC address camouflage and Flood Denial of Service attacks, monitors and analyzes APs, and identifies counterfeit aps to prevent leaks. In contrast, the TIPTOP wireless network blocking system is more secure and reliable, and can effectively defend against network attacks.
4. Conclusion
In the application field of wireless networks, information security is always the first priority. Without a complete wireless network security solution, the development of wireless networks is bound to be hindered. The TIPTOP wireless network blocking system has a different path. It directly controls wireless network channels without skipping network protocols. Therefore, it has high security and reliability, while providing users with a safe and reliable wireless network experience, reduce or even eliminate the loss of national interests and people's property caused by leaks.
The State Security Bureau explicitly stipulates that computers with wireless functions, network devices with wireless interconnection functions, wireless keyboards, and mice are prohibited from using confidential computer information systems, in today's widespread use of wireless network devices, such mandatory provisions are difficult to implement and will also affect work efficiency. The TIPTOP wireless network blocking system will change this situation and bring a revolution to the application of the military, courts, prisons, and other industries in the wireless networks in the classified areas.
Shielding Effectiveness detection equipment: shielding effectiveness detection equipment include frequency conversion signal source, RF amplifier, transmitting antenna, electromagnetic field receiving antenna, attenuation, measurement receiver, data recorder.
Shielding efficiency detection method:
1) positioning the measurement point;
2) Calibration and detection equipment;
3) environment level H when no emission is measured;
4) When no shielding is measured, the electromagnetic field strength W of the transmitter is received at the measurement point;
5) the electromagnetic field strength Y of the transmitter is received at the measurement point when the measurement is shielded;
6) The detection and analysis of the shielding efficiency SE is calculated
SE = 201ogl0f (W-H),/(y h) J;
7) after calculation, compare the shielding efficiency sE with the design requirements to see if the design requirements are met, whether the security margin meets the requirements, and whether the design has been performed. If the requirement is not met, analyze the cause and make improvements until the requirement is met. If there is a design, analyze the cause and make improvements in the future design.
3. Wireless Network Blocking System Analysis
TIPTOP wireless network blocking system adopts a controllable electromagnetic interference technology. It is a set of wireless network security systems with interference measures and shielding purposes.
The TIPTOP wireless network blocking system uses electromagnetic interference technology. By interfering with the 2.4GWLAN wireless communication network (IEEE 802.1ib/g/n), it can block all or all wireless receivers (AccessPoint) in the WLAN) or the personal work platform (Station) wireless channel, and the use of intelligent analysis technology, once the wireless signal appears in the environment, that is, to interfere with it, and record the interference results for use when needed.
The TIPTOP wireless network blocking system consists of three parts: detection, interference, and control.
Detection part:
This part includes signal amplification, signal processing, and detection channel strength.
The amplification module consists of two modules, namely, the middle-level amplification of input amplification. The main function is to zoom in the signal for processing. After processing, the output signal is detected by the signal detection chip, and then transmitted to the signal control part for processing.
Interference signal:
This part includes two modules: Signal push and power amplifier.
After the signal processing is complete, the interference signal is output, which is then amplified. Output RF interference signal. The interference signal intensity is about.
Control part:
The control part receives external program commands, controls the processing of sending and receiving signals according to the commands, determines the sending and receiving methods, and then transmits interference signals according to the instructions.
Interference Method:
During the interference process, you can set a secure channel through an external program. The secure channel can communicate normally without interference. When data communication is not required, the channel can also be closed to form full-band interference.
Electromagnetic interference technology is a mature and widely used technology. Currently, electromagnetic jamming devices, such as conference Encryptors and mobile phone signal jammers, are used. However, traditional electromagnetic interference products adopt full-band interference methods similar to white noise. The TIPTOP wireless network blocking system also uses the electromagnetic interference principle to interfere with wireless network signals, but its interference is selective and controllable and operable.