1. Intrusion detection System (IDS)
At present, the wireless network (or wireless LAN, that is, WLAN) unified implementation of the IEEE802.11B standard, in the physical layer, ieee802.11b 2.45GHz Wireless frequency, the largest bit rate up to l1mbps, the use of direct sequence spread spectrum (DSSS) transmission technology.
At the MAC layer of the Data link layer, 802.11B uses the "carrier interception multi-point access/conflict avoidance (CSMA/CA)" Media access Control (MAC) protocol. Because the WLAN uses the public electromagnetic wave as the carrier, any person has the condition to eavesdrop or disturbs the information, therefore the ultra vires access and the eavesdropping behavior also is more not easy to guard against.
Intrusion detection System (IDS) monitors wireless packets by setting up a monitoring agent in the network and detects, logs and reports warning messages using the detection engine to detect unauthorized APS and camouflage MAC addresses.
At present, the most commonly used IDs detection method is feature matching, which is to compare the network packet data with the "attack content" or the feature in the rule, so as to determine whether the packet is aggressive. Most IDs matching algorithms are similar to that of the open source intrusion detection system snort, and the anomaly detection method is another kind of IDs detection method, which is usually a complementary way of feature matching.
This technology needs to be perfected in the face of diverse cyber attacks and intrusions. The current wireless network security products are developed based on intrusion detection, in fact, this kind of security products can not eliminate from the source of external attacks, especially in the occurrence of targeted and professional attacks, can not guarantee the security of secret information.
For ordinary wireless network users, the use of wireless network needs to take into account the characteristics of portability, high-speed, security, so IDs is an important direction of development, but for similar military security requirements for more applications, the need to adopt a more secure solution.
2. Electromagnetic interference and electromagnetic shielding technology
Electromagnetic Interference (EMI) is an electronic noise that interferes with the cable signal and reduces the integrity of the signal, and EMI is usually generated by electromagnetic radiation sources such as motors and machines.
Electromagnetic interference EMI (electromagneticinterference), there are conduction interference and radiation interference two kinds. Conduction interference refers to the coupling (interference) of a signal on an electric network through a conductive medium to another electric network. Radiation interference is the interference source through space to the coupling of its signal (interference) to another electrical network.
There are two kinds of electromagnetic interference transmission methods: conduction coupling mode and radiation coupling mode. Any electromagnetic interference will inevitably have interference energy transmission and transmission channels (or transmission channels). It is generally believed that electromagnetic interference transmission has two ways: one is conduction transmission mode, the other is radiation transmission mode. Therefore, from the disturbed sensors, the interference coupling can be divided into two kinds: conduction coupling and radiation coupling.
The conduction transmission must have a complete circuit connection between the jamming source and the sensor, and the jamming signal is transmitted to the sensor through the connection circuit, and the interference phenomenon occurs. The transmission circuit may include a conductor, a conductive component of the equipment, a power supply, a common impedance, a grounding plate, a resistor, an inductance, a capacitor, and a mutual inductance element. Radiation transmission is transmitted through the media in the form of electromagnetic waves, interfering with the energy of the electromagnetic field in the law to the surrounding space launch.
The common radiation coupling consists of three species:
1. The electromagnetic wave emitted by a antenna is accidentally accepted by the B antenna, which is called antenna coupling to the antenna;
2. The Space electromagnetic field is coupled by the wire induction, which is called the coupling of the field pair line;
3. Two parallel conductors of high-frequency signal induction, known as line to the line of the induction coupling.
Electromagnetic shielding is one of the main measures of electromagnetic compatibility technology.
The technical principle of electromagnetic shielding, that is, using metal shielding material to close the electromagnetic interference source, so that the external electromagnetic field intensity is lower than the allowable value of a measure; or use metal shielding material to close the electromagnetic sensitive circuit, so that its internal electromagnetic field strength is lower than the allowable value of a measure.
1. Electrostatic shielding: Surrounded by a positive conductor with a complete metal shield, on the inside of the shield will be induced with the charged conductor the same amount of negative charge, the outer side appears with the charged conductor equal to the positive charge, if the metal shielding body grounding, then the external positive charge will flow the Earth, the outside will not have an electric field, The electric field with positive conductor is shielded in the metal shielding body.
2. Alternating shielding: In order to reduce the coupling interference voltage of the alternating to the sensitive circuit, it is possible to set the metal shielding body with good conductivity between the disturbance source and the sensitive circuit, and to ground the metal shielding body. The alternating interference voltage of the sensitive circuit depends on the alternating voltage, the coupling capacitance and the product of the metal shield grounding resistance. As long as the metal shield is managed to be well grounded, it can make the alternating to the sensitive circuit of the coupling of interference voltage becomes very small. The shielding of the electric field is mainly reflected, so the thickness of the shielding body need not be too large, but the structural strength is the main factor to consider.
3. Alternating magnetic field shielding: alternating magnetic field shielding has high-frequency and low-frequency points. Low-frequency magnetic shielding is the use of high permeability materials to form a small reluctance pathway, so that most of the magnetic field is concentrated in the shielding body. The higher the permeability of the shielding body, the greater the thickness, the smaller the magnetic resistance, the better the shielding effect of the magnetic field. Of course, with the weight of the equipment to coordinate.
The shielding of high frequency magnetic field is realized by using the reverse magnetic field of eddy current generated by high conductivity material to counteract the interference magnetic field.
4. Alternating electromagnetic field shielding: The general use of high conductivity of the material as a shielding body, and the shielding body grounding. It is the use of shielding body in the high-frequency magnetic field in the reverse direction of the eddy current magnetic field and the original magnetic field offset to weaken the high-frequency magnetic field interference, but also because of shielding the grounding of the electric field shielding. The thickness of the shielding body should not be too large, and the skin depth and structure strength should be considered as the main factors.
Shielding effectiveness testing is needed after the shield is done well.
The TipTop wireless network blocking system can effectively block the communication of the wireless network in the specified network channel by sending the jamming signal at a certain distance, while maintaining the normal communication of the preset network channel. While satisfying the communication requirements of wireless network, it provides a reliable protection of the secret information in the wireless network environment.
TipTop wireless network blocking system Bypass communication protocol to analyze the wireless network channel directly, and through the signal interference to achieve blocking purposes, so it can meet the confidentiality needs of high level secret-involved places. Its unique point is that it can preset trusted channel, the wireless network channel outside the trusted channel electromagnetic interference, this selective blocking not only can eliminate the possibility of hackers attack, but also retain the communication with the outside world.
TipTop wireless network blocking system from the point of view of the network physical layer, on the network communication protocol for wireless network signal implementation control, and the same kind of wireless network security products are usually through the MAC address and protocol analysis, detect whether there are MAC address camouflage and flood denial of service attacks, monitoring and analysis of AP, Identify counterfeit AP, so as to prevent leakage of the purpose. Compared with the TipTop wireless network blocking system is more secure and reliable, and can effectively resist network attacks.
4. Conclusion
In the wireless network application domain, guarantees the information security always is the first, does not have the consummation wireless network security solution, will hinder the wireless network itself the development. TipTop wireless network blocking system, bypass network protocol directly to the wireless network channel control, so have a very high security and reliability, in order to bring users a safe and reliable wireless network experience, while reducing or even eliminate leakage caused by the national interests, the loss of people's property.
The State Secrecy Bureau expressly prohibits the use of wireless interconnected peripherals, such as radio-enabled computers, wireless interconnected network devices, wireless keyboards and mice, and so on, in the wide use of wireless network equipment today, such mandatory regulations are difficult to achieve, but also affect the efficiency. The TipTop wireless network blocking system will change this situation and bring about a revolution in the use of the military, courts, prisons and other industries involved in the region's wireless networks.
Shielding effectiveness of the testing equipment: shielding effectiveness of the detection equipment has a variable frequency signal source, RF amplifier, transmitting antenna, electromagnetic field receiving antenna, attenuator, measuring receivers, data recorder.
Shielding effectiveness of the detection method:
1 positioning measuring point;
2) Calibration of testing equipment;
3 The measurement of the ambient level without launch H;
4 The electromagnetic field intensity of the transmitter is received at the point of measurement without shielding;
(5) Measuring the intensity Y of the electromagnetic field of the transmitter at the measuring point when shielding;
6) Shielding effectiveness se detection and analysis shielding effectiveness SE formula for
se=201ogl0f (W-h),/(Y H) J;
7 after calculation, the shielding effectiveness of SE and design requirements, to see whether the design requirements, safety margin to meet the requirements, whether there has been design. If you do not meet the requirements, you need to analyze the causes and improve them until the requirements are met. If there is a design, but also to analyze the reasons, and in the future to improve the design.
3. Wireless network blocking system analysis
TipTop wireless network blocking system, using a controllable electromagnetic interference technology, is a set of interference as a means of shielding for the purpose of the wireless network security system.
TipTop Wireless network Blocking system uses electromagnetic interference technology, through the 2.4GWLAN Wireless Communication Network (ieee802.1ib/g/n) interference, to achieve full or selective blocking WLAN wireless receiver (Accesspoint) or personal work platform ( Station) wireless channel, at the same time using intelligent analysis technology, once the wireless signal in the environment, that is, interference, and record the interference results for use when needed.
The TipTop wireless network blocking system mainly consists of three parts, which are detection part, jamming part and control part respectively.
Test section:
This section includes signal amplification, signal processing and detection channel strength.
The amplification part includes the input amplification intermediate level amplification two modules, the main function is the signal amplification for processing, after processing completes the output signal after the signal detection chip detects the signal intensity, then transmits to the signal control partial processing.
Jamming signal:
This part includes the signal front-level drive and the last stage amplifier two modules.
After the signal processing is completed, the output jamming signal is processed. Output RF interference signal, interference signal strength of about 0.5W.
Control Section:
The control part receives the external program instruction, according to the instruction carries on the control sending and receiving signal processing, and determines the sending and receiving way, then launches the jamming signal according to the instruction request.
Jamming mode:
In the process of interference, you can set up a safe channel through the external program, the safe channel can be normal data communication, will not be disturbed, when no need for data communication, can also close this channel, forming a full band interference.
Electromagnetic interference technology is a widely used mature technology, the current electromagnetic jammers, such as conference secrecy machine, mobile phone signal jammer, however, the traditional electromagnetic interference products are similar to the total frequency of white noise interference mode. TipTop Wireless network Blocking system also uses the principle of electromagnetic interference to interfere with wireless network signal, but its interference is selective, and has controllability and maneuverability.