US 11,057,773 B2
Systems and methods for detecting access point impersonators
Vishal Satyendra Desai, San Jose, CA (US); and Jerome Henry, Pittsboro, NC (US)
Assigned to CISCO TECHNOLOGY, INC., San Jose, CA (US)
Filed by Cisco Technology, Inc., San Jose, CA (US)
Filed on Aug. 19, 2019, as Appl. No. 16/544,651.
Claims priority of provisional application 62/770,153, filed on Nov. 20, 2018.
Prior Publication US 2020/0162924 A1, May 21, 2020
Int. Cl. H04W 12/121 (2021.01); H04W 12/108 (2021.01)
CPC H04W 12/121 (2021.01) [H04W 12/108 (2021.01)] 17 Claims
OG exemplary drawing
 
7. A network controller of a network, comprising:
memory having computer-readable instructions stored therein; and
one or more processors configured to execute the computer-readable instructions to:
receive, at an interval, beacon reports from a plurality of access points, each access point having a respective coverage area and each beacon report including at least information regarding devices connected to the respective access point;
determine, at least in part based on the beacon reports, location information of the plurality of access points and devices connected thereto within the network;
determine, based on the location information and the beacon reports, that at least one of the devices can detect an access point that is not supposed to be within a range of detection of the at least one of the devices;
determine, based on the location information and beacon reports, one or more target areas with the at least one of the devices operating therein, wherein the one or more target areas include at least one overlap of coverage areas between the plurality of access points;
send on-demand beacon requests to the plurality of access points with the at least one overlap of coverage areas;
receive responses to the on-demand beacon requests from the one or more of the plurality of access points; and
in response to receiving the responses, determine at least one access point impersonator based on the responses.