Abstract: With the rapid development of public service of wireless network, the quantities of free Access Points（APs） in open system authentication increase explosively. However, the security problems also rise prominently, especially, personal privacy disclosure brought by fake APs, phishing attack and funnel attack. Referring to the mature methods of spam judge, this paper proposes a secure and trusted access method for AP in open system authentication. This method adopts D-S evidence theory. An inference rule base is built, including SSID, Beacon frame transmission density, PHY features of AP, data forwarding features of AP and et al. Through the analysis and combination of AP behavioral evidences, the decision of AP credibility is given. Therefore the wireless terminals can access into the secure and trusted AP. This method is verified by the typical instance.

Key words: Wireless Local Area Networks（WLAN）, Access Points（AP）, D-S evidence theory, behavioral analysis

摘要： 随着无线网络公众服务的推进，免费的开放接入点爆发式增长。针对开放接入点日益突出的安全问题，尤其是伪造接入点带来的个人隐私信息泄露，钓鱼攻击，漏洞攻击等，提出了一种基于接入点行为分析的安全可信接入方法。该方法参考了垃圾邮件判定的相关技术，采用D-S证据理论，建立一个推理规则库（包含SSID判别，Beacon密度，AP的物理层特性，数据转发行为特性等），通过接入点行为证据的分析和合成，完成对接入点可信性的判定，从而避免无线客户端接入非法的接入点。通过典型实例验证了该方法。

关键词: 无线局域网, 接入点, D-S证据理论, 行为分析