Short message service spam data analysis and detection

US 10,129,391 B2
Filed: 09/12/2016
Issued: 11/13/2018
Est. Priority Date: 07/02/2012
Status: Active Grant

First Claim

Patent Images

1. A method for identifying a potential source of a short message service spam, the method comprising:

collecting, by a processor of an application server deployed in a telecommunication network from a billing server of the telecommunication network, a plurality of call detail records associated with a plurality of short message service messages, wherein a device type allocation code is included in each of the plurality of call detail records;

extracting, by the processor, the device type allocation code from each of the plurality of call detail records, wherein the device type allocation code identifies a manufacturer of a device that is originating the plurality of short message service messages and a model type of the device, wherein the device type allocation code is extracted from an international mobile equipment identity number of the device that is included in each of the plurality of call detail records;

comparing, by the processor, the device type allocation code to a device type watch list, wherein the device type watch list includes device type allocation codes of model types that are associated with short message service spam originators;

identifying, by the processor, the device as the potential source of the short message service spam when the device type allocation code is contained in the device type watch list; and

blocking, by the processor, communications from the device that has been identified as the potential source of the short message service spam based upon the device type allocation code being contained in the device type watch list.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for identifying a potential source of SMS spam are disclosed. For example, the method collects a plurality of call detail records, extracts at least one feature from each of the plurality of call detail records, and identifies the potential source of the short message service spam by analyzing the at least one feature that is extracted from each of the plurality of call detail records.

13 Citations

20 Claims

1. A method for identifying a potential source of a short message service spam, the method comprising:
- collecting, by a processor of an application server deployed in a telecommunication network from a billing server of the telecommunication network, a plurality of call detail records associated with a plurality of short message service messages, wherein a device type allocation code is included in each of the plurality of call detail records;
  
  extracting, by the processor, the device type allocation code from each of the plurality of call detail records, wherein the device type allocation code identifies a manufacturer of a device that is originating the plurality of short message service messages and a model type of the device, wherein the device type allocation code is extracted from an international mobile equipment identity number of the device that is included in each of the plurality of call detail records;
  
  comparing, by the processor, the device type allocation code to a device type watch list, wherein the device type watch list includes device type allocation codes of model types that are associated with short message service spam originators;
  
  identifying, by the processor, the device as the potential source of the short message service spam when the device type allocation code is contained in the device type watch list; and
  
  blocking, by the processor, communications from the device that has been identified as the potential source of the short message service spam based upon the device type allocation code being contained in the device type watch list.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, wherein the comparing further comprises comparing the international mobile equipment identity number to a device watch list.
  - 3. The method of claim 1, wherein the blocking further comprises blocking an account using the device that has been identified as the potential source of the short message service spam based upon the international mobile equipment identity number of the device.
  - 4. The method of claim 1, further comprising:
    - extracting a geographic origin from each of the plurality of short message service messages, wherein the blocking is further based on the geographic origin being associated with sources of short message service spam.
  - 5. The method of claim 1, wherein the device type allocation code comprises one feature of a plurality of features extracted from each of the plurality of call detail records.
  - 6. The method of claim 5, wherein the plurality of features is used to calculate a response ratio of a number of incoming short message service messages to a number of outgoing short message service messages.
  - 7. The method of claim 5, wherein the plurality of features is used to calculate a ratio of a volume of short message service messages versus a volume of voice calls.
  - 8. The method of claim 5, wherein the plurality of features is used to determine a geographic pattern of a plurality of messages that is sent.
  - 9. The method of claim 8, wherein the geographic pattern comprises a number of geographic destinations of the plurality of messages that is sent, where the number of geographic destinations is determined based upon an area code of each intended recipient of each of the plurality of messages that is sent.
  - 10. The method of claim 1, wherein the identifying uses a decision tree.
  - 11. The method of claim 1, further comprising:
    - providing a feedback comprising an identification of the device that has been identified as the potential source of the short message service spam.

12. A non-transitory computer-readable storage medium storing a plurality of instructions which, when executed by a processor of an application server deployed in a telecommunication network, cause the processor to perform operations for identifying a potential source of a short message service spam, the operations comprising:
- collecting, from a billing server of the telecommunication network, a plurality of call detail records associated with a plurality of short message service messages, wherein a device type allocation code is included in each of the plurality of call detail records;
  
  extracting the device type allocation code from each of the plurality of call detail records, wherein the device type allocation code identifies a manufacturer of a device that is originating the plurality of short message service messages and a model type of the device, wherein the device type allocation code is extracted from an international mobile equipment identity number of the device that is included in each of the plurality of call detail records;
  
  comparing the device type allocation code to a device type watch list, wherein the device type watch list includes device type allocation codes of model types that are associated with short message service spam originators;
  
  identifying the device as the potential source of the short message service spam when the device type allocation code is contained in the device type watch list; and
  
  blocking communications from the device that has been identified as the potential source of the short message service spam based upon the device type allocation code being contained in the device type watch list.
- View Dependent Claims (13, 14)
- - 13. The non-transitory computer-readable storage medium of claim 12, the operations further comprising:
    - extracting the international mobile equipment identity number of the device from each of the plurality of short message service messages, wherein the blocking is further based on the international mobile equipment identity number.
  - 14. The non-transitory computer-readable storage medium of claim 12, wherein the comparing further comprises comparing the international mobile equipment identity number to a device watch list.

15. An apparatus for identifying a potential source of a short message service spam, the apparatus comprising:
- a processor; and
  
  a non-transitory computer-readable medium storing instructions which, when executed by the processor deployed in a telecommunication network, cause the processor to perform operations, the operations comprising;
  
  collecting, from a billing server of the telecommunication network, a plurality of call detail records associated with a plurality of short message service messages, wherein a device type allocation code is included in each of the plurality of call detail records;
  
  extracting the device type allocation code from each of the plurality of call detail records, wherein the device type allocation code identifies a manufacturer of a device that is originating the plurality of short message service messages and a model type of the device, wherein the device type allocation code is extracted from an international mobile equipment identity number of the device that is included in each of the plurality of call detail records;
  
  comparing the device type allocation code to a device type watch list, wherein the device type watch list includes device type allocation codes of model types that are associated with short message service spam originators;
  
  identifying the device as the potential source of the short message service spam when the device type allocation code is contained in the device type watch list; and
  
  blocking communications from the device that has been identified as the potential source of the short message service spam based upon the device type allocation code being contained in the device type watch list.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The apparatus of claim 15, wherein the comparing further comprises comparing the international mobile equipment identity number to a device watch list.
  - 17. The apparatus of claim 15, wherein the blocking further comprises blocking an account using the device that has been identified as the potential source of the short message service spam based upon the international mobile equipment identity number of the device.
  - 18. The apparatus of claim 15, the operations further comprising:
    - extracting a geographic origin from each of the plurality of short message service messages, wherein the blocking is further based on the geographic origin being associated with sources of short message service spam.
  - 19. The apparatus of claim 15, wherein the device type allocation code comprises one feature of a plurality of features extracted from each of the plurality of call detail records.
  - 20. The apparatus of claim 19, wherein the plurality of features is used to calculate a response ratio of a number of incoming short message service messages to a number of outgoing short message service messages.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
RingCentral Incorporated
Original Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Inventors
Murynets, Ilona, Piqueras Jover, Roger
Primary Examiner(s)
Fang, Keith

Application Number

US15/262,862
Publication Number

US 20160381213A1
Time in Patent Office

792 Days
Field of Search
US Class Current
CPC Class Codes

H04L 51/212   using filtering or selectiv...

H04M 3/2218   Call detail recording

H04M 3/2227   Quality of service monitoring

H04M 3/42382   Text-based messaging servic...

H04W 4/14   Short messaging services, e...

Short message service spam data analysis and detection

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

13 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Short message service spam data analysis and detection

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

13 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links