Verification of cell authenticity in a wireless network through traffic monitoring
First Claim
1. An apparatus comprising:
- an antenna;
a radio-frequency (RF) transceiver coupled to the antenna and configured to wirelessly transmit and receive RF signals via the antenna; and
a processor coupled to the RF transceiver and configured to;
cause the RF transceiver to tune to a control channel of a base station; and
process data encoded onto one or more RF signals transmitted on the control channel to detect presence of traffic between the base station and one or more other RF transceivers; and
wherein, when the presence of the traffic between the base station and the one or more other RF transceivers is not detected, the processor is configured to;
generate a system query including a first nonce;
operate the RF transceiver to transmit a first RF signal having encoded thereon the system query, the first RF signal being directed to the base station; and
process an acknowledgement encoded onto a second RF signal received by the RF transceiver in response to the first RF signal to test authenticity of the base station, the test of authenticity being performed using the first nonce.
2 Assignments
0 Petitions
Accused Products
Abstract
We disclose various embodiments that enable a mobile terminal to confirm authenticity of a base station before the mobile terminal proceeds to camp on the corresponding cell. In an example embodiment, the authentication processing includes the mobile terminal tuning to a selected control channel of the base station to monitor RF signals transmitted thereon. The base station is deemed to be authentic if the monitored RF signals indicate the presence of live traffic between the base station and one or more other mobile terminals. The control channel can be selected from a fixed set of uplink and/or downlink control channels that are typically used by a legitimate base station. The presence of live traffic on the selected control channel can be detected by detecting certain control messages that are typically transmitted on that control channel between the base station and one or more mobile terminals served by that base station.
30 Citations
18 Claims
-
1. An apparatus comprising:
-
an antenna; a radio-frequency (RF) transceiver coupled to the antenna and configured to wirelessly transmit and receive RF signals via the antenna; and a processor coupled to the RF transceiver and configured to; cause the RF transceiver to tune to a control channel of a base station; and process data encoded onto one or more RF signals transmitted on the control channel to detect presence of traffic between the base station and one or more other RF transceivers; and wherein, when the presence of the traffic between the base station and the one or more other RF transceivers is not detected, the processor is configured to; generate a system query including a first nonce; operate the RF transceiver to transmit a first RF signal having encoded thereon the system query, the first RF signal being directed to the base station; and process an acknowledgement encoded onto a second RF signal received by the RF transceiver in response to the first RF signal to test authenticity of the base station, the test of authenticity being performed using the first nonce. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method of making a mobile terminal, the method comprising:
-
coupling an antenna to a radio-frequency (RF) transceiver configured to wirelessly transmit and receive RF signals via the antenna; coupling a processor to the RF transceiver, the processor being configured to; cause the RF transceiver to tune to a control channel of a base station; and process data encoded onto one or more RF signals transmitted on the control channel to detect presence of traffic between the base station and one or more other RF transceivers; and configuring the processor to perform one or more of the following when the presence of the traffic between the base station and the one or more other RF transceivers is not detected; generate a system query including a first nonce; operate the RF transceiver to transmit a first RF signal having encoded thereon the system query, the first RF signal being directed to the base station; and process an acknowledgement encoded onto a second RF signal received by the RF transceiver in response to the first RF signal to test authenticity of the base station, the test of authenticity being performed using the first nonce. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
Specification