×

System and method for securing communication and information of mobile devices through a controlled cellular communication network

  • US 10,341,856 B2
  • Filed: 05/10/2017
  • Issued: 07/02/2019
  • Est. Priority Date: 05/10/2016
  • Status: Active Grant
First Claim
Patent Images

1. A system for providing security services, for securing the privacy of cellular network subscribers and the security of data stored on the said subscribers'"'"' User Cellular Devices (UCDs), said system comprising:

  • at least one non-transitory computer readable storage device and one or more processors operatively coupled to the storage device on which are stored modules of instruction code which when executed by said one or more processors implements a Controlled Cellular Network (CCN), interfacing a cellular Public Land Mobile Network (PLMN), said PLMN hosting a plurality of cellular subscribers;

    wherein said CCN provides said security services to “

    serviced subscribers”

    ;

    wherein said CCN encapsulates communication between UCD of said serviced subscribers and the hosting PLMN, said communication including at least part of;

    control, signaling, SMS and data communications;

    wherein said CCN is configured to monitor and analyze parameters and characteristics of said encapsulated communication in real time or in relation to historically acquired data, including at least one of;

    time patterns, volumes, destination address, source address, content and context;

    wherein said CCN is configured to identify statistic deviations exceeding predefined thresholds, based on said analysis of parameters and characteristics of said encapsulated communication;

    wherein said CCN is configured to identify the occurrence of predefined suspicious events and scenarios, based on said analysis of said encapsulated communication;

    wherein said CCN is configured to identify security threats to the privacy of said serviced subscribers and to the data stored on their UCD and determine said threats'"'"' category and probability, based on said analysis of encapsulated communication;

    wherein the said CCN is configured to respond to said security threats in real time or in near-real time and take active measures to avert the said suspected threats;

    wherein said active measures including at least one of;

    blocking or diverting communication, alerting serviced subscribers and/or system administrators, responding to system queries with altered data, and logging of suspicious events and scenarios;

    wherein application of said active measures depends on the category of identified security threat, the identified threat'"'"'s probability, and the serviced subscriber'"'"'s profile;

    wherein said CCN comprises at least one of;

    controlled module(s), configured to complement the functionality of respective elements of the hosting cellular PLMN;

    a security center module, configured to perform at least one of instantiation, configuration, monitoring, analysis and management of the functionality of each of said controlled modules; and

    an administrative module, configured to interface said security center module, and provide an administrator interface for at least one of;

    instantiating controlled modules of one or more CCNs;

    configuring said controlled modules of said one or more CCNs, to serve serviced subscribers of the hosting cellular PLMN;

    presenting alerts regarding the functionality of the CCN and events within the hosting cellular PLMN;

    extracting reports regarding the functionality of the CCN and events within the hosting cellular PLMN;

    wherein the said security center module comprises at least one of the following modules;

    a probe interface module, configured to probe each of the said controlled modules within the CCN, and accumulate data regarding transactions, events and scenarios occurring on the hosing PLMN and data regarding communication between elements of the CCN and the hosting PLMN;

    a data analysis module, configured to perform at least one of;

    obtaining the data accumulated by the said probe interface module;

    analyzing parameters and characteristics of said encapsulated communication in real time or in near-real time, including at least one of;

    time patterns, volumes, destination address, source address, content and context;

    identifying statistic deviations exceeding predefined thresholds;

    analyzing accumulated historical data, pertaining to parameters and characteristics of said encapsulated communication;

    identifying the occurrence of predefined suspicious events and scenarios on the hosing PLMN based on said analysis;

    identifying security threats to the privacy of serviced subscribers and data stored on their UCD based on said analysis;

    emitting activity messages to other controlled modules of the CCN to avert the said identified security threats, and emitting alert messages to said administrative module and/or UCD to notify against said identified security threats;

    maintaining an events'"'"' database;

    a security action management module configured to perform at least one of;

    receiving activity messages from the data analysis module;

    obtaining parameters of served subscriber'"'"'s profile from a subscribers database;

    interfacing and commanding controlled modules within the CCN to carry out security actions that are required to avert the said identified security threat, according to the category of identified threat, the identified threat'"'"'s probability, and the serviced subscriber'"'"'s profile; and

    a threats management module, configured to manage and maintain a database of the security threats encountered during the activity of the CCN;

    further comprising a UCD Lifeline Module (ULM) embedded within said serviced subscribers'"'"' UCD, on which are stored modules of instruction code, which when executed by the ULM, configure the UCD to initiate lifeline communication to the security action management module or respond to lifeline communication from the security action management module;

    wherein;

    the said security action management module is configured to initiate lifeline communication to the UCD or respond to lifeline communication from the UCD;

    failure of reception of Lifeline communication on the security action management module side is reported to the data analysis module as real-time indication of an attempt to hijack the UCD from the hosting PLMN; and

    failure of reception of Lifeline communication on the ULM invokes security actions on the UCD side, said actions including at least one of;

    alerting the user regarding failure of lifeline reception and altering at least one of the UCD'"'"'s identity parameters.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×