Methods and systems for identifying and mitigating telecommunications network security threats
First Claim
Patent Images
1. A method for identifying and mitigating security threats caused by telecommunications management messages, the method comprising:
- (a) receiving telecommunications signaling messages from an external source;
(b) from the telecommunications signaling messages, screening telecommunications management messages affecting the status of the same managed resource;
(c) applying a time-based security policy to the management messages affecting the status of the same managed resource;
(d) determining whether the, time-based security policy is violated; and
(e) in response to determining that the time-based security policy is violated, performing a mitigating action to protect the resource.
3 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems for identifying and mitigating telecommunications management message security threats are disclosed. A distributed security screening platform receives management messages from external sources. The distributed security screening platform identifies messages affecting the status of the same managed resource and applies a time-based security policy to these messages. If the messages are determined to violate the time-based security policy, a mitigating action is performed to protect the managed resource.
-
Citations
56 Claims
-
1. A method for identifying and mitigating security threats caused by telecommunications management messages, the method comprising:
-
(a) receiving telecommunications signaling messages from an external source;
(b) from the telecommunications signaling messages, screening telecommunications management messages affecting the status of the same managed resource;
(c) applying a time-based security policy to the management messages affecting the status of the same managed resource;
(d) determining whether the, time-based security policy is violated; and
(e) in response to determining that the time-based security policy is violated, performing a mitigating action to protect the resource. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. A system for identifying and mitigating telecommunications network security threats caused by management messages, the system comprising:
-
(a) a plurality of communications modules for sending and receiving signaling messages over external signaling links, each communications module including a security screening function for identifying predetermined management messages for further security screening; and
(b) a plurality of database service modules for receiving the messages identified by the communications modules as requiring further screening, each database service module including a second security screening function for identifying messages received from the communications modules that relate to the same managed entity, for applying a time-based security policy to the messages, and for performing a mitigating action in response to determining that the messages violate the time-based security policy. - View Dependent Claims (29, 30, 31, 32, 33, 34, 35, 36)
-
-
37. A computer program product comprising computer executable instructions embodied in a computer-readable medium for performing steps comprising:
-
(a) receiving telecommunications signaling messages;
(b) from the telecommunications signaling messages, screening telecommunications management messages affecting the status of the same managed resource;
(c) applying a time-based security policy to the management messages that relate to the same managed resource;
(d) determining whether the time-based security policy is violated; and
(e) in response to determining that the time-based security policy is violated, performing a mitigating action to protect the managed resource. - View Dependent Claims (38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49)
-
-
50. A computer program product comprising computer executable instructions embodied in a computer-readable medium for performing steps comprising:
-
(a) receiving telecommunications signaling messages;
(b) identifying, from the signaling messages, messages that match a security screening policy;
(c) determining when the frequency of the messages that match the security screening policy reaches a predetermined threshold;
(d) in response to determining that the frequency reaches the predetermined threshold, throttling the messages for a set time period; and
(e) at the end of the set time period, passing the matching messages upon receipt and repeating steps (a)-(d). - View Dependent Claims (51, 52, 53, 54, 55, 56)
-
Specification