System, apparatus and method for detecting malicious traffic in a communications network
First Claim
Patent Images
1. A network monitoring apparatus for detecting malicious traffic in a communications network, the apparatus comprising:
- an input for receiving service usage data derived, when in use, from signalling data, the signalling data originating, when in use, from a monitored signalling link; and
a data store for storing the service usage data; and
a processing resource to support a pattern matching engine for using a number of the stored data to identify, when in use, traffic patterns communicated to and/or from a communications terminal indicative of malicious traffic.
2 Assignments
0 Petitions
Accused Products
Abstract
Monitoring apparatus has a pattern matching engine that analyses service usage in a network in order to identify traffic relating to malicious attacks. Optionally, the monitoring apparatus can also arrange for a counter-measure to be deployed upon detection of the malicious traffic.
71 Citations
18 Claims
-
1. A network monitoring apparatus for detecting malicious traffic in a communications network, the apparatus comprising:
-
an input for receiving service usage data derived, when in use, from signalling data, the signalling data originating, when in use, from a monitored signalling link; and
a data store for storing the service usage data; and
a processing resource to support a pattern matching engine for using a number of the stored data to identify, when in use, traffic patterns communicated to and/or from a communications terminal indicative of malicious traffic. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method of detecting malicious traffic in a communications network, the method comprising:
-
receiving a feed of service usage data derived from signalling data, the signalling data originating from a monitored signalling link;
storing service usage data; and
using a number of the stored data to identify traffic patterns communicated to and/or from a communications terminal indicative of malicious traffic. - View Dependent Claims (16, 17)
-
-
18. A use of a communications network monitoring system to detect communications to and/or from wireless terminals indicative of a malicious attack.
Specification