Geographical Threat Response Prioritization Mapping System And Methods Of Use

US 20070186284A1
Filed: 12/28/2006
Published: 08/09/2007
Est. Priority Date: 08/12/2004
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving threat data comprising at least a description and time of occurrence of a threat and at least one or more of a network address associated with the threat;

determining location data associated with the network address, wherein determining location data comprises determining either wireless location data or a physical location associated with the network address;

correlating the threat data with the location data to generate map data; and

generating a map displaying a geographical location of the threat based on the map data.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for mapping threats (or vulnerabilities to attacks) based on a correlation of location data, such as wireless location data or a physical location, with an network address associated with a threat are provided. In one aspect, methods and systems include receiving threat data, retrieving location data, correlating the threat data with the location data to create map data, and generating a map, based on the map data, displaying a geographical location of the threat. Threat locations may be determined for wired and wireless telecommunications systems.

183 Citations

25 Claims

1. A method comprising:
- receiving threat data comprising at least a description and time of occurrence of a threat and at least one or more of a network address associated with the threat;
  
  determining location data associated with the network address, wherein determining location data comprises determining either wireless location data or a physical location associated with the network address;
  
  correlating the threat data with the location data to generate map data; and
  
  generating a map displaying a geographical location of the threat based on the map data.
- View Dependent Claims (2)
- - 2. The method of claim 1, wherein the threat data further comprises a destination network address, and a threat name.

3. A method comprising:
- receiving threat information about a threat, wherein said threat information comprises a description of the threat and at least one telephone number;
  
  correlating the threat information with location information to determine at least one physical location associated with the threat; and
  
  generating a map displaying a geographical location of the at least one physical location associated with the threat.
- View Dependent Claims (4, 5, 6, 7, 8, 9)
- - 4. The method of claim 3, wherein correlating the threat information with location information to determine at least one physical location associated with the threat comprises electronically correlating the at least one phone number with at least one of an inventory database and a billing database to determine the at least one physical location associated with the threat.
  - 5. The method of claim 3, wherein correlating the threat information with location information to determine at least one physical location associated with the threat comprises electronically correlating the at least one phone number with wireless location data from a wireless telecommunication system, wherein said wireless location data indicates the approximate physical location of a wireless handset having said at least one telephone number when said threat occurred.
  - 6. The method of claim 3, wherein receiving threat information about a threat comprises receiving from a threat detection system that electronically reviews call detail records a description of the threat and at least one telephone number.
  - 7. The method of claim 3, wherein generating a map displaying a geographical location of the at least one physical location associated with the threat comprises electronically generating a map with a computing device and mapping software and electronically displaying on a display device a computer-generated icon that shows the geographical location of the at least one physical location associated with the threat.
  - 8. The method of claim 3 further comprising:
    - receiving threat information identifying a point in a network at which a threat has occurred;
      
      correlating the threat information with location information for the identified network point; and
      
      displaying a geographical location of the identified network point on the map.
  - 9. The method of claim 8, wherein displaying a geographical location of the identified network point on the map comprises electronically generating a map with a computing device and mapping software and electronically displaying on a display device a computer-generated icon that shows the geographical location of the at least one physical location associated with the threat and the identified network point.

10. A method comprising:
- receiving fraud information about a fraud event, wherein said fraud information comprises a description of the fraud event and at least one telephone number;
  
  receiving intrusion information identifying a point in a network at which an intrusion has occurred;
  
  correlating the intrusion information with wireless location data for the identified network point;
  
  correlating the fraud information with location information to determine at least one physical location associated with the fraud event; and
  
  generating a map displaying in layers a geographical location of the at least one physical location associated with the fraud event and a geographical location of the identified network point based upon the wireless location data.
- View Dependent Claims (11, 12, 13)
- - 11. The method of claim 10, wherein correlating the fraud information with location information to determine at least one physical location associated with the fraud event comprises electronically correlating the at least one telephone number with at least one of an inventory database and a billing database to determine the at least one physical location associated with the fraud event.
  - 12. The method of claim 10, wherein receiving fraud information about a fraud event comprises receiving from a fraud detection system that electronically reviews call detail records a description of the fraud event and at least one telephone number.
  - 13. The method of claim 10, wherein generating a map displaying in layers a geographical location of the at least one physical location associated with the fraud event and a geographical location of the identified network point comprises electronically generating a map with a computing device and mapping software and electronically displaying on a display device computer-generated icons that show the geographical location of the at least one physical location associated with the fraud event and the geographical location of the identified network point.

14. A system comprised of:
- a threat detection system configured to electronically review call detail records and identify suspected threats by creating threat information;
  
  a location engine configured to receive said threat information from said threat detection system and correlate said threat information with one or more physical locations; and
  
  an electronic mapping system configured to receive at least said one or more physical locations from said location engine and map said one or more physical locations on an electronic map that is displayed on a display device.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The system of claim 14, wherein said threat information is comprised of at least a portion of one or more telephone numbers.
  - 16. The system of claim 15, wherein correlating said threat information with one or more physical locations comprises using said at least a portion of one or more telephone numbers correlated against a location database to determine said one or more physical locations.
  - 17. The system of claim 16, wherein the location database is comprised of at least one of an inventory database and a billing database.
  - 18. The system of claim 14, wherein said one or more physical locations are provided as one of street addresses, latitude and longitude, horizontal and vertical coordinates, or combinations thereof.
  - 19. The system of claim 14 wherein said intrusion detection system is further configured to electronically review network information and identify one or more threat points in a network, wherein the location engine is configured to receive said one or more threat points from said threat detection system and correlate said one or more threat points with location information for each of the one or more threat points and said electronic mapping system is configured to receive said location information for said at least said one or more threat points from said location engine and map said location information for said one or more threat points on the electronic map that is displayed on the display device.

20. A system comprised of:
- a fraud database comprised of fraud information associated with one or more fraud events;
  
  an intrusion database comprised of intrusion information associated with one or more intrusion points in a network;
  
  a location engine configured to retrieve said fraud information from said fraud database and said intrusion information from said intrusion database and correlate said fraud information and said intrusion information with one or more physical locations;
  
  a mapping database configured to receive at least said one or more physical locations from said location engine to form mapping information; and
  
  an electronic mapping system map that is configured to retrieve said mapping information from said mapping database and display said one or more physical locations of said fraud events and intrusion points on an electronic map that is displayed on a display device.
- View Dependent Claims (21, 22, 23, 24, 25)
- - 21. The system of claim 20, wherein said fraud information is comprised of at least a portion of one or more telephone numbers.
  - 22. The system of claim 21, wherein correlating said fraud information with one or more physical locations comprises using said at least a portion of one or more telephone numbers correlated against a location database to determine said one or more physical locations.
  - 23. The system of claim 22, wherein the location database is comprised of at least one of an inventory database and a billing database.
  - 24. The system of claim 20, wherein said intrusion information is comprised of at least a portion of one or more network addresses.
  - 25. The system of claim 24, wherein correlating said intrusion information with one or more physical locations comprises using said at least a portion of one or more network addresses correlated against a location database to determine said one or more physical locations.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Palo Alto Networks Incorporated
Original Assignee
Verizon Corporate Services Group Incorporated (Verizon Communications Inc.)
Inventors
McConnell, James

Granted Patent

US 8,418,246 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/25
CPC Class Codes

G06F 21/55   Detecting local intrusion o...

G06F 21/577   Assessing vulnerabilities a...

G06F 2221/2111   Location-sensitive, e.g. ge...

H04L 63/107   wherein the security polici...

H04L 63/1425   Traffic logging, e.g. anoma...

Geographical Threat Response Prioritization Mapping System And Methods Of Use

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

183 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Geographical Threat Response Prioritization Mapping System And Methods Of Use

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

183 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links