DENIAL OF SERVICE (DoS) ATTACK PREVENTION THROUGH RANDOM ACCESS CHANNEL RESOURCE REALLOCATION

US 20120155274A1
Filed: 12/20/2010
Published: 06/21/2012
Est. Priority Date: 12/20/2010
Status: Active Grant

First Claim

Patent Images

1. A method of managing wireless transmissions from a mobile handset operating in a wireless network associated therewith, the method comprising the steps of:

using a processor in wireless communication with the mobile handset via the wireless network, determining whether the mobile handset is a source of a Random Access Channel (RACH) overload in the wireless network; and

upon determining that the mobile handset is a source of the RACH overload, configuring the mobile handset, using the processor, to replace usage of a first RACH resource causing the RACH overload with usage of a second RACH resource specified by the processor.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method to substantially prevent Denial of Service (DoS) attacks due to Random Access Channel (RACH) overload in cellular wireless networks. Once a mobile handset is identified to cause or contribute significantly to a RACH overload of the cell, the system sends a special System Information Block (SIB) message targeted to that mobile handset and instructing it to redirect its RACH signaling to a separate RACH/PRACH (Physical Random Access Channel) resource or to a small part of the current RACH/PRACH resource. This allows most or all of the regular RACH/PRACH resource from being overloaded by a single user or a group of users. The use of a separate RACH/PRACH resource such as frequency, preamble sequence, and/or radio subframe access slot to “absorb” high volume RACH signaling traffic from a small number of malicious/defective mobile handsets substantially prevents the signaling DoS attacks in the wireless network and makes it more robust to such attacks.

64 Citations

View as Search Results

20 Claims

1. A method of managing wireless transmissions from a mobile handset operating in a wireless network associated therewith, the method comprising the steps of:
- using a processor in wireless communication with the mobile handset via the wireless network, determining whether the mobile handset is a source of a Random Access Channel (RACH) overload in the wireless network; and
  
  upon determining that the mobile handset is a source of the RACH overload, configuring the mobile handset, using the processor, to replace usage of a first RACH resource causing the RACH overload with usage of a second RACH resource specified by the processor.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the determining includes:
    - monitoring a number of RACH preamble transmissions from the mobile handset; and
      
      identifying the mobile handset as causing the RACH overload when the number of RACH preamble transmissions from the mobile handset in a time interval exceeds a pre-determined threshold.
  - 3. The method of claim 2, wherein the monitoring includes:
    - receiving the RACH preamble transmissions over a Physical Random Access Channel (PRACH) of a plurality of radio frames transmitted from the mobile handset to the processor.
  - 4. The method of claim 1, wherein configuring the mobile handset includes:
    - sending a message to the mobile handset from the processor instructing the mobile handset to redirect RACH signaling of the mobile handset from the first RACH resource to the second RACH resource.
  - 5. The method of claim 4, wherein the message is unique to the mobile handset.
  - 6. The method of claim 4, wherein the message is a special System Information Block (SIB) message containing at least an indication of the second RACH resource to enable the mobile handset to redirect the RACH signaling from the first RACH resource to the second RACH resource.
  - 7. The method of claim 6, wherein sending the message includes:
    - using the processor, configuring the mobile handset to read the special SIB message instead of a regular SIB message sent by the processor to a plurality of mobile handsets in the wireless network.
  - 8. The method of claim 1, wherein the second RACH resource includes one or more of the following:
    - a first frequency of transmission for a Physical Random Access Channel (PRACH) in a radio frame transmitted from the mobile handset, wherein the first frequency is different from a second frequency of transmission for the PRACH in the first RACH resource;
      
      a first time slot of transmission for the PRACH in the radio frame transmitted from the mobile handset, wherein the first time slot is different from a second time slot of transmission for the PRACH in the first RACH resource; and
      
      a first preamble sequence assigned to the mobile handset for transmission through the PRACH in the radio frame transmitted from the mobile handset, wherein the first preamble sequence is different from a second preamble sequence previously used by the mobile handset as part of the first RACH resource.
  - 9. The method of claim 1, wherein the mobile handset is part of a group of mobile handsets causing the RACH overload in the wireless network,wherein the second RACH resource includes a first set of preamble sequences for a Physical Random Access Channel (PRACH) in radio frames transmitted from mobile handsets in the group, and wherein the first set of preamble sequences is different from a second set of preamble sequences for the PRACH in the first RACH resource,and wherein the method further comprises the step of:
    - using the processor, instructing each mobile handset in the group of mobile handsets to use approximately the same cyclic shift in a mobile handset-specific preamble sequence from the first set of preamble sequences.

10. A mobile communication node configured to provide a radio interface to a mobile handset in a wireless network associated with the mobile handset, wherein the mobile communication node comprises:
- a receiver operable to receive wireless transmissions from a mobile handset; and
  
  a processor operable to;
  
  determine whether the mobile handset is a source of a Random Access Channel (RACH) overload in the wireless network; and
  
  configure the mobile handset to replace usage of a first RACH resource causing the RACH overload with usage of a second RACH resource specified by the processor when the processor determines that the mobile handset is a source of the RACH overload.
- View Dependent Claims (11, 12, 13, 14)
- - 11. The mobile communication node of claim 10, wherein the processor is operable to determine whether the mobile handset is a source of the RACH overload by:
    - receiving RACH preamble transmissions through a Physical Random Access Channel (PRACH) of a plurality of radio frames transmitted from the mobile handset;
      
      monitoring a number of the RACH preamble transmissions from the mobile handset in a time interval; and
      
      identifying the mobile handset as causing the RACH overload when the number of RACH preamble transmissions from the mobile handset exceeds a pre-determined threshold.
  - 12. The mobile communication node of claim 10, wherein the processor is operable to configure the mobile handset by:
    - sending a handset-specific message to the mobile handset instructing the mobile handset to redirect RACH signaling of the mobile handset from the first RACH resource to the second RACH resource.
  - 13. The mobile communication node of claim 12, wherein the handset-specific message is a special System Information Block (SIB) message containing at least an indication of the second RACH resource to enable the mobile handset to redirect the RACH signaling from the first RACH resource to the second RACH resource, and wherein the processor is further operable to:
    - prepare the mobile handset to read the special SIB message instead of a regular SIB message sent by the mobile communication node to a plurality of mobile handsets in the wireless network.
  - 14. The mobile communication node of claim 10, wherein the second RACH resource includes one or more of the following:
    - a first frequency of transmission for a Physical Random Access Channel (PRACH) in a first radio frame transmitted from the mobile handset, wherein the first frequency is different from a second frequency of transmission for the PRACH in the first RACH resource;
      
      a first time slot of transmission for the PRACH in a second radio frame transmitted from the mobile handset, wherein the first time slot is different from a second time slot of transmission for the PRACH in the first RACH resource; and
      
      a first preamble sequence assigned to the mobile handset for transmission through the PRACH in a third radio frame transmitted from the mobile handset, wherein the first preamble sequence is different from a second preamble sequence previously used by the mobile handset as part of the first RACH resource.

15. A method comprising the steps of:
- using a processor, establishing wireless communication with a mobile handset via a wireless network associated with the mobile handset;
  
  using the processor, monitoring a number of Random Access Channel (RACH) preamble transmissions from the mobile handset;
  
  using the processor, identifying the mobile handset as a source of a RACH overload when the number of RACH preamble transmissions from the mobile handset in a time interval exceeds a pre-determined threshold; and
  
  upon determining that the mobile handset is a source of the RACH overload, configuring the mobile handset, using the processor, to replace usage of a first RACH resource causing the RACH overload with usage of a second RACH resource specified by the processor, wherein the second RACH resource is different from the first RACH resource.
- View Dependent Claims (16)
- - 16. The method of claim 15, wherein configuring the mobile handset includes:
    - sending a handset-specific special System Information Block type-2 (SIB2) message to the mobile handset from the processor instructing the mobile handset to redirect RACH signaling of the mobile handset from the first RACH resource to the second RACH resource.

17. A system for preventing a Denial of Service (DoS) attack in a wireless network, the system comprising:
- a mobile handset operable in the wireless network; and
  
  a mobile communication node for providing a radio interface to the mobile handset in the wireless network, wherein the mobile communication node is configured to perform the following;
  
  determine whether the mobile handset is a source of a Random Access Channel (RACH) overload in the wireless network; and
  
  upon determining that the mobile handset is a source of the RACH overload, configure the mobile handset to replace usage of a first RACH resource causing the RACH overload with usage of a second RACH resource specified by the mobile communication node.
- View Dependent Claims (18, 19, 20)
- - 18. The system of claim 17, wherein the mobile communication node is further configured to perform the following as part of determination of whether the mobile handset is a source of the RACH overload:
    - monitor a number of RACH preamble transmissions from the mobile handset in a time interval; and
      
      identify the mobile handset as causing the RACH overload when the number of RACH preamble transmissions from the mobile handset exceeds a pre-determined threshold.
  - 19. The system of claim 17, wherein the mobile communication node is further configured to perform the following as part of configuration of the mobile handset to replace usage of the first RACH resource:
    - send a handset-specific special System Information Block (SIB) message containing at least an indication of the second RACH resource to the mobile handset instructing the mobile handset to redirect RACH signaling of the mobile handset from the first RACH resource to the second RACH resource.
  - 20. The system of claim 19, wherein the mobile communication node is further configured to send a handset-specific dedicated message to said mobile handset preparing the mobile handset to read the special SIB message instead of a regular SIB message sent by the mobile communication node to a plurality of mobile handsets in the wireless network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Telefonaktiebolaget LM Ericsson
Original Assignee
Telefonaktiebolaget LM Ericsson
Inventors
Wang, Yi-Pin Eric, Hui, Dennis, Koorapaty, Havish

Granted Patent

US 8,711,791 B2
Time in Patent Office

Days
Field of Search
US Class Current

370/236
CPC Class Codes

H04L 63/1458 Denial of Service

H04W 12/122 Counter-measures against at...

DENIAL OF SERVICE (DoS) ATTACK PREVENTION THROUGH RANDOM ACCESS CHANNEL RESOURCE REALLOCATION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

64 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

DENIAL OF SERVICE (DoS) ATTACK PREVENTION THROUGH RANDOM ACCESS CHANNEL RESOURCE REALLOCATION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

64 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others