Methods, Systems and Devices for the Detection and Prevention of Malware Within a Network
First Claim
1. A communication method, comprising:
- receiving in a server from one or more communication system control network components data flow parameters identifying characteristics of a data flow;
performing in the server a detection method to determine if the data flow carries malicious content;
generating restrictive policy rules in response to determining the data flow carries malicious content;
generating non-restrictive policy rules in response to determining the data flow does not carry malicious content; and
pushing the generated policy rules to a communication system gateway configured to control a flow of packet-based data between a wireless device and an external network.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, systems and devices examine data flows in a communication system control network for known malware threats and suspicious properties typically associated with malware threats. A policy management system inside the control network accesses a user repository and a charging network, and performs pattern matching and/or observed behavior detection methods to determine if the data flows carry content (e.g., malware) that poses a security risk to network or wireless devices. The policy management system generates policy rules based on user preferences and risk-level. The policy management system sends the generated policy rules to a gateway/PCEF, which blocks the data flows, allows the data flows, or restricts the data flow based on the policy rules.
113 Citations
20 Claims
-
1. A communication method, comprising:
-
receiving in a server from one or more communication system control network components data flow parameters identifying characteristics of a data flow; performing in the server a detection method to determine if the data flow carries malicious content; generating restrictive policy rules in response to determining the data flow carries malicious content; generating non-restrictive policy rules in response to determining the data flow does not carry malicious content; and pushing the generated policy rules to a communication system gateway configured to control a flow of packet-based data between a wireless device and an external network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A server, comprising:
-
a memory; and a processor coupled to the memory, wherein the processor is configured with processor-executable instructions to perform operations comprising; receiving data flow parameters identifying characteristics of a data flow; performing a detection method to determine if the data flow carries malicious content; generating restrictive policy rules in response to determining the data flow carries malicious content; generating non-restrictive policy rules in response to determining the data flow does not carry malicious content; and pushing the generated policy rules to a communication system gateway configured to control a flow of packet-based data between a wireless device and an external network. - View Dependent Claims (18)
-
-
19. A non-transitory computer readable medium having stored thereon processor-executable software instructions configured to cause a processor to perform operations comprising:
-
receiving from one or more communication system control network components data flow parameters identifying characteristics of a data flow; performing a detection method to determine if the data flow carries malicious content; generating restrictive policy rules in response to determining the data flow carries malicious content; generating non-restrictive policy rules in response to determining the data flow does not carry malicious content; and pushing the generated policy rules to a communication system gateway configured to control a flow of packet-based data between a wireless device and an external network. - View Dependent Claims (20)
-
Specification