SYSTEM AND METHOD FOR VOICE SECURITY IN A TELECOMMUNICATIONS NETWORK
First Claim
1. A telecommunications network comprising:
- a first routing device in communication with a first client network;
a second routing device in communication with a second client network;
a central analysis system comprising a database of transmission signatures of security attacks on the telecommunications network, the central analysis system configured to;
receive a Layer 3 through Layer 7 transmission information of a first communication transmitted to the first routing device and a second communication transmitted to the second routing device;
compare the Layer 3 through Layer 7 transmission information of the first communication and the second communication to a stored transmission signature in the database;
detect a security attack on the telecommunications network when the Layer 3 through Layer 7 transmission information from the first device and the second device matches the stored transmission signature in the database;
generate at least one mitigating instruction in response to the detected security attack on the telecommunications network, the mitigating instruction including Layer 3 through Layer 7 transmission information for routing a received communication; and
transmit the at least one mitigating instruction to at least one routing device along a transmission path of the security attack on the telecommunications network.
1 Assignment
0 Petitions
Accused Products
Abstract
Aspects of the present disclosure involve systems, methods, computer program products, and the like, for identifying and mitigating attacks on a voice component of a telecommunications network. In general, the process includes obtaining Layer 3 through Layer 7 transmission information from one or more edge devices to the telecommunications network. In one particular embodiment, a plurality of edge devices (also referred to herein as “session border controllers” or SBCs) is included in the telecommunications network in disparate geographical locations. Each SBC may provide Layer 3 through Layer 7 transmission information for each packet or communication transmitted through the SBC to a local database, which in turn may provide the information to a Central Analysis System or database. In one particular embodiment, the Layer 3 through Layer 7 information includes Session Initiation Protocol routing information for the communications sent to each of the SBCs of the network.
-
Citations
20 Claims
-
1. A telecommunications network comprising:
-
a first routing device in communication with a first client network; a second routing device in communication with a second client network; a central analysis system comprising a database of transmission signatures of security attacks on the telecommunications network, the central analysis system configured to; receive a Layer 3 through Layer 7 transmission information of a first communication transmitted to the first routing device and a second communication transmitted to the second routing device; compare the Layer 3 through Layer 7 transmission information of the first communication and the second communication to a stored transmission signature in the database; detect a security attack on the telecommunications network when the Layer 3 through Layer 7 transmission information from the first device and the second device matches the stored transmission signature in the database; generate at least one mitigating instruction in response to the detected security attack on the telecommunications network, the mitigating instruction including Layer 3 through Layer 7 transmission information for routing a received communication; and transmit the at least one mitigating instruction to at least one routing device along a transmission path of the security attack on the telecommunications network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for managing a telecommunications network, the method comprising:
-
receiving Layer 3 through Layer 7 transmission information of a first communication from a first device of a telecommunications network in a first metro area and a second communication from a second device of the telecommunications network in a second metro area different than the first metro area; analyzing the received Layer 3 through Layer 7 transmission information to detect a transmission fingerprint of a security attack on the telecommunications network; generating at least one mitigating instruction in response to the determined security attack on the telecommunications network, the mitigating instruction including Layer 3 through Layer 7 transmission information for routing a received communication; and transmitting the at least one mitigating instruction to at least one routing device along a transmission path of the security attack on the telecommunications network. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. A telecommunication device comprising:
-
at least one communication port for communicating with a first routing device located in a first metro area and a second routing device located in a second metro area different than the first metro area; a processing device; and a computer-readable medium connected to the processing device configured to store instructions that, when executed by the processing device, performs the operations of; receiving Layer 3 through Layer 7 transmission information of a first communication from the first routing device and a second communication from the second routing device; comparing the Layer 3 through Layer 7 transmission information of the first communication and the second communication to a stored transmission fingerprint in a database in communication with the at least one processing device; detecting a security attack on the telecommunications network when the Layer 3 through Layer 7 transmission information of the first communication and the second communication matches the stored transmission fingerprint in the database; generating at least one mitigating instruction in response to the detected security attack on the telecommunications network, the mitigating instruction including Layer 3 through Layer 7 transmission information for routing a received communication; and transmitting the at least one mitigating instruction to at least one routing device along a transmission path of the security attack on the telecommunications network. - View Dependent Claims (19, 20)
-
Specification