System and method for real-time fraud detection within a telecommunications system
First Claim
1. A method for detecting fraudulent access to a telecommunications network comprising a plurality of switches, the method comprising:
- (a) providing a signal protocol receiver independent from the switches;
(b) collecting signaling protocol data for a call from the telecommunications network using the signal protocol receiver;
(c) decoding the signaling protocol data;
(d) correlating the signaling protocol data into call information records during the duration of the call; and
(e) analyzing the call information records during the duration of the call to detect fraudulent use of the telecommunications network.
4 Assignments
0 Petitions
Accused Products
Abstract
Real time detection of the fraudulent use of a telecommunications network is accomplished by analyzing data for each call that is occurring within the network. A signal protocol receiver is used to collect signaling protocol for each call that is occurring within the network. The Signaling protocol data is collected, decoded and formatted into call information records (CIRs). The CIRs contain various operator specified parameters for each call that is occurring within the network. The CIRs are compared to operator defined thresholds. If any of the CIRs exceeds the thresholds, an alert is generated. The alerts are stored in a database where the operator can analyze them and take the appropriate corresponding action to resolve the alert. The alerts and the CIRs are archived in a database so that trends of fraudulent use can be detected and prevented. This method of fraud detection provides for the effective analyzation of every call that is occurring within the network. Accordingly, no call go unanalyzed and ideally no fraud goes undetected. Additionally, the method does not impose an additional load on the network switching equipment and therefore results in a better quality of transmissions.
92 Citations
15 Claims
-
1. A method for detecting fraudulent access to a telecommunications network comprising a plurality of switches, the method comprising:
-
(a) providing a signal protocol receiver independent from the switches;
(b) collecting signaling protocol data for a call from the telecommunications network using the signal protocol receiver;
(c) decoding the signaling protocol data;
(d) correlating the signaling protocol data into call information records during the duration of the call; and
(e) analyzing the call information records during the duration of the call to detect fraudulent use of the telecommunications network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system for detecting fraudulent access to a telecommunications network comprising a plurality of switches, the system comprising:
-
a signal protocol receiver, independent from the switches, for collecting signaling protocol data;
a decoder for decoding the signaling protocol data and formulating call information records during the duration of the call; and
a processor for analyzing the call information records during the duration of the call in order to detect fraudulent use of the telecommunications network. - View Dependent Claims (13, 14)
-
-
15. A method for detecting fraudulent access to a telecommunications network comprising a plurality of switches, the method comprising:
-
(a) providing a signal protocol receiver independent from the switches;
(b) collecting signaling protocol data from the network using the signal protocol receiver;
(c) decoding the signaling protocol data;
(d) correlating the signaling protocol data into call information records containing at least one call parameter during the duration of the call;
(e) classifying the call information records based upon the at least one call parameter;
(f) analyzing the call information records by comparing them to pre-established thresholds or other call information records during the duration of the call;
(g) generating an alert if the call information records exceed the thresholds;
(h) storing the alerts in a database; and
(i) storing the call information recording in a database.
-
Specification