System and method for real-time fraud detection within a telecommunications system

US 6,327,352 B1
Filed: 02/24/1997
Issued: 12/04/2001
Est. Priority Date: 02/24/1997
Status: Expired due to Term

First Claim

Patent Images

1. A method for detecting fraudulent access to a telecommunications network comprising a plurality of switches, the method comprising:

(a) providing a signal protocol receiver independent from the switches;

(b) collecting signaling protocol data for a call from the telecommunications network using the signal protocol receiver;

(c) decoding the signaling protocol data;

(d) correlating the signaling protocol data into call information records during the duration of the call; and

(e) analyzing the call information records during the duration of the call to detect fraudulent use of the telecommunications network.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Real time detection of the fraudulent use of a telecommunications network is accomplished by analyzing data for each call that is occurring within the network. A signal protocol receiver is used to collect signaling protocol for each call that is occurring within the network. The Signaling protocol data is collected, decoded and formatted into call information records (CIRs). The CIRs contain various operator specified parameters for each call that is occurring within the network. The CIRs are compared to operator defined thresholds. If any of the CIRs exceeds the thresholds, an alert is generated. The alerts are stored in a database where the operator can analyze them and take the appropriate corresponding action to resolve the alert. The alerts and the CIRs are archived in a database so that trends of fraudulent use can be detected and prevented. This method of fraud detection provides for the effective analyzation of every call that is occurring within the network. Accordingly, no call go unanalyzed and ideally no fraud goes undetected. Additionally, the method does not impose an additional load on the network switching equipment and therefore results in a better quality of transmissions.

92 Citations

View as Search Results

15 Claims

1. A method for detecting fraudulent access to a telecommunications network comprising a plurality of switches, the method comprising:
- (a) providing a signal protocol receiver independent from the switches;
  
  (b) collecting signaling protocol data for a call from the telecommunications network using the signal protocol receiver;
  
  (c) decoding the signaling protocol data;
  
  (d) correlating the signaling protocol data into call information records during the duration of the call; and
  
  (e) analyzing the call information records during the duration of the call to detect fraudulent use of the telecommunications network.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1 further comprising classifying the call information records.
  - 3. The method of claim 1 further comprising storing the call information records in a database.
  - 4. The method of claim 1 wherein (e) comprises comparing the call information records to pre-established thresholds.
  - 5. The method of claim 1 wherein (e) comprises comparing the call information records to one another.
  - 6. The method of claim 4 wherein (e) comprises generating an alert when at least one of the call information records exceeds the thresholds.
  - 7. The method of claim 6 wherein the alert is in the form of audio, visual or remote.
  - 8. The method of claim 6 wherein (e) comprises storing the alerts and call information records in a database and maintaining data for a predetermined number of days, to facilitate an analysis of fraudulent trends.
  - 9. The method of claim 1 wherein the signaling protocol data is in-band and is collected at the plurality of switches within the network.
  - 10. The method of claim 1 wherein the signaling protocol data is out-of-band and is collected from at least one signal transfer point within the network.
  - 11. The method of claim 1 wherein the call information records contain at least one of the following parameters:
    - originating, terminating, billing type, using duration, aggregate duration, call volume.

12. A system for detecting fraudulent access to a telecommunications network comprising a plurality of switches, the system comprising:
- a signal protocol receiver, independent from the switches, for collecting signaling protocol data;
  
  a decoder for decoding the signaling protocol data and formulating call information records during the duration of the call; and
  
  a processor for analyzing the call information records during the duration of the call in order to detect fraudulent use of the telecommunications network.
- View Dependent Claims (13, 14)
- - 13. The system of claim 12 wherein the processor comprises a pre-processor for classifying the call information records and a watch point processor for comparing the call information records to operator defined thresholds.
  - 14. The system of claim 12 wherein the processor further comprises a fraud analysis processor for storing the alerts and the call information records in a database.

15. A method for detecting fraudulent access to a telecommunications network comprising a plurality of switches, the method comprising:
- (a) providing a signal protocol receiver independent from the switches;
  
  (b) collecting signaling protocol data from the network using the signal protocol receiver;
  
  (c) decoding the signaling protocol data;
  
  (d) correlating the signaling protocol data into call information records containing at least one call parameter during the duration of the call;
  
  (e) classifying the call information records based upon the at least one call parameter;
  
  (f) analyzing the call information records by comparing them to pre-established thresholds or other call information records during the duration of the call;
  
  (g) generating an alert if the call information records exceed the thresholds;
  
  (h) storing the alerts in a database; and
  
  (i) storing the call information recording in a database.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SBC Properties, L.P.
Original Assignee
Ameritech Corp. (AT&T, Inc.)
Inventors
McGuire, Michael Joseph, Hatlak, Michael Joseph, Betts, Judy Lynn
Primary Examiner(s)
Matar, Ahmad
Assistant Examiner(s)
TIEU, BENNY QUOC

Application Number

US08/807,039
Time in Patent Office

1,744 Days
Field of Search

379/189, 379/111, 379/112-1-1, 379/115-1-1, 379/207.04, 379/207.16, 379/219, 379/220.01, 379/20-1-, 379/145, 379/188, 379/35, 379/133, 379/114-1-1, 379/196
US Class Current

379/189
CPC Class Codes

H04L 63/14   for detecting or protecting...

H04M 15/00   Arrangements for metering, ...

H04M 15/47   Fraud detection or preventi...

H04M 2215/0148   Fraud detection or preventi...

H04M 3/2218   Call detail recording

H04M 3/36   Statistical metering, e.g. ...

System and method for real-time fraud detection within a telecommunications system

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

92 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for real-time fraud detection within a telecommunications system

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

92 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links