Methods and systems for enhancing network security in a telecommunications signaling network
First Claim
Patent Images
1. A method for screening subsystem management messages in a telecommunications network, the method comprising:
- (a) receiving, at a network node, a subsystem management message originating from a location in a telecommunications network;
(b) comparing a predetermined parameter in the subsystem management message with stored routing information to determine whether the predetermined parameter in the subsystem management message is not associated with the originating location; and
(c) in response to determining that the parameter is not associated with the(d) originating location, performing a network security action for the subsystem management message.
3 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems for providing enhanced network security for network management messages and subsystem management messages are disclosed. A network security function receives a network or subsystem management message from a first location in a network. The network security function determines whether one or more predetermined parameters in the network management message are not associated with the originating location. In response to determining that are not associated with the originating location, a network security action, such as discarding the message and/or notifying a network operator, is performed.
54 Citations
35 Claims
-
1. A method for screening subsystem management messages in a telecommunications network, the method comprising:
-
(a) receiving, at a network node, a subsystem management message originating from a location in a telecommunications network; (b) comparing a predetermined parameter in the subsystem management message with stored routing information to determine whether the predetermined parameter in the subsystem management message is not associated with the originating location; and (c) in response to determining that the parameter is not associated with the (d) originating location, performing a network security action for the subsystem management message. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for screening subsystem management messages in a communications network, the method comprising:
-
(a) receiving, at a network node, a subsystem management message originating from a location in a network; (b) determining whether a predetermined parameter in the subsystem management message is not associated with the originating location, wherein determining whether the parameter in the subsystem management message is not associated with the originating location includes extracting an OPC from the subsystem management message and determining whether a route to the OPC exists on a linkset from which the subsystem management message was received; and (c) in response to determining that the parameter is not associated with the originating location, performing a network security action for the subsystem management message. - View Dependent Claims (8)
-
-
9. A method for screening subsystem management messages in a communications network, the method comprising:
-
(a) receiving, at a network node, a subsystem management message originating from a location in a network; (b) determining whether a predetermined parameter in the subsystem management message is not associated with the originating location, wherein determining whether the parameter in the subsystem management message is not associated with the originating location includes extracting an affected point code parameter from the message and determining whether a route to the affected point code parameter exists on a linkset from which the subsystem management message was received; and (c) in response to determining that the parameter is not associated with the originating location, performing a network security action for the subsystem management message. - View Dependent Claims (10)
-
-
11. A routing node having a screening function for protecting a network against malicious network management messages, the routing node comprising:
-
(a) a link interface module for receiving network management messages from originating locations in a telecommunications network; and (b) a network security function operatively associated with the link interface module for comparing one or more predetermined parameters in each network management message with stored routing information and determining, based on the comparison, whether the one or more predetermined parameters in each network management message are not associated with the originating location for the message, and, in response to determining that one or more of the parameters are not associated with the originating location, for performing a network security action. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A routing node having a screening function for protecting a network against malicious network management messages, the routing node comprising:
-
(a) a link interface module for receiving network management messages from originating locations in a network; and (b) a network security function operatively associated with the link interface module for determining whether one or more predetermined parameters in each network management message are not associated with the originating location for the message, and, in response to determining that one or more of the parameters are not associated with the originating location, for performing a network security action, wherein the network security function is adapted to examine an OPC parameter in each received network management message to determine whether the OPC is associated with a node adjacent to the routing node, and, in response to determining that the OPC parameter is not associated with an adjacent node, for performing the network security action.
-
-
17. A routing node having a screening function for protecting a network against malicious network management messages, the routing node comprising:
-
(a) a link interface module for receiving network management messages from originating locations in a network; and (b) a network security function operatively associated with the link interface module for determining whether one or more predetermined parameters in each network management message are not associated with the originating location for the message, and, in response to determining that one or more of the parameters are not associated with the originating location, for performing a network security action, wherein the network security function is adapted to examine an OPC parameter in each received network management message to determine whether a route to the OPC exists on a signaling linkset from which the network management message was received, and, in response to determining that a route does not exist on the linkset, for performing the network security action.
-
-
18. A routing node having a screening function for protecting a network against malicious network management messages, the routing node comprising:
-
(a) a link interface module for receiving network management messages from originating locations in a network; and (b) a network security function operatively associated with the link interface module for determining whether one or more predetermined parameters in each network management message are not associated with the originating location for the message, and, in response to determining that one or more of the parameters are not associated with the originating location, for performing a network security action, wherein the network security function is adapted to examine a destination parameter in each received network management message to determine whether a route to the destination parameter exists on a signaling linkset from which the network management message was received, and, in response to determining that a route does not exist on the linkset, for performing the network security action.
-
-
19. A routing node having a screening function for protecting a network against malicious subsystem management messages, the routing node comprising:
-
(a) a link interface module for receiving subsystem management messages from originating locations in a telecommunications network; and (b) a network security function operatively associated with the link interface module for comparing one or more predetermined parameters in each network management message with stored routing information and determining, based on the comparison, whether the one or more predetermined parameters in each subsystem management message are not associated with the originating location for the message, and, in response to determining that one or more of the parameters are not associated with the originating location, for performing a network security action. - View Dependent Claims (20, 21, 22, 23)
-
-
24. A routing node having a screening function for protecting a network against malicious subsystem management messages, the routing node comprising:
-
(a) a link interface module for receiving subsystem management messages from originating locations in a network; and (b) a network security function operatively associated with the link interface module for determining whether one or more predetermined parameters in each subsystem management message are not associated with the originating location for the message, and, in response to determining that one or more of the parameters are not associated with the originating location, for performing a network security action, wherein the network security function is adapted to examine an OPC parameter in each received subsystem management message to determine whether a route to the OPC exists on a signaling linkset from which the subsystem management message was received, and, in response to determining that a route does not exist on the linkset, for performing the network security action.
-
-
25. A routing node having a screening function for protecting a network against malicious subsystem management messages, the routing node comprising:
-
(a) a link interface module for receiving subsystem management messages from originating locations in a network; and (b) a network security function operatively associated with the link interface module for determining whether one or more predetermined parameters in each subsystem management message are not associated with the originating location for the message, and, in response to determining that one or more of the parameters are not associated with the originating location, for performing a network security action, wherein the network security function is adapted to examine an affected point code parameter in each received subsystem management message to determine whether a route to the affected point code exists on a signaling linkset from which the subsystem management message was received, and, in response to determining that a route does not exist on the linkset, for performing the network security action.
-
-
26. A method for screening network management messages in a telecommunications network, the method comprising:
-
(a) receiving, at a network node, a network management message originating from a location in a telecommunications network; (b) determining, based on a predetermined parameter in the network management message, whether a route that corresponds to the predetermined parameter matches a linkset over which the network management message was received; and (c) in response to determining that the route that corresponds to the predetermined parameter does not match the linkset over which the network management message was received, performing a network security action for the network management message. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35)
-
Specification