Methods and systems for protecting a telecommunication service from Denial of Service (DoS) attack
First Claim
Patent Images
1. A method of protecting a telephone number mapping server from a denial of service attack, the method comprising:
- receiving a first call initiation request message associated with a first attempt to place a first exception call from an unregistered end user device;
determining that a behavior of making exception call attempts is excessive based on the first call initiation request message and based on a behavior of making call requests of the unregistered end user device;
inhibiting querying of a telephone number mapping server in connection with the first call initiation request message based on the determination that the behavior of making exception call attempts by the unregistered end user device is excessive;
storing a value in a database, the value indicating that making subsequent exception calls from the unregistered end user device is disabled;
receiving a second call initiation request message associated with a second attempt to place a second exception call from the unregistered end user device; and
inhibiting querying of the telephone number mapping server in connection with the second call initiation request message based on the value in the database.
1 Assignment
0 Petitions
Accused Products
Abstract
A client of a telephone number mapping (ENUM) server is used to protect the ENUM server from a Denial of Service (DoS) attack. The DoS attack may comprise a plurality of attempts to place exception calls from one or more end user devices that are unregistered. The one or more end user devices may originate from a service provider network.
32 Citations
18 Claims
-
1. A method of protecting a telephone number mapping server from a denial of service attack, the method comprising:
-
receiving a first call initiation request message associated with a first attempt to place a first exception call from an unregistered end user device; determining that a behavior of making exception call attempts is excessive based on the first call initiation request message and based on a behavior of making call requests of the unregistered end user device; inhibiting querying of a telephone number mapping server in connection with the first call initiation request message based on the determination that the behavior of making exception call attempts by the unregistered end user device is excessive; storing a value in a database, the value indicating that making subsequent exception calls from the unregistered end user device is disabled; receiving a second call initiation request message associated with a second attempt to place a second exception call from the unregistered end user device; and inhibiting querying of the telephone number mapping server in connection with the second call initiation request message based on the value in the database. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system comprising:
-
a processor; and a memory storing instructions executable by the processor to; receive a first call initiation request message associated with a first attempt to place a first exception call from an unregistered end user device; determine that a behavior of making exception call attempts is excessive based on the first call initiation request message and based on a behavior of making call requests of the unregistered end user device; inhibit querying of a telephone number mapping server in connection with the first call initiation request message based on the determination that the behavior of making exception call attempts by the unregistered end user device is excessive; store a value in a database, the value indicating that making subsequent exception calls from the unregistered end user device is disabled; receive a second call initiation request message associated with a second attempt to place a second exception call from the unregistered end user device; and inhibit querying of the telephone number mapping server in connection with the second call initiation request message based on the value in the database. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A non-transitory computer-readable medium encoded with a computer program, the computer program operable to execute a method to protect a telephone number mapping server from a denial of service attack, wherein protecting the telephone number mapping server comprises:
-
receiving a first call initiation request message associated with a first attempt to place a first exception call from an unregistered end user device to an authorized callee; determining that a behavior of making exception call attempts is excessive based on the first call initiation request message and based on a behavior of making call requests of the unregistered end user device, wherein the behavior of making call requests by the unregistered end user device is indicated at least in part by a first number of call requests to the authorized callee; inhibiting querying of a telephone number mapping server in connection with the first call initiation request based on the determination that the behavior of making exception calls by the unregistered end user device is excessive storing a value in a database, the value indicating that making subsequent exception calls from the unregistered end user device is disabled; receiving a second call initiation request message associated with a second attempt to place a second exception call from the unregistered end user device; and inhibiting querying of the telephone number mapping server in connection with the second call initiation request based on the value in the database. - View Dependent Claims (17, 18)
-
Specification