System for monitoring operations of an ENUM system

US 8,223,630 B2
Filed: 04/24/2007
Issued: 07/17/2012
Est. Priority Date: 04/24/2007
Status: Expired due to Fees

First Claim

Patent Images

1. A tangible computer-readable storage medium, excluding propagating signals, comprising computer instructions to at least:

cause a security management system to monitor queries submitted to a Telephone Number Mapping system by one or more Internet Protocol Multimedia Subsystem network elements, the security management system separate from the Telephone Number Mapping system and the Internet Protocol Multimedia Subsystem network elements;

cause the security management system to detect one or more faults in the queries submitted by at least one among the one or more Internet Protocol Multimedia Subsystem network elements;

cause the security management system to prevent the at least one of the one or more Internet Protocol Multimedia Subsystem network elements from submitting subsequent queries to the Telephone Number Mapping system in response to the faults exceeding a threshold, wherein the one or more faults detected in the queries cause the Telephone Number Mapping system to generate an alarm corresponding to a Denial of Service attack;

cause the security management system to direct another one of the Internet Protocol Multimedia Subsystem network elements to replace the at least one of the one or more Internet Protocol Multimedia Subsystem network elements; and

cause the security management system to instruct the at least one of the one or more Internet Protocol Multimedia Subsystem network elements to autonomously repair itself.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for monitoring operations of a Telephone Number Mapping (ENUM) system is disclosed. A system that incorporates teachings of the present disclosure may include, for example, an ENUM system having a controller element to monitor queries received from one or more network elements, detect one or more faults in the queries submitted by at least one among the one or more network elements, and prevent the at least one of the one or more network elements from submitting subsequent queries to the ENUM system. Additional embodiments are disclosed.

Citations

18 Claims

1. A tangible computer-readable storage medium, excluding propagating signals, comprising computer instructions to at least:
- cause a security management system to monitor queries submitted to a Telephone Number Mapping system by one or more Internet Protocol Multimedia Subsystem network elements, the security management system separate from the Telephone Number Mapping system and the Internet Protocol Multimedia Subsystem network elements;
  
  cause the security management system to detect one or more faults in the queries submitted by at least one among the one or more Internet Protocol Multimedia Subsystem network elements;
  
  cause the security management system to prevent the at least one of the one or more Internet Protocol Multimedia Subsystem network elements from submitting subsequent queries to the Telephone Number Mapping system in response to the faults exceeding a threshold, wherein the one or more faults detected in the queries cause the Telephone Number Mapping system to generate an alarm corresponding to a Denial of Service attack;
  
  cause the security management system to direct another one of the Internet Protocol Multimedia Subsystem network elements to replace the at least one of the one or more Internet Protocol Multimedia Subsystem network elements; and
  
  cause the security management system to instruct the at least one of the one or more Internet Protocol Multimedia Subsystem network elements to autonomously repair itself.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The storage medium of claim 1, wherein the one or more faults correspond to an incorrectly formatted telephone number or a non-existent telephone number.
  - 3. The storage medium of claim 2, wherein a telephone number is at least one among an E.164 number, a Session Initiated Protocol Uniform Resource Indicator, or an Internet Protocol address.
  - 4. The storage medium of claim 1, further comprising computer instructions to place the at least one Internet Protocol Multimedia Subsystem network element out of service in response to the faults exceeding the threshold.
  - 5. The storage medium of claim 1, further comprising computer instructions to mitigate the one or more faults detected for the at least one Internet Protocol Multimedia Subsystem network element.
  - 6. The storage medium of claim 1, wherein the instructions prevent the at least one Internet Protocol Multimedia Subsystem network element from submitting subsequent queries to the Telephone Number Mapping system by directing the at least one Internet Protocol Multimedia Subsystem network element to cease transmitting queries to the Telephone Number Mapping system.
  - 7. The storage medium of claim 1, further comprising computer instructions to generate a fault notice to identify the at least one Internet Protocol Multimedia Subsystem network element generating the one or more faulted queries.
  - 8. The storage medium of claim 7, further comprising computer instructions to transmit the fault notice to a service agent of an Internet Protocol Multimedia Subsystem network.
  - 9. The storage medium of claim 7, further comprising computer instructions to update a Home Subscriber Server with an Internet Protocol Multimedia Subsystem network configuration change associated with the fault notice.
  - 10. The storage medium of claim 1, wherein the at least one Internet Protocol Multimedia Subsystem network element is at least one of a Proxy Call Session Control Function, an Interrogating Call Session Control Function, a Serving Call Session Control Function, an Home Subscriber Server, an Application Server, an Access Network, or a communication device operating in an Internet Protocol Multimedia Subsystem network.

11. An apparatus, comprising:
- a memory storing machine readable instructions; and
  
  a processor to execute the instructions to;
  
  cause a security management system to monitor queries received at a Telephone Number Mapping system from one or more network elements, the security management system separate from the Telephone Number Mapping system and from the one or more network elements;
  
  cause the security management system to detect one or more faults in the queries submitted by at least one of the one or more network elements;
  
  cause the security management system to submit an alarm to another system to prevent the at least one of the one or more network elements from submitting subsequent queries to the Telephone Number Mapping system, wherein the one or more faults detected in the queries cause the Telephone Number Mapping system to generate an alarm corresponding to a Denial of Service attack;
  
  cause the security management system to direct another one of the network elements to replace the at least one of the one or more network elements; and
  
  cause the security management system to instruct the at least one of the one or more network elements to autonomously repair itself.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The apparatus of claim 11, wherein the controller element is to submit a request to the other system to disable the at least one network element from sending the one or more faulted queries.
  - 13. The apparatus of claim 11, wherein the other system is to disable the at least one network element from sending subsequent queries to the Telephone Number Mapping system upon detecting that the one or more faults exceed a threshold.
  - 14. The apparatus of claim 11, wherein the one or more faults correspond to an incorrectly formatted telephone number or a non-existent telephone number.
  - 15. The apparatus of claim 14, wherein the incorrectly formatted telephone number or the non-existent telephone number is at least one of an E.164 number, a Session Initiated Protocol Uniform Resource Indicator, or an Internet Protocol address.

16. A method, comprising:
- using a security management system to monitor data exchanged between a plurality of Internet Protocol Multimedia Subsystem network elements, the security management system separate from the plurality of Internet Protocol Multimedia Subsystem network elements and a Telephone Number Mapping system;
  
  using the security management system to detect faulted data submitted by at least one of the Internet Protocol Multimedia Subsystem network elements;
  
  using the security management system to detect a frequency of occurrence from a collection of faulted data submitted by the at least one Internet Protocol Multimedia Subsystem network element to another Internet Protocol Multimedia Subsystem network element;
  
  using the security management system to prevent the at least one Internet Protocol Multimedia Subsystem network element from submitting subsequent faulted data in response to the frequency of occurrence of the faulted data exceeding a threshold, wherein the faulted data causes the Telephone Number Mapping system to generate an alarm corresponding to a Denial of Service attack;
  
  using the security management system to direct another one of the Internet Protocol Multimedia Subsystem network elements to replace the at least one Internet Protocol Multimedia Subsystem network element; and
  
  using the security management system to instruct the at least one Internet Protocol Multimedia Subsystem network element to autonomously repair itself.
- View Dependent Claims (17, 18)
- - 17. The method of claim 16, wherein the Internet Protocol Multimedia Subsystem network element comprises one of a Telephone Number Mapping system, a Proxy Call Session Control Function, an Interrogating Call Session Control Function, a Serving Call Session Control Function, a Home Subscriber Server, an Application Server, an Access Network, or a communication device operating in an Internet Protocol Multimedia Subsystem network.
  - 18. The method of claim 16, wherein the faulted data corresponds to a defective Session Initiated Protocol message, defective content in the Session Initiated Protocol message, a defective query message, or defective content in the query message.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AT&T Knowledge Ventures, L.P. (AT&T, Inc.)
Original Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Inventors
Yasrebi, Mehrad, Ku, Bernard, Qiu, Chaoxin C.
Primary Examiner(s)
Jagannathan, Melanie

Application Number

US11/739,375
Publication Number

US 20080267075A1
Time in Patent Office

1,911 Days
Field of Search

None
US Class Current

370/221
CPC Class Codes

H04L 2101/65   Telephone numbers

H04L 61/106   across networks, e.g. mappi...

H04L 61/4511   using domain name system [DNS]

H04L 61/4557   Directories for hybrid netw...

H04L 63/1408   by monitoring network traff...

H04L 65/1016   IP multimedia subsystem [IMS]

H04L 69/40   for recovering from a failu...

System for monitoring operations of an ENUM system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

System for monitoring operations of an ENUM system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links