Methods, systems, and computer readable media for detection of an unauthorized service message in a network

US 8,326,265 B2
Filed: 10/19/2009
Issued: 12/04/2012
Est. Priority Date: 10/17/2008
Status: Active Grant

First Claim

Patent Images

1. A method for detecting an unauthorized service message in a communications network, the method comprising the steps of:

at a supplementary services network routing node, at least a portion of which is implemented in hardware;

receiving a signaling message associated with a supplementary service (SS) message or an unstructured supplementary service data (USSD) message identifying a first network node as a node serving a sender of the SS or USSD message, the signaling message comprising identification information of the sender of the SS or USSD message and first identification information of the first network node;

requesting, from a second network node, second identification information identifying a network node serving the sender of the SS or USSD message, wherein requesting the second identification information identifying the network node serving the sender of the SS or USSD message comprises sending a mobile application part (MAP) message to the second network node and receiving from the second network node an address associated with the first network node;

comparing the first identification information with the second identification information, wherein comparing the first identification information with the second identification information includes comparing the first N digits of an address associated with the first network node in the first identification information with the first N digits of the address associated with the first network node received from the second network node in order to support systems comprising one or more multi-address mobile switching centers (MSCs);

determining whether the SS or USSD message is authorized or not based on the comparison result; and

in response to determining that the SS or USSD message is authorized, sending the signaling message associated with the SS or USSD message to the second network node.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method is described for detecting an unauthorized service message in a communications network. The method comprising the steps of: receiving a signaling message associated with a supplementary service (SS) message and/or a unstructured supplementary service data (USSD) message from a first network node, the signaling message comprising identification information of the sender of the SS message and/or USSD message and first location information of the first network node; requesting second location information of the first network node from the a second network node serving the sender of the SS message and/or USSD message; and, comparing the first location information with the second location information in order to determine whether the SS message and/or USSD message is authorized or not.

23 Citations

View as Search Results

17 Claims

1. A method for detecting an unauthorized service message in a communications network, the method comprising the steps of:
- at a supplementary services network routing node, at least a portion of which is implemented in hardware;
  
  receiving a signaling message associated with a supplementary service (SS) message or an unstructured supplementary service data (USSD) message identifying a first network node as a node serving a sender of the SS or USSD message, the signaling message comprising identification information of the sender of the SS or USSD message and first identification information of the first network node;
  
  requesting, from a second network node, second identification information identifying a network node serving the sender of the SS or USSD message, wherein requesting the second identification information identifying the network node serving the sender of the SS or USSD message comprises sending a mobile application part (MAP) message to the second network node and receiving from the second network node an address associated with the first network node;
  
  comparing the first identification information with the second identification information, wherein comparing the first identification information with the second identification information includes comparing the first N digits of an address associated with the first network node in the first identification information with the first N digits of the address associated with the first network node received from the second network node in order to support systems comprising one or more multi-address mobile switching centers (MSCs);
  
  determining whether the SS or USSD message is authorized or not based on the comparison result; and
  
  in response to determining that the SS or USSD message is authorized, sending the signaling message associated with the SS or USSD message to the second network node.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1 wherein requesting from a second network node, identification information of the sender of the SS or USSD message comprises sending a mobile application part (MAP) message comprising a subscriber identity as a request parameter to the second network node.
  - 3. The method of claim 2 wherein the MAP message comprises a MAP AnyTimeInterrogation and wherein an address is received from the second network node in response to the AnyTimeInterrogation message.
  - 4. The method of claim 3 comprising sending the signaling message to the second network node if an address associated with the first network node in the first identification information is equal to the address of the first network node received from the second network node.
  - 5. The method of claim 1 wherein requesting, from the second network node, identification of the sender of the SS or USSD message comprises sending a mobile application part (MAP) SendRoutingInfoForSM message to the second network node and receiving from the second network node the address associated with the first network node.
  - 6. The method of claim 1 wherein the first network node comprises a Visitor Location Register (VLR) and the second network node comprises a Home Location Register (HLR).

7. A network node comprising a router for routing supplementary service (SS) messages or unstructured supplementary service data (USSD) messages, the network node comprising:
- a receiver for receiving a signaling message associated with an SS message or USSD message, the signaling message comprising identification information of the sender of the SS or USSD message and first identification information identifying a first network node as a node serving the sender of the SS or USSD message;
  
  a serving node request unit for requesting, from a second network node, second identification information identifying a network node serving the sender of the SS or USSD message, wherein requesting the second identification information identifying the network node serving the sender of the SS or USSD message comprises sending a mobile application part (MAP) message to the second network node and receiving from the second network node an address associated with the first network node;
  
  a comparator for comparing the first identification information with the second identification information, wherein comparing the first identification information with the second identification information includes comparing the first N digits of an address associated with the first network node in the first identification information with the first N digits of the address associated with the first network node received from the second network node in order to support systems comprising one or more multi-address mobile switching centers (MSCs), and for determining whether the SS or USSD message is authorized or not based on the comparison result; and
  
  a message transmitter for, in response to determining that the SS or USSD message is authorized, sending the signaling message associated with the SS or USSD message to the second network node.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The network node of claim 7 wherein the serving node request unit is configured to send an AnyTimeInterrogation message to the second network node to obtain the second identification information.
  - 9. The network node of claim 7 wherein the serving node request unit is configured to send a mobile application part (MAP) SendRoutingInfoForSM message to the second network node to determine the second identification information.
  - 10. The network node of claim 7 wherein the first network node comprises a visitor location register (VLR) and the second network node comprises a home location register (HLR).
  - 11. The network node of claim 7 wherein the comparator is configured to identify the signaling message as being a spoofed message in response to determining that the first and second location information identifies different nodes.
  - 12. The network node of claim 7 wherein, in response to identifying the signaling message as a spoofed message, the comparator is configured to instruct the receiver to discard the signaling message.

13. A network node for detecting spoofing of service messages, the network node comprising:
- a receiver for receiving a signaling message associated with a service message, the signaling message including identification information of a sender of the service message and first identification information identifying a first network node as a node serving the sender of the service message, wherein the service message comprises a supplementary service (SS) or unstructured supplementary service data (USSD) message;
  
  a serving node request unit for requesting, from a second network node, second identification information identifying a network node serving the sender of the service message, wherein requesting the second identification information identifying the network node serving the sender of the SS or USSD message comprises sending a mobile application part (MAP) message to the second network node and receiving from the second network node an address associated with the first network node;
  
  a comparator for comparing the first identification information with the second identification information, wherein comparing the first identification information with the second identification information includes comparing the first N digits of an address associated with the first network node in the first identification information with the first N digits of the address associated with the first network node received from the second network node in order to support systems comprising one or more multi-address mobile switching centers (MSCs), and for determining whether the SS or USSD message is authorized or not based on the comparison result; and
  
  a message transmitter for, in response to determining that the SS or USSD message is authorized, sending the signaling message associated with the service message to the second network node.
- View Dependent Claims (14, 15, 16)
- - 14. The network node of claim 13 wherein the receiver receives the signaling message after it has been intercepted and diverted by a proxy.
  - 15. The network node of claim 14 wherein the proxy comprises a signal transfer point configured to screen mobile application part (MAP) signaling messages.
  - 16. The network node of claim 13 wherein the service message comprises a session initiation protocol (SIP) message.

17. A non-transitory computer readable medium having stored thereon executable instructions that when executed by the processor of a computer control the computer to perform steps, the steps comprising:
- receiving a signaling message associated with a supplementary service (SS) message or an unstructured supplementary service data (USSD) message identifying a first network node as a node serving a sender of the SS or USSD message, the signaling message comprising identification information of the sender of the SS or USSD message and first identification information of the first network node;
  
  requesting, from a second network node, second identification information identifying a network node serving the sender of the SS or USSD message wherein requesting the second identification information identifying the network node serving the sender of the SS or USSD message comprises sending a mobile application part (MAP) message to the second network node and receiving from the second network node an address associated with the first network node;
  
  comparing the first identification information with the second identification information, wherein comparing the first identification information with the second identification information includes comparing the first N digits of an address associated with the first network node in the first identification information with the first N digits of the address associated with the first network node received from the second network node in order to support systems comprising one or more multi-address mobile switching centers (MSCs);
  
  determining whether the SS or USSD message is authorized or not based on the comparison result; and
  
  in response to determining that the SS or USSD message is authorized, sending the signaling message associated with the SS or USSD message to the second network node.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
ZephyrTel, Inc.
Original Assignee
Tekelec Netherlands Group BV
Inventors
Nooren, Eloy Johan Lambertus
Primary Examiner(s)
Figueroa, Marisol
Assistant Examiner(s)
Hong, Dung

Application Number

US12/581,739
Publication Number

US 20100105355A1
Time in Patent Office

1,142 Days
Field of Search

455/410, 455/411, 455/466, 455/414.1, 455/433
US Class Current

455/410
CPC Class Codes

H04L 63/20   for managing network securi...

H04W 12/08   Access security

H04W 12/128   Anti-malware arrangements, ...

H04W 4/14   Short messaging services, e...

Methods, systems, and computer readable media for detection of an unauthorized service message in a network

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

23 Citations

17 Claims

Specification

Use Cases

Quick Links

Others

Methods, systems, and computer readable media for detection of an unauthorized service message in a network

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

23 Citations

17 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others