System and method for identifying mobile communication devices

US 8,831,629 B2
Filed: 11/30/2011
Issued: 09/09/2014
Est. Priority Date: 11/30/2011
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, at a server of a mobile communication service provider from a detection server, a request to identify mobile communication devices located within a threshold distance of an access point, the request sent by the detection server in response to detection of an unauthorized data request associated with the access point, wherein the request includes a network address of the access point;

estimating a location of the access point based on the network address;

retrieving information associated with a plurality of mobile communication devices located within a coverage area of a base station of the mobile communication service provider, wherein the location of the access point is within the coverage area of the base station;

sending a location query to each of the plurality of mobile communication devices within the coverage area of the base station, wherein a particular location query requests positioning information from a particular mobile communication device;

identifying a mobile communication device of the plurality of mobile communication devices within the coverage area of the base station located within the threshold distance of the access point; and

transmitting a message to a correlation server via a network, wherein the message includes information identifying the mobile communication device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method includes detecting, at a device coupled to a network, a communication transmitted over the network. The method includes determining whether the communication is associated with an unauthorized data request, and, in response to determining that the communication is associated with the unauthorized data request, determining an access point associated with a source of the communication. The method further includes transmitting a message to a service provider. The message may request identification of mobile communication devices that are located within a threshold distance of the access point.

Citations

23 Claims

1. A method comprising:
- receiving, at a server of a mobile communication service provider from a detection server, a request to identify mobile communication devices located within a threshold distance of an access point, the request sent by the detection server in response to detection of an unauthorized data request associated with the access point, wherein the request includes a network address of the access point;
  
  estimating a location of the access point based on the network address;
  
  retrieving information associated with a plurality of mobile communication devices located within a coverage area of a base station of the mobile communication service provider, wherein the location of the access point is within the coverage area of the base station;
  
  sending a location query to each of the plurality of mobile communication devices within the coverage area of the base station, wherein a particular location query requests positioning information from a particular mobile communication device;
  
  identifying a mobile communication device of the plurality of mobile communication devices within the coverage area of the base station located within the threshold distance of the access point; and
  
  transmitting a message to a correlation server via a network, wherein the message includes information identifying the mobile communication device.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein the location query includes ephemeris data associated with the coverage area of the base station.
  - 3. The method of claim 1, further comprising:
    - receiving a response to the location query from the particular mobile communication device, wherein the response includes location data associated with a location of the particular mobile communication device; and
      
      determining, based on the location data, whether the particular mobile communication device is located within the threshold distance of the access point.
  - 4. The method of claim 1, wherein the message includes a list of subscribers, and wherein a subscriber in the list of subscribers is associated with the mobile communication device located within the threshold distance of the access point.
  - 5. The method of claim 1, further comprising:
    - receiving, at the server of the mobile communication service provider from the detection server, a second request to identify an additional mobile communication device located within a second threshold distance of an additional access point;
      
      identifying the additional mobile communication device located within the second threshold distance of the additional access point; and
      
      transmitting a second message to the correlation server via the network, wherein the second message includes information identifying the additional mobile communication device located within the second threshold distance of the additional access point.

6. A computer-readable storage device comprising instructions that, when executed by a processor, cause the processor to perform operations including:
- receiving first data identifying mobile communication devices located within a threshold distance of a first access point in response to detection by a detection server of a first unauthorized data request associated with the first access point, wherein the first data is received from a mobile communication service provider at a first time;
  
  receiving second data identifying mobile communication devices located within the threshold distance of the first access point in response to detection by the detection server of a second unauthorized data request associated with the first access point, wherein the second data is received from the mobile communication service provider at a second time;
  
  correlating the first data and the second data to generate correlation data;
  
  storing the correlation data at a database; and
  
  identifying a mobile communication device identified by the first data and the second data based on the correlation data.
- View Dependent Claims (7, 8, 9, 10, 11, 12)
- - 7. The computer-readable storage device of claim 6, wherein the operations further include:
    - receiving, from a server, a request for information associated with mobile communication devices located within the threshold distance of the first access point; and
      
      sending the correlation data to the server.
  - 8. The computer-readable storage device of claim 7, wherein the server is associated with a law enforcement agency or a content provider.
  - 9. The computer-readable storage device of claim 6, wherein the first data includes an identifier of an unauthorized data request, an identifier of the mobile communication device, a timestamp, a location, a uniform resource identifier, or any combination thereof.
  - 10. The computer-readable storage device of claim 6, wherein the first access point is identified as a source of an unauthorized data request.
  - 11. The computer-readable storage device of claim 10, wherein the first access point is a wireless data communication access point that complies with an institute of electrical and electronics engineers wireless communication standard.
  - 12. The computer-readable storage device of claim 6, wherein the first data is received from a first mobile communication service provider, and wherein the second data is received from a second mobile communication service provider.

13. A system comprising:
- a processor; and
  
  a memory accessible to the processor, the memory comprising instructions executable by the processor to perform operations including;
  
  receiving a request to identify mobile communication devices located within a threshold distance of an access point from a detection server in response to detection of a first unauthorized data request associated with the access point;
  
  identifying a mobile communication device located within the threshold distance of the access point; and
  
  transmitting a message to a correlation server via a network, wherein the message includes information identifying the mobile communication device, wherein the correlation server generates first correlation data that indicates that the mobile communication device was identified as being located near the access point at multiple times when unauthorized data requests associated with the access point occurred, and wherein the correlation server generates second correlation data that indicates that a particular mobile communication device was identified as being located proximate to a plurality of access points when a second set of multiple unauthorized data requests associated with the plurality of access points occurred.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The system of claim 13, wherein the request includes a network address of the access point.
  - 15. The system of claim 13, wherein the correlation server is configured to send the first correlation data to a party.
  - 16. The system of claim 13, wherein the message includes a list of subscribers, and wherein a subscriber in the list of subscribers is associated with the mobile communication device.
  - 17. The system of claim 13, wherein the access point provides internet access other than internet access via a base station of a mobile telecommunication network associated with a mobile communication network service provider.
  - 18. The system of claim 13, wherein the mobile communication device is not a source of the first unauthorized data request.
  - 19. The system of claim 13, wherein the message includes an identifier of the unauthorized data request, a timestamp, a location, a uniform resource identifier, or combinations thereof.
  - 20. The system of claim 13, wherein the mobile communication device is identified as located within the threshold distance by a location of the mobile communication device based on global positioning system data received from the mobile communication device.

21. A method comprising:
- receiving, at a server of a mobile communication service provider from a detection server, a request to identify mobile communication devices located within a threshold distance of an access point, the request sent by the detection server in response to detection of an unauthorized data request associated with the access point;
  
  identifying a mobile communication device located within the threshold distance of the access point;
  
  transmitting a message to a correlation server via a network, wherein the message includes information identifying the mobile communication device;
  
  receiving, at the server of the mobile communication service provider from the detection server, a second request to identify an additional mobile communication device located within a second threshold distance of an additional access point;
  
  identifying the additional mobile communication device located within the second threshold distance of the additional access point; and
  
  transmitting a second message to the correlation server via the network, wherein the second message includes information identifying the additional mobile communication device located within the second threshold distance of the additional access point.
- View Dependent Claims (22, 23)
- - 22. The method of claim 21, further comprising:
    - estimating a physical address of the access point based on a network address of the access point included in the request; and
      
      retrieving information associated with a plurality of mobile communication devices located within a coverage area of a base station of the mobile communication service provider, wherein the physical address of the access point is within the coverage area of the base station.
  - 23. The method of claim 21, wherein the message includes a list of subscribers, and wherein a subscriber in the list of subscribers is associated with the mobile communication device located within the threshold distance of the access point.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Original Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Inventors
Meredith, Sheldon, Fix, Jeremy, Kosseifi, Mario
Primary Examiner(s)
Nguyen, Dinh P

Application Number

US13/308,253
Publication Number

US 20130137451A1
Time in Patent Office

1,014 Days
Field of Search

370/310.2, 370/328, 370/338, 370351-356, 370/400, 370/401, 455/404.2, 455/410, 455/411, 455/415, 455/422.1, 455/435.1, 455/440, 455/456.1, 455/456.2, 455/456.3, 455/456.5
US Class Current

455/456.1
CPC Class Codes

H04L 2463/146   Tracing the source of attacks

H04L 63/0236   Filtering by address, proto...

H04W 12/12   Detection or prevention of ...

H04W 12/122   Counter-measures against at...

H04W 12/71   Hardware identity

H04W 12/72   Subscriber identity

H04W 4/023   using mutual or relative lo...

H04W 48/16   Discovering, processing acc...

H04W 88/08   Access point devices

System and method for identifying mobile communication devices

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for identifying mobile communication devices

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links