Systems, methods, and computer readable media for detecting and mitigating address spoofing in messaging service transactions
First Claim
1. A method for detecting and mitigating address spoofing in a messaging service transaction, the method comprising:
- at a messaging service firewall separate from a short message service center (SMSC) and implemented on a platform including at least one processing device;
receiving a mobility management reply message that is sent by a mobile location register element in response to an associated mobility management query, the mobility management query and the mobility management reply message being associated with a mobility management transaction, the mobility management reply message including a message service recipient identifier and a serving switch identifier;
allocating a global title address (GTA) from a pool of global title addresses within a range of global title addresses assigned to the firewall to a correlation record;
storing the correlation record indicating a correlation between the allocated GTA and an originating SMSC identifier of the mobility management query;
replacing the serving switch identifier in the mobility management reply message with the allocated GTA resulting in a modified mobility management reply message;
routing the modified mobility management reply message;
receiving a message service message associated with the mobility management transaction, the messaging service message being addressed to the allocated GTA;
determining the originating SMSC identifier to which the allocated GTA is correlated;
comparing SMSC identifier information extracted from the messaging service message with the originating SMSC identifier to which the allocated GTA is correlated to determine if the messaging service message contains spoofed address information; and
in response to determining that the messaging service message contains spoofed address information, discarding the messaging service message.
3 Assignments
0 Petitions
Accused Products
Abstract
Systems, methods, and computer readable media for detecting and mitigating address spoofing in messaging service transactions are disclosed. A messaging service firewall (MSF) separate from a short message service center (SMSC) receives a mobility management reply message (MMR) that is sent by a mobile location register element in response to an associated mobility management query (MMQ) and that includes a serving switch identifier. The MSF allocates a global title address (GTA) from a pool of GTAs and stores a correlation between the allocated GTA and the originating SMSC. The MSF replaces the serving switch identifier in the MMR with the allocated GTA and routes the modified MMR. The MSF then receives a messaging service message (MSM) that is addressed to the allocated GTA and that includes the purported originating SMSC. If the purported originating SMSC does not match the SMSC to which the GTA is correlated, the MSM is discarded.
-
Citations
12 Claims
-
1. A method for detecting and mitigating address spoofing in a messaging service transaction, the method comprising:
at a messaging service firewall separate from a short message service center (SMSC) and implemented on a platform including at least one processing device; receiving a mobility management reply message that is sent by a mobile location register element in response to an associated mobility management query, the mobility management query and the mobility management reply message being associated with a mobility management transaction, the mobility management reply message including a message service recipient identifier and a serving switch identifier; allocating a global title address (GTA) from a pool of global title addresses within a range of global title addresses assigned to the firewall to a correlation record; storing the correlation record indicating a correlation between the allocated GTA and an originating SMSC identifier of the mobility management query; replacing the serving switch identifier in the mobility management reply message with the allocated GTA resulting in a modified mobility management reply message; routing the modified mobility management reply message; receiving a message service message associated with the mobility management transaction, the messaging service message being addressed to the allocated GTA; determining the originating SMSC identifier to which the allocated GTA is correlated; comparing SMSC identifier information extracted from the messaging service message with the originating SMSC identifier to which the allocated GTA is correlated to determine if the messaging service message contains spoofed address information; and in response to determining that the messaging service message contains spoofed address information, discarding the messaging service message. - View Dependent Claims (2)
-
3. A method for detecting and mitigating address spoofing in a messaging service transaction, the method comprising:
-
at a messaging service firewall separate from a short message service center (SMSC) and implemented on a platform including at least one processing device; receiving a mobility management query message associated with a message delivery transaction that is sent by an originating SMSC element, where the mobility management query message includes a message service recipient identifier and a first originating SMSC identifier; generating a mobility management reply message in response to the query message, the reply message including at least a portion of the first originating SMSC identifier in one or more parameters of the reply message that trigger the originating SMSC to echo the parameters in a subsequent message associated with the message delivery transaction; receiving a messaging service message associated with the message delivery transaction, where the messaging service message includes the echoed parameters; extracting the echoed parameters from the messaging service message; comparing SMSC identifier information in the echoed parameters extracted from the messaging service message with SMSC identifier information contained in a routing label of the received messaging service message to determine if the messaging service message contains spoofed address information; and in response to determining that the messaging service message contains spoofed address information, discarding the messaging service message. - View Dependent Claims (4, 5)
-
-
6. A system for detecting and mitigating address spoofing in messaging service transactions, the system comprising:
a messaging service firewall separate from a short message service center (SMSC) and implemented on a platform including at least one processing device, the messaging service firewall including; a network interface for sending and receiving signaling messages; and a spoofing detection module for; receiving, from the network interface, a mobility management reply message that is sent by a mobile location register element in response to an associated mobility management query, the mobility management query and the mobility management reply message being associated with a mobility management transaction, where the mobility management reply message includes a message service recipient identifier and a serving switch identifier; allocating a global title address (GTA) from a pool of global title addresses within a range of global title addresses assigned to the firewall to a correlation record; generating and storing the correlation record that associates the allocated GTA with an originating SMSC identifier of the mobility management query; replacing the serving switch identifier in the reply message with the allocated GTA resulting in a modified reply message; routing the modified reply message; receiving, from the network interface, a message service message including the allocated GTA and using the allocated GTA to locate the correlation record; comparing SMSC identifier information extracted from the messaging service message with SMSC identifier information contained in the correlation record to determine If the messaging service message contains spoofed address information; and in response to determining that the messaging service message contains spoofed address information, discarding the messaging service message. - View Dependent Claims (7)
-
8. A system for detecting and mitigating address spoofing in messaging service transactions, the system comprising:
a messaging service firewall separate from a short message service center (SMSC) and implemented on a platform including at least one processing device, the messaging service firewall including; a network interface for sending and receiving signaling messages; and a spoofing detection module for; receiving, from the network interface, a mobility management query message associated with a message delivery transaction that is sent by an originating SMSC element, where the mobility management query message includes a message service recipient identifier and a first originating SMSC identifier; generating a mobility management reply message, in response to the query message, that includes at least a portion of the first originating SMSC identifier in one or more parameters of the reply message that trigger the originating SMSC to echo the parameters in a subsequent message associated with the message delivery transaction; receiving, from the network interface, a messaging service message associated with the message delivery transaction, where the messaging service message includes the echoed parameters; extracting the echoed parameters in the messaging service message; comparing SMSC identifier information in the echoed parameters extracted from the messaging service message with SMSC identifier information contained in a routing label of the received messaging service message to determine if the messaging service message contains spoofed address information; and in response to determining that the messaging service message contains spoofed address information, discarding the messaging service message. - View Dependent Claims (9, 10)
-
11. A non-transitory computer readable medium having stored thereon executable instructions that when executed by the processing device of a computer control the computer to perform steps comprising:
-
at a messaging service firewall separate from a short message service center (SMSC) and implemented on a platform including at least one processing device; receiving a mobility management reply message that is sent by a mobile location register element in response to an associated mobility management query, the mobility management query and the mobility management reply message being associated with a mobility management transaction, where the mobility management reply message includes a message service recipient identifier and a serving switch identifier; allocating a global title address (GTA) from a pool of global title addresses within a range of global title addresses assigned to the firewall to a correlation record; generating and storing the correlation record that associates the allocated GTA with an originating SMSC identifier of the mobility management query; replacing the serving switch identifier in the reply message with the allocated GTA resulting in a modified reply message; routing the modified reply message; receiving the message service message including the allocated GTA and using the allocated GTA to locate the correlation record; comparing SMSC identifier information extracted from the messaging service message with SMSC identifier information contained in the correlation record to determine if the messaging service message contains spoofed address information; and in response to determining that the messaging service message contains spoofed address information, discarding the messaging service message.
-
-
12. A non-transitory computer readable medium having stored thereon executable instructions that when executed by the processing device of a computer control the computer to perform steps comprising:
at a messaging service firewall separate from a short message service center (SMSC) and implemented on a platform including at least one processing device; receiving a mobility management query message associated with a message delivery transaction that is sent by an originating SMSC element, where the mobility management query message includes a message service recipient identifier and a first originating SMSC identifier; generating a mobility management reply message, in response to the query message, that includes at least a portion of the first originating SMSC identifier in one or more parameters of the reply message that trigger the originating SMSC to echo the parameters in a subsequent message associated with the message delivery transaction; receiving a messaging service message associated with the message delivery transaction, where the messaging service message includes the echoed parameters; extracting the echoed parameters in the messaging service message; comparing SMSC identifier information in the echoed parameters extracted from the messaging service message with SMSC identifier information contained in a routing label of the received messaging service message to determine if the messaging service message contains spoofed address information; and in response to determining that the messaging service message contains spoofed address information, discarding the messaging service message.
Specification