Destination learning and mobility detection in transit network device in LTE and UMTS radio access networks

US 9,204,474 B2
Filed: 09/23/2013
Issued: 12/01/2015
Est. Priority Date: 09/24/2010
Status: Active Grant

First Claim

Patent Images

1. A method of associating two unidirectional tunnels corresponding to a wireless device, using a transit network device placed in a wireless mobile network to intercept traffic, where said traffic is carried in encapsulated unidirectional tunnels, said method comprising:

using said transit network device to monitor upstream traffic to a mobile core network and downstream traffic from said mobile core network;

identifying upstream messages in said upstream traffic which are from said mobile device;

identifying downstream messages in said downstream traffic which are destined for said mobile device; and

associating transport layer information and tunnel identity information in said identified upstream message with transport layer information and tunnel identity information in said identified downstream message, thereby associating two unidirectional tunnels.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of learning and identifying two unidirectional GTP-U tunnels corresponding to a user equipment (UE) in a device placed in a LTE network, where the device acts as a transparent proxy intercepting user plane and control plane protocols on the S1 interface, is disclosed. Methods of pairing the two unidirectional tunnels that belong to same UE, when there is no control plane information or when there is Control Plane information, but the NAS portions of the S1 Control that contain bearer IP addresses are encrypted, are disclosed. Control plane and user plane methods for associating GTP-U tunnels and the corresponding bearer plane IP addresses are identified. Additionally, methods for detecting mobility of a UE, as it moves from the coverage area of one E-NodeB to another, are disclosed. Methods for constructing an eNodeB topology map are also disclosed.

137 Citations

11 Claims

1. A method of associating two unidirectional tunnels corresponding to a wireless device, using a transit network device placed in a wireless mobile network to intercept traffic, where said traffic is carried in encapsulated unidirectional tunnels, said method comprising:
- using said transit network device to monitor upstream traffic to a mobile core network and downstream traffic from said mobile core network;
  
  identifying upstream messages in said upstream traffic which are from said mobile device;
  
  identifying downstream messages in said downstream traffic which are destined for said mobile device; and
  
  associating transport layer information and tunnel identity information in said identified upstream message with transport layer information and tunnel identity information in said identified downstream message, thereby associating two unidirectional tunnels.
- View Dependent Claims (2)
- - 2. The method of claim 1, wherein said mobile network utilizes a protocol selected from the group comprising UMTS, EVDO/CDMA, LTE and WIMAX.

3. A method of providing cached data and overcoming DOS and spoofing attacks occurring in a wireless mobile network, comprising:
- associating a transport layer address (TLA) and tunnel endpoint identifier (TEID) for upstream messages from a user device with a TLA and TEID for downstream messages;
  
  storing said TLA and TEID association in a storage element;
  
  identifying a message from said user device;
  
  comparing a TLA in said message with said stored TLA and TEID information; and
  
  determining whether to transmitted said cached data to said user device based on said comparison.
- View Dependent Claims (4, 5, 6, 7)
- - 4. The method of claim 3, further comprising detecting a DOS or spoofing attack if said comparison fails.
  - 5. The method of claim 3, further comprises detecting a DOS or spoofing attack, wherein said detecting comprising:
    - validating IP addresses received in said upstream messages with destination IP addresses contained in said downstream messages of the said associated tunnels.
  - 6. The method of claim 3, further comprising forwarding said upstream message to a core network if a downstream message has not been associated with an upstream message.
  - 7. The method of claim 3, further comprising limiting the number and rate of upstream messages if a downstream message has not been associated with an upstream message.

8. A method of associating two unidirectional tunnels corresponding to a wireless device, using a transit network device placed in a wireless mobile network to intercept traffic, where said traffic is carried in encapsulated unidirectional tunnels, in which NAS payloads are encrypted, said method comprising:
- using said transit network device to monitor upstream traffic to a mobile core network and downstream traffic from said mobile core network;
  
  identifying an upstream message in said upstream traffic which is from said mobile device;
  
  identifying a downstream message in said downstream traffic which is in response to said upstream message, destined for said mobile device;
  
  associating a transport layer address (TLA) and tunnel endpoint identifier (TEID) in said identified upstream message with a TLA and TEID in said identified downstream message, thereby associating two unidirectional tunnels; and
  
  receiving a subsequent message from said mobile device containing said TLA, said TEID, and a bearer IP address, thereby associating an IP address for said mobile device with said two unidirectional tunnels.

9. A method of identifying mobility of a mobile device in a wireless mobile network, comprising:
- using said transit network device to monitor upstream traffic to a mobile core network and downstream traffic from said mobile core network;
  
  associating a transport layer address (TLA) and tunnel endpoint identifier (TEID) in an identified upstream message with a TLA and TEID in an identified downstream message, thereby associating two unidirectional tunnels associated with said mobile device;
  
  associating a IP address for said mobile device with said two unidirectional tunnels;
  
  detecting two sets of network devices exchanging control plane information, said exchanging indicative of movement of said mobile device from a source eNodeB to a target eNodeB; and
  
  determining a new TLA and TEID to be used by said mobile device for upstream messages transmitted through said target eNodeB.
- View Dependent Claims (10, 11)
- - 10. The method of claim 9, further comprising estimating traffic load of said source and target eNodeBs based on said movement of said mobile device.
  - 11. The method of claim 9, further comprising constructing a network topology based on said movement of said mobile device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ribbon Communications Securities Corp. (Ribbon Communications, Inc.)
Original Assignee
Movik Networks, Inc. (Ribbon Communications, Inc.)
Inventors
Kovvali, Surya Kumar, Valmikam, Ravi
Primary Examiner(s)
Ng, Fan

Application Number

US14/033,578
Publication Number

US 20140016509A1
Time in Patent Office

799 Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04W 76/11   Allocation or use of connec...

H04W 8/082   for traffic bypassing of mo...

H04W 8/26   Network addressing or numbe...

H04W 88/182   Network node acting on beha...

Destination learning and mobility detection in transit network device in LTE and UMTS radio access networks

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

137 Citations

11 Claims

Specification

Use Cases

Quick Links

Others

Destination learning and mobility detection in transit network device in LTE and UMTS radio access networks

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

137 Citations

11 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others