×

System and method for correlating security events with subscriber information in a mobile network environment

  • US 9,338,657 B2
  • Filed: 10/16/2012
  • Issued: 05/10/2016
  • Est. Priority Date: 10/16/2012
  • Status: Active Grant
First Claim
Patent Images

1. A method, comprising:

  • identifying one or more first packets as subscriber accounting traffic associated with a subscriber device in a mobile network environment;

    extracting, from a subscriber accounting start packet of the one or more first packets, subscriber device information and a network address of the subscriber device;

    mapping, in a first memory element, the network address to the subscriber device information;

    identifying one or more second packets as subscriber data network traffic; and

    correlating the subscriber device information and a security event if the security event is detected in the one or more second packets and if the one or more second packets are associated with the subscriber device, wherein the correlating comprises;

    searching the first memory element for at least one of a source network address and a destination network address of the one or more second packets;

    obtaining, from the first memory element, the subscriber device information mapped to the network address of the subscriber device, when the network address of the subscriber device corresponds to one of the source network address and the destination network address.

View all claims
  • 10 Assignments
Timeline View
Assignment View
    ×
    ×