Mitigating the impact from internet attacks in a RAN using internet transport

US 9,781,136 B2
Filed: 02/09/2015
Issued: 10/03/2017
Est. Priority Date: 02/09/2015
Status: Active Grant

First Claim

Patent Images

1. A method, performed in a User Equipment (UE) associated with a Radio Access Network (RAN) using Internet transport, of mitigating impacts from Internet attacks, the method comprising:

receiving, from a network node in the RAN, information associated with an Internet attack on a network node in the RAN and using Internet transport to provide services to UEs served by the RAN;

obtaining, based on the information, a mitigation action, the mitigation action mitigating the impact of the attack on a RAN service provided by the RAN; and

performing the obtained mitigation action to mitigate the impact on a service level for the RAN service.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present disclosure relates to methods and devices for mitigating the impact from Internet attacks in a Radio Access Network, RAN (10), using Internet transport. This object is obtained by a method performed in a User Equipment, UE (13) associated with the RAN (10) using Internet transport. The method comprises receiving from at least a network node (11, 12, 21, 22, 23) in the RAN (10), information associated with an Internet attack. Obtaining, based on the information, a mitigation action, the mitigation action mitigating the impact of the attack on the RAN service. The method further comprises to perform the obtained mitigation action to mitigate the impact on the RAN service level.

10 Citations

32 Claims

1. A method, performed in a User Equipment (UE) associated with a Radio Access Network (RAN) using Internet transport, of mitigating impacts from Internet attacks, the method comprising:
- receiving, from a network node in the RAN, information associated with an Internet attack on a network node in the RAN and using Internet transport to provide services to UEs served by the RAN;
  
  obtaining, based on the information, a mitigation action, the mitigation action mitigating the impact of the attack on a RAN service provided by the RAN; and
  
  performing the obtained mitigation action to mitigate the impact on a service level for the RAN service.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, wherein the information further comprises at least one suggested mitigation action.
  - 3. The method of claim 1, wherein the mitigation action comprises moving the UE to another network node.
  - 4. The method of claim 1, wherein the information is received from a first network node in the RAN, and wherein the method further comprises informing a second network node in the RAN about the attack.

5. A method, performed in a network node in a Radio Access Network (RAN) and using Internet transport to provide services to user equipments (UEs) served by the RAN, of mitigating impacts from Internet attacks, the method comprising:
- obtaining intrusion detection information informing the network node that the network node is under an Internet attack via an Internet connection to the network node;
  
  selecting, based on the intrusion detection information, a mitigation action, wherein the mitigation action comprises sending a message comprising information associated with the Internet attack to a User Equipment (UE) connected to the RAN; and
  
  performing the selected mitigation action to mitigate the impact on a RAN service level.
- View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 6. The method of claim 5, wherein the message further comprises at least one suggested mitigation action.
  - 7. The method of claim 5, wherein the mitigation action comprises instructing the UE, being connected to the network node in the RAN, to move to another network node.
  - 8. The method of claim 7, wherein the instructing comprises providing a timer-value defining the validity time for the mitigation action.
  - 9. The method of claim 5, wherein the mitigation action further comprises rejecting a connection attempt from the UE.
  - 10. The method of claim 9, further comprising proposing a new network node based on a UE report of Cell availability.
  - 11. The method of claim 5, wherein the network node is a Radio Base Station (RBS).
  - 12. The method of claim 5, wherein the network node is a Base Station Controller (BSC).
  - 13. The method of claim 5, wherein the network node is a Radio Network Controller (RNC).
  - 14. The method of claim 5, wherein the obtaining comprises receiving the intrusion detection information from an Intrusion Detection System (IDS).
  - 15. The method of claim 14, wherein the IDS is located within the network node.

16. A User Equipment (UE) configured for use with a Radio Access Network (RAN) using Internet transport, the UE comprising a processor and a memory, said memory containing instructions executable by said processor whereby said UE is configured to:
- receive, from a network node in the RAN, information associated with an internet attack on a network node in the RAN and using Internet transport to provide services to UEs served by the RAN;
  
  obtain, based on the information, a mitigation action, the mitigation action mitigating the impact of the attack on a RAN service provided by the RAN; and
  
  perform the obtained mitigation action to mitigate the impact on a service level for the RAN service.
- View Dependent Claims (17, 18, 19)
- - 17. The UE of claim 16, wherein the information further comprises at least one suggested mitigation action.
  - 18. The UE of claim 16, wherein the mitigation action comprises moving the UE to another network node in the RAN.
  - 19. The UE of claim 16, wherein the information is received from a first network node and wherein the UE is further configured to inform a second network node about the attack.

20. A network node configured for use in a Radio Access Network (RAN) and to use Internet transport to provide services to user equipments (UEs) served by the RAN, the network node comprising a processor and a memory, said memory containing instructions executable by said processor whereby said network node is configured to:
- obtain intrusion detection information informing the network node that the network node is under an Internet attack via an Internet connection to the network node;
  
  select, based on the intrusion detection information, a mitigation action, wherein the mitigation action comprises sending a message comprising information associated with the internet attack to a User Equipment (UE) connected to the RAN; and
  
  perform the selected mitigation action to mitigate the impact on a RAN service level.
- View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 21. The network node of claim 20, wherein the message further comprises at least one suggested mitigation action.
  - 22. The network node of claim 20, wherein the mitigation action comprises instructing the UE, being connected to the network node, to move to another network node.
  - 23. The network node of claim 22, wherein the instructing comprises providing a timer-value defining the validity time for the mitigation action.
  - 24. The network node of claim 20, wherein the mitigation action comprises rejecting a connection attempt from the UE.
  - 25. The network node of claim 22, further comprising proposing a new network node based on a UE report of Cell availability.
  - 26. The network node of claim 20, wherein the network node is a Radio Base Station (RBS).
  - 27. The network node of claim 20, wherein the network node is a Base Station Controller (BSC).
  - 28. The network node of claim 20, wherein the network node is a Radio Network Controller (RNC).
  - 29. The network node of claim 20, wherein the obtaining comprises receiving the intrusion detection information from an Intrusion Detection System (IDS).
  - 30. The network node of claim 29, wherein the IDS is located within the network node.

31. A non-transitory computer-readable storage medium, having stored thereupon a computer program that, when run in a network node in a Radio Access Network (RAN) and using Internet transport to provide services to user equipments (UEs) served by the RAN, causes the network node to:
- obtain intrusion detection information informing the network node that the network node is under an Internet attack via an Internet connection to the network node;
  
  select, based on the intrusion detection information, a mitigation action, wherein the mitigation action comprises sending a message comprising information associated with the internet attack to a User Equipment (UE) connected to the RAN; and
  
  perform the selected mitigation action to mitigate the impact on a RAN service level.

32. A non-transitory computer-readable storage medium, having stored thereupon a computer program that, when run in a user equipment (UE) associated with a Radio Access Network (RAN) using Internet transport, causes the UE to:
- receive, from a network node in the RAN, information associated with an internet attack on a network node in the RAN and using Internet transport to provide services to UEs served by the RAN;
  
  obtain, based on the information, a mitigation action, the mitigation action mitigating the impact of the attack on a RAN service provided by the RAN; and
  
  perform the obtained mitigation action to mitigate the impact on a service level for the RAN service.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Telefonaktiebolaget LM Ericsson
Original Assignee
Telefonaktiebolaget LM Ericsson
Inventors
Thyni, Tomas, Forsman, Mats, Ullerstig, Mats
Primary Examiner(s)
Zand, Kambiz
Assistant Examiner(s)
WYSZYNSKI, AUBREY H

Application Number

US14/427,448
Publication Number

US 20160373468A1
Time in Patent Office

967 Days
Field of Search

726 26
US Class Current
CPC Class Codes

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1425   Traffic logging, e.g. anoma...

H04L 63/1441   Countermeasures against mal...

H04L 67/10   in which an application is ...

H04W 12/12   Detection or prevention of ...

H04W 12/61   Time-dependent

H04W 84/02   Hierarchically pre-organise...

Mitigating the impact from internet attacks in a RAN using internet transport

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

10 Citations

32 Claims

Specification

Use Cases

Quick Links

Others

Mitigating the impact from internet attacks in a RAN using internet transport

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

10 Citations

32 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others