Mitigating the Impact from Internet Attacks in a RAN Using Internet Transport

US 20160373468A1
Filed: 02/09/2015
Published: 12/22/2016
Est. Priority Date: 02/09/2015
Status: Active Grant

First Claim

Patent Images

1-32. -32. (canceled)

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present disclosure relates to methods and devices for mitigating the impact from Internet attacks in a Radio Access Network, RAN (10), using Internet transport. This object is obtained by a method performed in in a User Equipment, UE (13) associated with the RAN (10) using Internet transport. The method comprises receiving from at least a network node (11, 12, 21, 22, 23) in the RAN (10), information associated with an Internet attack. Obtaining, based on the information, a mitigation action, the mitigation action mitigating the impact of the attack on the RAN service. The method further comprises to perform the obtained mitigation action to mitigate the impact on the RAN service level.

0 Citations

64 Claims

1-32. -32. (canceled)

33. A method, performed in a User Equipment (UE) associated with a Radio Access Network (RAN) using Internet transport, of mitigating impacts from Internet attacks, the method comprising:
- receiving, from a network node in the RAN, information associated with an Internet attack;
  
  obtaining, based on the information, a mitigation action, the mitigation action mitigating the impact of the attack on the RAN service; and
  
  performing the obtained mitigation action to mitigate the impact on the RAN service level.
- View Dependent Claims (34, 35, 36)
- - 34. The method of claim 33, wherein the information further comprises at least one suggested mitigation action.
  - 35. The method of claim 33, wherein the mitigation action comprises moving the UE to another network node.
  - 36. The method of claim 33, wherein the information is received from a first network node in the RAN, and wherein the method further comprises informing a second network node in the RAN about the attack.

37. A method, performed in a network node in a Radio Access Network (RAN) using Internet transport, of mitigating impacts from Internet attacks, the method comprising:
- obtaining intrusion detection information informing the network node that the RAN is under an Internet attack;
  
  selecting, based on the intrusion detection information, a mitigation action, wherein the mitigation action comprises sending a message comprising information associated with the Internet attack to a User Equipment (UE) connected to the RAN; and
  
  performing the selected mitigation action to mitigate the impact on the RAN service level.
- View Dependent Claims (38, 39, 40, 41, 42, 43, 44, 45, 46, 47)
- - 38. The method of claim 37, wherein the message further comprises at least one suggested mitigation action.
  - 39. The method of claim 37, wherein the mitigation action comprises instructing the UE, being connected to the network node in the RAN, to move to another network node.
  - 40. The method of claim 37, wherein the instructions further comprise a timer-value defining the validity time for the mitigation action.
  - 41. The method of claim 37, wherein the mitigation action further comprises rejecting a connection attempt from the UE.
  - 42. The method of claim 41, further comprising proposing a new network node based on a UE report of Cell availability.
  - 43. The method of claim 37, wherein the network node is a Radio Base Station (RBS).
  - 44. The method of claim 37, wherein the network node is a Base Station Controller (BSC).
  - 45. The method of claim 37, wherein the network node is a Radio Network Controller (RNC).
  - 46. The method of claim 37, wherein the obtaining comprises receiving the intrusion detection information from an Intrusion Detection System (IDS).
  - 47. The method of claim 46, wherein the IDS is located within the network node.

48. A User Equipment (UE) associated with a Radio Access Network (RAN) using Internet transport, of mitigating impacts from Internet attacks, the UE comprising a processor and a memory, said memory containing instructions executable by said processor whereby said UE is configured to:
- receive, from a network node in the RAN, information associated with an internet attack;
  
  obtain, based on the information, a mitigation action, the mitigation action mitigating the impact of the attack on the RAN service; and
  
  perform the obtained mitigation action to mitigate the impact on the RAN service level.
- View Dependent Claims (49, 50, 51)
- - 49. The UE of claim 48, wherein the information further comprises at least one suggested mitigation action.
  - 50. The UE of claim 48, wherein the mitigation action comprises moving the UE to another network node in the RAN.
  - 51. The UE of claim 48, wherein the information is received from a first network node and wherein the UE is further configured to inform a second network node about the attack.

52. A network node in a Radio Access Network (RAN) using Internet transport, of mitigating the impact from Internet attacks, the network node comprising a processor and a memory, said memory containing instructions executable by said processor whereby said network node is configured to:
- obtain intrusion detection information informing the network node that the RAN is under an Internet attack;
  
  select, based on the intrusion detection information, a mitigation action, wherein the mitigation action comprises sending a message comprising information associated with the internet attack to a User Equipment (UE) connected to the RAN; and
  
  perform the selected mitigation action to mitigate the impact on the RAN service level.
- View Dependent Claims (53, 54, 55, 56, 57, 58, 59, 60, 61, 62)
- - 53. The network node of claim 52, wherein the message further comprises at least one suggested mitigation action.
  - 54. The network node of claim 52, wherein the mitigation action comprises instructing the UE, being connected to the network node, to move to another network node.
  - 55. The network node of claim 52, wherein the instructions further comprise a timer-value defining the validity time for the mitigation action.
  - 56. The network node of claim 52, wherein the mitigation action comprises rejecting a connection attempt from the UE.
  - 57. The network node of claim 54, further comprising proposing a new network node based on the UE report of Cell availability.
  - 58. The network node of claim 52, wherein the network node is a Radio Base Station (RBS).
  - 59. The network node of claim 52, wherein the network node is a Base Station Controller (BSC).
  - 60. The network node of claim 52, wherein the network node is a Radio Network Controller (RNC).
  - 61. The network node of claim 52, wherein the obtaining comprises receiving the intrusion detection information from an Intrusion Detection System (IDS).
  - 62. The network node of claim 61, wherein the IDS is located within the network node.

63. A non-transitory computer-readable storage medium, having stored thereupon a computer program that, when run in a network node in a Radio Access Network (RAN) using Internet transport, causes the network node to:
- obtain intrusion detection information informing the network node that the RAN is under an Internet attack;
  
  select, based on the intrusion detection information, a mitigation action, wherein the mitigation action comprises sending a message comprising information associated with the internet attack to a User Equipment (UE) connected to the RAN; and
  
  perform the selected mitigation action to mitigate the impact on the RAN service level.

64. A non-transitory computer-readable storage medium, having stored thereupon a computer program that, when run in a user equipment (UE) associated with a Radio Access Network (RAN) using Internet transport, causes the UE to:
- receive, from a network node in the RAN, information associated with an internet attack;
  
  obtain, based on the information, a mitigation action, the mitigation action mitigating the impact of the attack on the RAN service; and
  
  perform the obtained mitigation action to mitigate the impact on the RAN service level.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Telefonaktiebolaget LM Ericsson
Original Assignee
Telefonaktiebolaget LM Ericsson
Inventors
Thyni, Tomas, Forsman, Mats, Ullerstig, Mats

Granted Patent

US 9,781,136 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1425   Traffic logging, e.g. anoma...

H04L 63/1441   Countermeasures against mal...

H04L 67/10   in which an application is ...

H04W 12/12   Detection or prevention of ...

H04W 12/61   Time-dependent

H04W 84/02   Hierarchically pre-organise...

Mitigating the Impact from Internet Attacks in a RAN Using Internet Transport

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

0 Citations

64 Claims

Specification

Solutions

Use Cases

Quick Links

Mitigating the Impact from Internet Attacks in a RAN Using Internet Transport

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

0 Citations

64 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links