Rogue base station router detection with statistical algorithms
Abstract
The patent application is directed to a method for determining if a cellular attach on a communication system is active, include the step of identifying a base station router (BSR) in the communication system via a cellular scan. The method also includes a step of determining a distribution curve for a predetermined criteria, including a calculated mean and calculated standard deviation, based on survey data for the predetermined criteria from the cellular scan that is associated with a public land mobile network (PLMN) of a single carrier in a single radio access technology (RAT). The method also includes a step of determining that an event directed to cellular connectivity is present in the communication system. The method further includes a step of determining that the cellular attack associated with the BSR is active based on the determined distribution curve and the determined event.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . A method for determining if a cellular attack on a communication system is active, the method comprising:
identifying a base station router (BSR) in the communication system via a cellular scan; determining a distribution curve for a predetermined criteria, including a calculated mean and calculated standard deviation, based on survey data for the predetermined criteria from the cellular scan that is associated with a public land mobile network (PLMN) of a single carrier in a single radio access technology (RAT); determining that an event directed to cellular connectivity is present in the communication system; and determining that the cellular attack associated with the BSR is active based on the determined distribution curve and the determined event.
2 . The method of claim 1 , further comprising:
calculating a confidence level that the cellular attack is active based on the determined distribution curve and the determined event, wherein the determining that the cellular attack is active is further based on the confidence level.
3 . The method of claim 2 , wherein:
the confidence level is based upon a weighted sum of voting weights corresponding to parameters exceeding specified statistical and parameterized thresholds of plural predetermined criteria and detection by machine learning algorithms, and the confidence level is continuously updated in view of a repeated cellular scan.
4 . The method of claim 1 , further comprising:
determining that the BSR is a rogue BSR based on the determined distribution curve and survey data from the cellular scan associated with the BSR.
5 . The method of claim 4 , wherein the BSR is determined as a rogue BSR by:
comparing, with respect to the predetermined criteria, the survey data from the cellular scan associated with the BSR and the distribution curve; and determining, based on the comparing step, that the survey data associated with the BSR exceeds a predetermined threshold of standard deviations from the calculated mean.
6 . The method of claim 4 , further comprising:
determining that the event correlates with the determining that the BSR is a rogue BSR.
7 . The method of claim 1 , further comprising:
sending a notification of the active cellular attack to one or more users of the communication system.
8 . The method of claim 1 , wherein the event comprises one or more of a software update or network connectivity issues.
9 . The method of claim 1 , wherein the predetermined criteria comprises one or more of a global cell identifier (GCI), channel code, bands, signal strength, or times first and last seen on the network.
10 . The method of claim 1 , wherein the cellular attack comprises one or more of a man-in-the-middle attack, a denial-of-service (DoS) attack, a distributed denial-of-service (DDoS) attack, client location tracking, or malware injection into clients.
11 . The method of claim 1 , further comprising:
displaying the distribution curve via a graphical user interface (GUI).
12 . A system comprising:
a non-transitory computer-readable media storing instructions for determining if a cellular attack on a communication system is active, which, when executed by a processor, effectuate operations comprising:
identifying a base station router (BSR) in the communication system;
determining a distribution curve for a predetermined criteria, including a calculated mean and calculated standard deviation, based on cellular survey data for the predetermined criteria that is associated with a public land mobile network (PLMN) of a single carrier in a single radio access technology (RAT);
determining that an event directed to cellular connectivity is present in the communication system; and
determining that the cellular attack associated with the BSR is active based on the determined distribution curve and the determined event.
13 . The system of claim 12 , wherein the operations further comprise:
calculating a confidence level that the cellular attack is active based on the determined distribution curve and the determined event, wherein the determining that the cellular attack is active is further based on the confidence level.
14 . The system of claim 12 , wherein the operations further comprise:
determining that the BSR is a rogue BSR based on the determined distribution curve and survey data associated with the BSR.
15 . The system of claim 14 , wherein the BSR is determined as a rogue BSR by:
comparing, with respect to the predetermined criteria, survey data associated with the BSR and the distribution curve; and determining, based on the comparing step, that the survey data associated with the BSR exceeds a predetermined threshold of standard deviations from the calculated mean.
16 . The system of claim 12 , wherein the operations further comprise:
sending a notification of the active cellular attack to one or more users of the communication system.
17 . A system comprising:
one or more processors; and memory storing instructions for determining if a cellular attack on a communication system is active, which, when executed by the one or more processors, effectuate operations comprising:
identifying a base station router (BSR) in the communication system;
determining a distribution curve for a predetermined criteria, including a calculated mean and calculated standard deviation, based on cellular survey data for the predetermined criteria that is associated with a predetermined public land mobile network (PLMN) in a single radio access technology (RAT);
determining that an event directed to cellular connectivity is present in the communication system; and
determining that the cellular attack associated with the BSR is active based on the determined distribution curve and the determined event.
18 . The system of claim 17 , wherein the operations further comprise:
calculating a confidence level that the cellular attack is active based on the determined distribution curve and the determined event, wherein the determining that the cellular attack is active is further based on the confidence level.
19 . The system of claim 17 , wherein the operations further comprise:
determining that the BSR is a rogue BSR based on the determined distribution curve and survey data associated with the BSR.
20 . The system of claim 19 , wherein the BSR is determined as a rogue BSR by:
comparing, with respect to the predetermined criteria, survey data associated with the BSR and the distribution curve; and determining, based on the comparing step, that the survey data associated with the BSR exceeds a predetermined threshold of standard deviations from the calculated mean.Join the waitlist — get patent alerts
Track US2021105709A1 — get alerts on status changes and closely related new filings.
We store only your email — no account needed. See our privacy policy.