公开(公告)号：US09628580B2

公开(公告)日：2017-04-18

申请号：US14527894

申请日：2014-10-30

Applicant: Verint Systems Ltd.

Inventor： Yitshak Yishay ,  Eithan Goldfarb

IPC: G06F15/173 ,  H04L29/08 ,  H04L29/06

CPC classification number: H04L67/2842 ,  G06F12/0813 ,  G06F2212/154 ,  G06F2212/60 ,  G06F2212/62 ,  H04L43/062 ,  H04L63/1408 ,  H04L63/1416 ,  H04L67/02 ,  H04L67/22

Abstract: Embodiments that are described herein provide improved methods and systems for analyzing network traffic. The disclosed embodiments enable an analytics system to perform complex processing to only new, first occurrences of received content, while refraining from processing duplicate instances of that content. In a typical embodiment, the analytics results regarding the first occurring content are reported and cached in association with the content. For any duplicate instance of the content, the analytics results are retrieved from the cache without re-processing of the duplicate content. When using the disclosed techniques, the system still processes all first occurring content but not duplicate instances of content that was previously received and processed. In the embodiments described herein, input data comprises communication packets exchanged in a communication network.

公开(公告)号：US09525994B2

公开(公告)日：2016-12-20

申请号：US14527891

申请日：2014-10-30

Applicant: Verint Systems Ltd.

Inventor： Eithan Goldfarb

IPC: H04W8/02 ,  H04W12/12 ,  H04W48/16

CPC classification number: H04W48/16 ,  H04W4/14 ,  H04W8/02 ,  H04W8/26 ,  H04W12/12 ,  H04W24/08 ,  H04W60/04

Abstract: A rogue base station detection system that establishes a communication session with a suspected base station, and verifies whether the base station is rogue or innocent by testing which advanced communication features are supported by the base station. The detection system holds a definition of one or more communication features that are supported by innocent base stations and not by rogue base stations. During a communication session with a suspected base station, the detection system requests the base station to activate these communication features. If the base station does not support the features in question, it is likely to be rogue.

Abstract translation: 与可疑基站建立通信会话的流氓基站检测系统，并且通过测试基站支持的哪些高级通信特征来验证基站是否流氓或无辜。 检测系统保持由无辜基站而不是流氓基站支持的一个或多个通信特征的定义。 在与可疑基站的通信会话期间，检测系统请求基站激活这些通信特征。 如果基站不支持有问题的功能，那么它很可能是流氓的。

公开(公告)号：US20160050537A1

公开(公告)日：2016-02-18

申请号：US14924882

申请日：2015-10-28

Applicant: Verint Systems Ltd.

Inventor： Eithan Goldfarb

IPC: H04W4/02

CPC classification number: H04W4/026 ,  H04M1/72519 ,  H04W4/02 ,  H04W4/025 ,  H04W40/00 ,  H04W84/042 ,  H04W84/12 ,  H04W88/06

Abstract: Methods and systems for tracking mobile communication terminals based on their identifiers. The disclosed techniques identify cellular terminals and Wireless Local Area Network (WLAN) terminals that are likely to be carried by the same individual, or cellular and WLAN identifiers that belong to the same multi-mode terminal. A correlation system is connected to a cellular network and to a WLAN. The system receives location coordinates of cellular identifiers used by mobile terminals in the cellular network, and location coordinates of WLAN identifiers used by mobile terminals in the WLAN. Based on the location coordinates, the system is able to construct routes that are traversed by the terminals having the various cellular and WLAN identifiers. The system attempts to find correlations in time and space between the routes.

Abstract translation: 基于其标识符跟踪移动通信终端的方法和系统。 所公开的技术标识可能由属于相同多模终端的相同个人或蜂窝和WLAN标识符承载的蜂窝终端和无线局域网（WLAN）终端。 相关系统连接到蜂窝网络和WLAN。 系统接收移动终端在蜂窝网络中使用的蜂窝标识符的位置坐标，以及移动终端在WLAN中使用的WLAN标识符的位置坐标。 基于位置坐标，系统能够构建由具有各种蜂窝和WLAN标识符的终端遍历的路由。 系统尝试在路由之间找到时间和空间的相关性。

公开(公告)号：US20150356581A1

公开(公告)日：2015-12-10

申请号：US14697841

申请日：2015-04-28

Applicant: Verint Systems Ltd.

Inventor： Gustavo Litmanovich ,  Eithan Goldfarb

IPC: G06Q30/02 ,  H04M3/22

CPC classification number: G06Q30/0204 ,  H04L67/22 ,  H04L67/306 ,  H04M3/2218 ,  H04M2203/556

Abstract: Methods and systems for creating demographic profiles of mobile communication network users. A demographic classification system analyzes network traffic, so as to estimate the specific combination of application classes installed on a given terminal, and usage patterns of the applications over time. This combination of application classes and their respective usage patterns are a highly personalized choice made by the user, and is therefore used by the system to deduce the user's demographic profile. The demographic classification system operates on monitored network traffic, as opposed to obtaining explicit and accurate information regarding the installed applications from the terminal. The system then deduces the demographic profile of the user from the list of estimated application classes.

Abstract translation: 用于创建移动通信网络用户的人口统计简档的方法和系统。 人口分类系统分析网络流量，以便估计给定终端上安装的应用程序类别的具体组合以及应用程序随时间的使用模式。 应用程序类别及其各自的使用模式的组合是由用户做出的高度个性化的选择，并且因此被系统用于推断用户的人口统计特征。 人口统计分类系统对受监控的网络流量进行操作，而不是从终端获取有关已安装应用程序的显式和准确信息。 系统然后从估计的应用程序类别的列表中推断出用户的人口统计特征。

公开(公告)号：US20130344844A1

公开(公告)日：2013-12-26

申请号：US13874332

申请日：2013-04-30

Applicant: Verint Systems Ltd.

Inventor： Eithan Goldfarb

IPC: H04W12/02

CPC classification number: H04W12/02 ,  H04L63/1408 ,  H04W12/12

Abstract: Methods and systems for identifying one or more rogue devices within a wireless communication network over a particular geographic location. A rogue base station detection system receives air interface transmissions from base stations belonging to a wireless communication network, as well as from one or more rogue base stations that do not belong to the network and are used for monitoring (e.g., hacking or eavesdropping) communication terminals communicating in the network. The system typically searches for signaling channels and converts the RF signal into GSM/UMTS messages including overcoming the different encryption methods used. The system than analyzes the received transmissions so as to identify suspicious transmissions that may be transmitted by the rogue base stations.

Abstract translation: 用于在特定地理位置上识别无线通信网络内的一个或多个流氓设备的方法和系统。 流氓基站检测系统从属于无线通信网络的基站以及来自不属于网络并用于监视（例如，黑客或窃听）通信的一个或多个流氓基站接收空中接口传输 终端在网络中通信。 系统通常搜索信令信道并将RF信号转换成GSM / UMTS消息，包括克服所使用的不同加密方法。 系统比分析所接收的传输以便识别可能被流氓基站发送的可疑传输。

公开(公告)号：US11381977B2

公开(公告)日：2022-07-05

申请号：US16994928

申请日：2020-08-17

Applicant: Verint Systems Ltd.

Inventor： Eithan Goldfarb

IPC: H04L29/06 ,  H04W12/80 ,  H04L9/32 ,  G06F21/33 ,  H04L9/08 ,  H04L9/40 ,  H04W12/02 ,  H04W12/04 ,  H04W12/03 ,  H04W12/041

Abstract: Systems and methods for obtaining authentication vectors issued, for use by a mobile communication terminal, by a Home Location Register (HLR) that serves a cellular communication network independently of any cooperation with the cellular network. Further to obtaining the authentication vectors, a terminal is caused to communicate over a WiFi WLAN using an encryption key derived from the obtained authentication vectors, e.g., per the EAP-SIM or EAP-AKA protocol. Since the encryption key is known, communication from the terminal is decrypted. The authentication vectors may be obtained by (i) an “impersonating” Visitor Location Register (VLR) server that does not serve the cellular network; (ii) an interrogation device which, by imitating a legitimate base station serving the cellular network, solicits the mobile communication terminal to associate with the interrogation device; or (iii) an SS7 probe, which obtains authentication vectors communicated from the HLR server to other entities on the SS7 network.

公开(公告)号：US11337054B2

公开(公告)日：2022-05-17

申请号：US16990479

申请日：2020-08-11

Applicant: Verint Systems Ltd.

Inventor： Eithan Goldfarb ,  Doron Breiter ,  Constantin Tanasa ,  Victor Ciochina ,  Nguyen Hoang Nguyen ,  Tymofii Brezhniev

IPC: H04W8/12 ,  H04L29/06 ,  H04W12/02 ,  H04W12/06 ,  H04W88/08 ,  H04W12/72 ,  H04W8/04

Abstract: Methods for obtain identifiers, such as International Mobile Subscriber Identities (IMSIs) and International Mobile Station Equipment Identities (IMEIs), of mobile communication terminals, and associate these identifiers with other items of identifying information provided by users of the terminals. A local interrogation device may be installed that imitates a legitimate base station belonging to a cellular network, at a control checkpoint. Local interrogation devices are connected to a global interrogation device in a hierarchical network, whereby the local interrogation devices are assigned a priority that is higher than that of the global interrogation device. The global interrogation device provides cellular coverage to a larger area that contains the control checkpoints, while the local interrogation devices provide more localized cellular coverage to the control checkpoints.

公开(公告)号：US10785636B2

公开(公告)日：2020-09-22

申请号：US16717227

申请日：2019-12-17

Applicant: Verint Systems Ltd.

Inventor： Eithan Goldfarb ,  Doron Breiter ,  Constantin Tanasa ,  Victor Ciochina ,  Nguyen Hoang Nguyen ,  Tymofii Brezhniev

IPC: H04W8/12 ,  H04W12/06 ,  H04L29/06 ,  H04W12/02 ,  H04W88/08 ,  H04W12/00 ,  H04W8/04

Abstract: Methods for obtain identifiers, such as International Mobile Subscriber Identities (IMSIs) and International Mobile Station Equipment Identities (IMEIs), of mobile communication terminals, and associate these identifiers with other items of identifying information provided by users of the terminals. A local interrogation device may be installed that imitates a legitimate base station belonging to a cellular network, at a control checkpoint. Local interrogation devices are connected to a global interrogation device in a hierarchical network, whereby the local interrogation devices are assigned a priority that is higher than that of the global interrogation device. The global interrogation device provides cellular coverage to a larger area that contains the control checkpoints, while the local interrogation devices provide more localized cellular coverage to the control checkpoints.

公开(公告)号：US10749688B2

公开(公告)日：2020-08-18

申请号：US15495067

申请日：2017-04-24

Applicant: Verint Systems Ltd.

Inventor： Eithan Goldfarb

IPC: H04L29/06 ,  H04L9/32 ,  G06F21/33 ,  H04L9/08 ,  H04W12/04 ,  H04W12/02

Abstract: Systems and methods for obtaining authentication vectors issued, for use by a mobile communication terminal, by a Home Location Register (HLR) that serves a cellular communication network independently of any cooperation with the cellular network. Further to obtaining the authentication vectors, a terminal is caused to communicate over a WiFi WLAN using an encryption key derived from the obtained authentication vectors, e.g., per the EAP-SIM or EAP-AKA protocol. Since the encryption key is known, communication from the terminal is decrypted. The authentication vectors may be obtained by (i) an “impersonating” Visitor Location Register (VLR) server that does not serve the cellular network; (ii) an interrogation device which, by imitating a legitimate base station serving the cellular network, solicits the mobile communication terminal to associate with the interrogation device; or (iii) an SS7 probe, which obtains authentication vectors communicated from the HLR server to other entities on the SS7 network.

公开(公告)号：US10713498B2

公开(公告)日：2020-07-14

申请号：US16531776

申请日：2019-08-05

Applicant: Verint Systems Ltd.

Inventor： Eithan Goldfarb ,  Boaz Dudovich

IPC: G06K9/00 ,  G06T7/292 ,  H04W4/029 ,  H04N7/18

Abstract: A plurality of pairs of video cameras and interrogation devices may be placed in a public place along various paths that a person-of-interest might be expected to move. The person-of-interest is then located in multiple images acquired, collectively, by multiple video cameras. From each of the interrogation devices that are paired with these video cameras, a subset of the captured identifiers is obtained. Candidate identifiers are then restricted to those identifiers that are included in each of the subsets. A given identifier may be rejected as a candidate identifier. To automatically locate the person-of-interest in the images acquired by the “paired” video cameras, a processor may utilize video-tracking techniques to automatically track the person-of-interest, such that the person-of-interest is not “lost.” By virtue of utilizing such tracking techniques, the person-of-interest may be repeatedly located automatically, and with minimal chance of a false detection.