公开(公告)号：US10659492B2

公开(公告)日：2020-05-19

申请号：US14939593

申请日：2015-11-12

Applicant: AT&T Intellectual Property I, L.P.

Inventor： Arati Baliga ,  Baris Coskun

IPC: H04L29/06 ,  H04W12/06 ,  H04W12/12 ,  G06F21/56

Abstract: Mitigation of bot networks in wireless networks and/or on mobile devices is provided. A botnet detection component is provided that inspects data traffic and data flows on the wireless network to identify mobile devices that are suspected of behaving as bots. A traffic profile of the suspected bot behavior can be generated and forwarded to the mobile devices that are suspected of behaving as bots. The mobile device can correlate data traffic on the device to the traffic profile in order to identify applications responsible for the suspected bot behavior, and remove the identified applications.

公开(公告)号：US20160308837A1

公开(公告)日：2016-10-20

申请号：US15194037

申请日：2016-06-27

Applicant: AT&T Intellectual Property I, L.P.

Inventor： Arati Baliga ,  Xu Chen ,  Baris Coskun ,  Gustavo de los Reyes ,  Seungjoon Lee ,  Suhas Mathur ,  Jacobus Van der Merwe ,  Gang Xu

IPC: H04L29/06 ,  H04W12/08

CPC classification number: H04L63/0272 ,  H04L63/1416 ,  H04L63/145 ,  H04L63/1458 ,  H04W12/08

Abstract: Methods and apparatus to configure virtual private mobile networks are disclosed. Example methods include provisioning a virtual private mobile network within a wireless network, and, after provisioning the virtual private mobile network, determining whether a first communication from a user equipment matches a security event profile. When the first communication matches the profile, the example methods include transmitting, from the wireless network via a first base transceiver station, an instruction to cause the user equipment to be communicatively coupled to the virtual private mobile network. The example methods further include instructing the user equipment to transmit a second communication through a second base transceiver station that is physically separate from the first base transceiver station and through the virtual private mobile network. In the example methods, the virtual private mobile network is isolated in a wireless spectrum from other portions of the network.

Abstract translation: 公开了配置虚拟专用移动网络的方法和装置。 示例性方法包括在无线网络内配置虚拟专用移动网络，并且在配置虚拟专用移动网络之后，确定来自用户设备的第一通信是否匹配安全事件简档。 当第一通信与简档匹配时，示例性方法包括经由第一基站收发器从无线网络发送使得用户设备通信地耦合到虚拟专用移动网络的指令。 示例性方法还包括指示用户设备通过与第一基站收发器物理分离并通过虚拟专用移动网络的第二基站收发器发送第二通信。 在示例性方法中，虚拟专用移动网络在来自网络的其他部分的无线频谱中被隔离。

公开(公告)号：US09426161B2

公开(公告)日：2016-08-23

申请号：US14929542

申请日：2015-11-02

Applicant: AT&T Intellectual Property I, L.P.

Inventor： Arati Baliga

IPC: G06F7/04 ,  G06F15/16 ,  G06F17/30 ,  H04L29/06 ,  G06F21/34 ,  G06F21/43 ,  G06F21/31 ,  H04W12/06 ,  H04W12/12

CPC classification number: H04L63/101 ,  G06F21/316 ,  G06F21/34 ,  G06F21/43 ,  G06F2221/2153 ,  H04L29/06823 ,  H04L29/06884 ,  H04L29/06911 ,  H04L63/0876 ,  H04L63/126 ,  H04L63/1466 ,  H04W12/06 ,  H04W12/12

Abstract: Methods, systems, and computer-readable media for providing device-based authentication for secure online access are provided. An authentication request is received from an online service. The authentication request may be associated with a login request received by the online service from a user. The authentication request may further indicate a list of device identifiers for computing devices connected to a provider network and previously designated by the user as authorized to access the online service. Communication logs collected from the provider network are analyzed to determine whether the login request originated from one of the authorized computing devices based on the list of device identifiers. If it is determined that the login request originated from one of the authorized computing devices, an indication is returned to the online service that the login request was received from an authorized computing device.

公开(公告)号：US20160057149A1

公开(公告)日：2016-02-25

申请号：US14929542

申请日：2015-11-02

Applicant: AT&T Intellectual Property I, L.P.

Inventor： Arati Baliga

IPC: H04L29/06

CPC classification number: H04L63/101 ,  G06F21/316 ,  G06F21/34 ,  G06F21/43 ,  G06F2221/2153 ,  H04L29/06823 ,  H04L29/06884 ,  H04L29/06911 ,  H04L63/0876 ,  H04L63/126 ,  H04L63/1466 ,  H04W12/06 ,  H04W12/12

Abstract: Methods, systems, and computer-readable media for providing device-based authentication for secure online access are provided. An authentication request is received from an online service. The authentication request may be associated with a login request received by the online service from a user. The authentication request may further indicate a list of device identifiers for computing devices connected to a provider network and previously designated by the user as authorized to access the online service. Communication logs collected from the provider network are analyzed to determine whether the login request originated from one of the authorized computing devices based on the list of device identifiers. If it is determined that the login request originated from one of the authorized computing devices, an indication is returned to the online service that the login request was received from an authorized computing device.

Abstract translation: 提供了用于提供用于安全在线访问的基于设备的认证的方法，系统和计算机可读介质。 从在线服务接收到认证请求。 认证请求可以与来自用户的在线服务接收的登录请求相关联。 认证请求还可以指示连接到提供商网络的计算设备的设备标识符的列表，并且由用户先前指定为被授权访问在线服务。 分析从提供商网络收集的通信日志，以基于设备标识符列表来确定登录请求是从一个授权计算设备发起的。 如果确定登录请求是从授权的计算设备之一发起的，则向在线服务返回从授权计算设备接收到登录请求的指示。

公开(公告)号：US10419992B2

公开(公告)日：2019-09-17

申请号：US15231406

申请日：2016-08-08

Applicant: AT&T Intellectual Property I, L.P.

Inventor： Jacobus Van der Merwe ,  Xu Chen ,  Baris Coskun ,  Gustavo de los Reyes ,  Seungjoon Lee ,  Suhas Mathur ,  Arati Baliga ,  Gang Xu

IPC: G06F15/177 ,  H04W36/14 ,  H04L12/24 ,  H04L12/46 ,  H04L12/26 ,  H04L12/801 ,  H04L29/08 ,  H04L12/927 ,  H04L29/06 ,  H04W36/30 ,  H04W88/02

Abstract: Methods and apparatus to migrate a mobile device from a first virtual private mobile network to a second virtual private mobile network are disclosed. An example apparatus includes a processor and a memory including instructions that cause the processor to perform operations including determining, based on a set of latency routing rules, that a communication transmitted via the first virtual private mobile network is a latency sensitive communication. In response to determining the communication is a latency sensitive communication, the mobile device that originated the latency sensitive communication is identified. The mobile device is communicating via the first virtual private mobile network. Example operations also include migrating the mobile device from the first virtual private mobile network to the second virtual private mobile network wherein the second virtual private mobile network is configured to reduce the latency of the latency sensitive communication.

公开(公告)号：US10069799B2

公开(公告)日：2018-09-04

申请号：US15194037

申请日：2016-06-27

Applicant: AT&T Intellectual Property I, L.P.

Inventor： Arati Baliga ,  Xu Chen ,  Baris Coskun ,  Gustavo de los Reyes ,  Seungjoon Lee ,  Suhas Mathur ,  Jacobus Van der Merwe ,  Gang Xu

IPC: H04L29/06 ,  H04W12/08

Abstract: Methods and apparatus to configure virtual private mobile networks are disclosed. Example methods include provisioning a virtual private mobile network within a wireless network, and, after provisioning the virtual private mobile network, determining whether a first communication from a user equipment matches a security event profile. When the first communication matches the profile, the example methods include transmitting, from the wireless network via a first base transceiver station, an instruction to cause the user equipment to be communicatively coupled to the virtual private mobile network. The example methods further include instructing the user equipment to transmit a second communication through a second base transceiver station that is physically separate from the first base transceiver station and through the virtual private mobile network. In the example methods, the virtual private mobile network is isolated in a wireless spectrum from other portions of the network.

公开(公告)号：US20160353345A1

公开(公告)日：2016-12-01

申请号：US15231406

申请日：2016-08-08

Applicant: AT&T Intellectual Property I, L.P.

Inventor： Jacobus Van der Merwe ,  Xu Chen ,  Baris Coskun ,  Gustavo de los Reyes ,  Seungjoon Lee ,  Suhas Mathur ,  Arati Baliga ,  Gang Xu

IPC: H04W36/14 ,  H04L12/46 ,  H04L12/26

CPC classification number: H04W36/14 ,  H04L12/4633 ,  H04L12/4641 ,  H04L41/083 ,  H04L43/0858 ,  H04L43/087 ,  H04L43/16 ,  H04L47/14 ,  H04L47/805 ,  H04L65/80 ,  H04L67/322 ,  H04W36/30 ,  H04W88/02

Abstract: Methods and apparatus to migrate a mobile device from a first virtual private mobile network to a second virtual private mobile network are disclosed. An example apparatus includes a processor and a memory including instructions that cause the processor to perform operations including determining, based on a set of latency routing rules, that a communication transmitted via the first virtual private mobile network is a latency sensitive communication. In response to determining the communication is a latency sensitive communication, the mobile device that originated the latency sensitive communication is identified. The mobile device is communicating via the first virtual private mobile network. Example operations also include migrating the mobile device from the first virtual private mobile network to the second virtual private mobile network wherein the second virtual private mobile network is configured to reduce the latency of the latency sensitive communication.

Abstract translation: 公开了将移动设备从第一虚拟专用移动网络迁移到第二虚拟专用移动网络的方法和装置。 示例性设备包括处理器和存储器，其包括使得处理器执行操作的指令，包括基于一组等待时间路由规则来确定经由第一虚拟专用移动网络发送的通信是等待时间敏感通信。 响应于确定通信是延迟敏感通信，识别发起等待时间敏感通信的移动设备。 移动设备正在经由第一虚拟专用移动网络进行通信。 示例性操作还包括将移动设备从第一虚拟专用移动网络迁移到第二虚拟专用移动网络，其中第二虚拟专用移动网络被配置为减少等待时间敏感通信的等待时间。

公开(公告)号：US20160065596A1

公开(公告)日：2016-03-03

申请号：US14939593

申请日：2015-11-12

Applicant: AT&T Intellectual Property I, L.P.

Inventor： Arati Baliga ,  Baris Coskun

IPC: H04L29/06 ,  H04W12/06 ,  G06F21/56

CPC classification number: H04L63/145 ,  G06F21/566 ,  H04L63/126 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/1441 ,  H04L63/164 ,  H04L2463/144 ,  H04W12/06 ,  H04W12/12

Abstract: Mitigation of bot networks in wireless networks and/or on mobile devices is provided. A botnet detection component is provided that inspects data traffic and data flows on the wireless network to identify mobile devices that are suspected of behaving as bots. A traffic profile of the suspected bot behavior can be generated and forwarded to the mobile devices that are suspected of behaving as bots. The mobile device can correlate data traffic on the device to the traffic profile in order to identify applications responsible for the suspected bot behavior, and remove the identified applications.

Abstract translation: 提供了无线网络和/或移动设备上的机器人网络的减轻。 提供了一种僵尸网络检测组件，其检查无线网络上的数据流量和数据流，以识别被怀疑为机器人的移动设备。 可以生成可疑机器人行为的流量配置文件，并将其转发到被怀疑为机器人的移动设备。 移动设备可以将设备上的数据流量与流量简档相关联，以便识别负责可疑机器人行为的应用，并移除所识别的应用。