Abstract: A system and method for defending a mobile network from a fraud committed via GTP is disclosed. According to one embodiment, a computer-implemented method includes receiving receives information associated with a GTP request from a serving node to a gateway node in a mobile network. The information associated with the GTP request is a GTP control plane request or a CDR associated with the GTP request. The information associated with a GTP request is examined, and parameters contained in the information associated with the GTP request are analyzed. It is determined that the GTP request is a fraudulent GTP request if the parameters do not belong to an authorized subscriber of the mobile network. A GTP tunnel associated with the fraudulent GTP request is denied, an established fraudulent GTP tunnel is deleted, or network traffic established by a fraudulent GTP tunnel is redirected to a monitoring node.

Abstract: A data replication system of a communication network is disclosed. According to one embodiment, the data replication system includes a replication gateway node and a replication control system located in one or more of a visited network and a home network. The replication gateway node is configured to create a first replication tunnel between a first gateway node and the replication gateway node and a second replication tunnel between the replication gateway node and a second gateway node. The replication gateway node replicates data streams between the first gateway node and the second gateway and delivers the replicated data stream to a management node for further analysis.

Abstract: A system and method for transmitting a secure message is disclosed. According to one embodiment, a method includes providing a request for one or more attributes associated with a phone number for a recipient mobile device, generating a key based on the one or more attributes, receiving an encrypted message for a recipient mobile device, where the encrypted message is encrypted based on the key, requesting the one or more attributes from the recipient mobile device, receiving the one or more attributes from the recipient mobile device, regenerating the key based on the one or more attributes received from the recipient mobile device, decrypting the encrypted message based on the regenerated key, and delivering the decrypted message to the recipient mobile device.

Abstract: A system and method for discovering user equipment in a network is disclosed. According to one embodiment, a discovery proxy periodically scans an access router that serves a target user equipment and collects an address assignment record of the target user equipment via the access router. The discovery proxy passes the address assignment record to a discovery server, and the discovery server identifies a location of the target user equipment based on the address assignment record of the target user equipment.

Abstract: A method and system for enabling peer-to-peer (P2P) communication between a first device and a second device is disclosed. According to one embodiment, a P2P communication system includes a first peer agent serving a first peer, a second peer agent serving a second peer, and a rendezvous server. The rendezvous server updates a first IP address for the first peer agent to the second peer agent and a second IP address for the second peer agent to the first peer agent. The first peer agent and the second peer agent communicate with the rendezvous server by dropping and retrieving a plurality of dead-drop packages. A first dead-drop package of the plurality of dead-drop packages comprises a first alias that is known only to the first peer and the second peer. A second dead-drop package of the plurality of dead-drop packages comprises a second alias that is different from the first alias.

Abstract: A data replication system of a communication network is disclosed. According to one embodiment, the data replication system includes a replication gateway node and a replication control system. The replication gateway node is configured to create a first replication tunnel between a first gateway node and the replication gateway node and a second replication tunnel between the replication gateway node and a second gateway node. The replication gateway node replicates data streams between the first gateway node and the second gateway and delivers the replicated data stream to a management node for further analysis.

Abstract: A system and method for metadata analysis and collection with privacy is disclosed. According to one embodiment, a trusted third party (TTP) system generates and transmits authorization keys to a government agency (GA) system and a communication service provider (CSP) system. The TTP system receives index records referencing records of subscribers from the CSP system and ingests the index records received from the CSP system. The TTP system receives a target index request from the GA system and sends a metadata record request to the CSP system based on the target index request. The CSP system sends metadata records to the TTP system, and the TTP system delivers the metadata records to the GA system. The metadata records are encrypted with encryption keys shared between the GA system and the CSP system such that the TTP system cannot decrypt the metadata records.