Enhancing network security is an important consideration for any network provider. Malicious software, such as viruses, Trojan horses, worms, etc., can wreak havoc on even the most robust system. Additionally, unwanted solicitations, such as spam email or pop-ups unnecessarily consume needed bandwidth and tax resources of the network.
Historically, wireless networks, such as Universal Mobile Telecommunications System (“UMTS”), Code Division Multiple Access (“CDMA”), Worldwide Interoperability for Microwave Access (“WiMAX”), Long Term Evolution (“LTE”), etc., have been relatively free from such unsolicited attacks. However, with the ever-increasing number of wireless and/or mobile device users, even these devices are now becoming targeted. This problem is even more troublesome for wireless networks as the bandwidth is considerably limited. Additionally, service providers often charge for mobile service on a per use or per data basis whereby the user actually has to pay for receiving items he/she does not want and has not requested.
Today, devices that are connected to the Internet via a wireless network are usually protected from unsolicited packets via Network Address Translation (“NAT”). The NAT server is usually positioned on the gateway between the Internet and the wireless network, e.g., as a Gateway General Packet Radio Service (“GPRS”) Support Node (“GGSN”), Packet Data Gateway (“PDG”), etc. However, some network operators do not use NAT and assign public Internet Protocol (“IP”) addresses. In this environment, the wireless device is often continuously “bombarded” with unsolicited IP packets from many sources. Such sources, for example, may include (1) peer-to-peer (“P2P”) clients that send IP packets to an IP address which was previously assigned to another device due to dynamic IP address assignment and (2) hosts on the Internet that are infected by viruses or other malicious programs that randomly send malicious packets to other hosts to try to infect them.
On a well maintained wireless device, the IP protocol stack or the firewall detects and discards such unwanted data packets. However, these packets create a number of serious issues in wireless networks. In Fourth-generation (“4G”) networks where all devices are always connected and each device has an IP address, there are approximately 1000-2000 devices connected to the same cell at any time. If all of these devices constantly receive unsolicited packets, the signaling for channel establishments and bandwidth overhead on the air interface is significant. By comparison, for a digital subscriber line (“DSL”), only a single household is behind a link.
Additionally, unsolicited packets have a further negative effect on the battery life of the wireless device. Because the wireless device must have its radio powered on to receive messages, the presence of these unwanted packets significantly shorten the periods during which wireless devices can power down their radio to conserve power. Reception of periodic unsolicited packets does not only require power for the reception of the packet but also for radio connection establishment and maintaining the channel for some time after the packet has been received. As a result, the operation time of the wireless device is significantly reduced by reception of periodic but unwanted IP packets.
With the introduction of Internet Protocol version 6 (“IPv6”), the next-generation Internet Layer protocol for packet-switched networks and the Internet, the problem is likely to get worse since NAT gateways, which currently block all incoming packets unless the connection is setup by the wireless device, are no longer required.
One prior method involves the use of Deep Packet Inspection (“DPI”) on the network side. However, DPI has limited capabilities to filter unwanted packets from the wireless device side since the DPI filter in the network has no understanding of which applications are really running on the device.
Therefore, what is needed is a method, system and apparatus for filtering unsolicited packets to a targeted wireless communication device in a wireless communication system.