1. Field of the Invention
The present invention generally relates to communication systems, and more particularly to an apparatus and method for tracing a GPRS tunnel protocol resource so as to manage an attack of DDOS (Distributed Denial of Service) from outside to GGSN or an error of a packet transmission of a particular subscriber by tracing allotted resources of a GTP user message trafficked between SGSN (Serving GPRS Support Node) and GGSN.
2. Discussion of the Related Art
In general, a mobile communication system is divided into a packet exchanger providing a service such as an Internet connection and a circuit exchanger providing a conventional telephone network connection. These connections are described in greater detail below.
FIG. 1 shows a related-art packet-type mobile communication system. The packet-type mobile communication system, as illustrated in FIG. 1, includes an internet protocol network 5, a GGSN: Gateway GPRS (General packet radio service) Support Node 20, a SGSN: Serving GPRS Support Node 10, a RNS: Radio Network Subsystem 6, a HLR: Home Location Register 4, a network management center 3, and a radio network subsystem management center 2.
The GGSN performs a gateway function for establishing a connection to the Internet protocol network. The SGSN is connected to the GGSN through the GPRS network to manage mobility of a mobile system 1 in packet mode and to perform the function of the packet exchanger. The HLR is connected to the SGSN for managing subscription information and location information of a packet service subscriber. The RNS manages wireless resources, allocates traffic channels, and transmits/receives data to/from the mobile system. The network management center and the radio network subsystem management center perform functions such as tracing and watching the packet calls.
FIG. 2 shows a related-art GTP resource tracing system for tracing a call and transmitting the call to an operator whenever a GTP control message (GPRS tunnel protocol control message, hereinafter abbreviated ‘GTP-C’) is received from the SGSN 10 or the Internet protocol network 5. This system includes the GGSN 20 directly connected to an external packet data network (internet) for performing tunneling and routing functions. The SGSN is connected to the GGSN through the GPRS for managing the mobility of the packet-type mobile system and for performing the function of the packet exchanger. An MMI (Man Machine Interface) 30 serves as an interface for a call-tracing request signal and call-tracing information of a corresponding call for a particular subscriber between the operator and the GGSN.
More specifically, as illustrated in FIG. 2, the GGSN includes a call tracing unit 24, a call manager 26, and a tracing information DB 25. The tracing information DB stores information of a call tracing in progress. The call-tracing unit traces a corresponding GTP-C and reports the resource information (hereinafter abbreviated GTP resource information) reserved by a corresponding message to the operator when a call tracing request signal for a particular subscriber is received from the operator through the MMI. In other words, upon receiving the call tracing request signal from the operator, the call-tracing unit sets a GTP-C tracing function by storing an identification information (hereinafter ‘tracing information’) of a tracing object subscriber included in the corresponding message into the tracing information DB, and reports the GTP resource information to the operator through the MMI when the GTP resource information is received from the call manager.
The call manager 26 generates a tunnel between the SGSN and the GGSN, confirms whether the GTP-C tracing function for the corresponding subscriber is set by searching the tracing information DB when the GTP-C is received through the generated tunnel, and transmits the corresponding GTP resource information to the call-tracing unit if the GTP-C tracing function is set. In this case, the tracing information is stored in the tracing information DB by the call tracing unit, and the tracing information stored in the tracing information DB is searched by the call manager.
However, there are problems in the related-art GTP resource tracing method For example, CS (Circuit Service) base, since a call is managed only for a voice message subscriber, only a signal message corresponding to the GTP-C is traced. Therefore, all information cannot be traced because a resource allotted at a step of signaling is not changed in a process of transmitting voice data.
However, in a PS (Packet Service) base, the resource determined at the step of signaling may not be fixed as the related-art CS base, but may be changed in the process of transmitting data. Therefore, when call tracing is carried out only for the GTP-C, tracing for the GTP-U that is current user data generated from the SGSN or a GTP-U message received through the internet is not carried out from the reserved resource in the exchanger.
When trouble occurs in a packet transmitted from the SGSN, it is difficult for an operator of the exchanger to troubleshoot the underlying problem because it is difficult to exactly determine which interface unit is having the trouble.
Furthermore, in a case of the GTP-C trafficked from the Internet, when the corresponding message is under an attack of DDOS, the interface being attacked is not identified. Therefore, fast troubleshooting is not possible and there is a serious problem of damaging security and reliability of the exchanger.