The present invention relates to packet transmission and, more particularly, to the filtering of packets transmitted over SS7 and other packet transmission networks.
At each signaling point of a Signaling System 7 (SS7) network is some type of computer element that has a network card connecting the point to the network. These network cards are designed to operate in accordance with the SS7 protocol, which defines standards for communication between signaling points.
Among those signaling points are Signal Transfer Points (STPs). These are switching elements of SS7 networks that route SS7 packets between network endpoints. Signal Transfer Points perform signal routing, packet integrity controls and routing analysis of SS7 packets.
Signal Transfer Points are essentially network routers which do not have sophisticated packet-filtering processors and thus have limited inherent security capabilities. This makes Signal Transfer Points vulnerable to viruses and various network vulnerabilities. Packets known to be, or at least suspected of, carrying viruses or constituting other kinds of threats are referred to herein as “malicious” packets.