TELECOMMUNICATIONS SYSTEM FOR BLOCKING SPOOFED CALLS

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Information Disclosure Statement The information disclosure statement submitted on 11/21/2023 have been considered by the examiner and made of record in the application file. Claim Rejections - 35 USC § 102 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention. (a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention. Claims 1-20 are rejected under U.S.C. 102(a)(1) and 102(a)(2) as being anticipated by Filart et al. (US 10681556 B2, hereinafter Filart). Consider Claim 1, Filart discloses a system of a telecommunications network, the system comprising: an interconnect session border controller (I-SBC) configured as a network element disposed at a border between the telecommunications network and peer telecommunications networks, the I-SBC including: at least one network interface; (Paragraph 23, the SIP server 126 may include input/output interface(s) 202. The input/output interface(s) 202 may include any type of output interface known in the art). at least one hardware processor; and (paragraph 24, the SIP server 126 may include one or more processor(s) 206 that are operably connected to memory 208). at least one non-transitory memory storing instructions, which, when executed by the at least one hardware processor, cause the I-SBC to: (Paragraph 26, the memory 208 may further include non-transitory computer-readable media, such as volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information, such as computer-readable instructions, data structures, program modules, or other data). receive an inbound call over the at least one network interface, wherein the inbound call is associated with a Session Initiation Protocol (SIP) identifier; (Paragraph 23, the network interface(s) 204 may include a radio transceiver that performs the function of transmitting and receiving radio frequency communications via an antenna). cause a Spoofed Call Identification Function (SCIF) to compare the SIP identifier of the inbound call against a list of allowable SIP identifiers; (Paragraph 30, the network interface(s) 204 may include a radio transceiver that performs the function of transmitting and receiving radio frequency communications via an antenna. a data comparison is performed between the SIP INVITE message and known subscriber account data. the spoof mitigation component 220 may compare the SIP INVITE message data with known subscriber account data that is associated with the legitimate, originating device) receive an indication from the SCIF that the SIP identifier of the inbound call does not match any identifier on the list of allowable SIP identifiers, wherein any inbound call associated with any SIP identifier that does not match any SIP identifier on the list of allowable SIP identifiers is designated as an illegitimate call; and (paragraph 33, if the most recent instance of registration data indicates that the originating device is within a first PLMN (i.e. HPLMN or VPLMN), and the origin network identified within the SIP INVITE message indicates that the originating device is within a second PLMN that is different from the first PLMN (i.e. VPLMN or HPLMN), the mismatch may indicate that the identity of the originating device may be spoofed, and is likely unreliable). reject the inbound call as an illegitimate call, wherein the illegitimate call is not forwarded to an IP Multimedia Subsystem (IMS) of the telecommunications network. (Paragraph 39, the spoof mitigation component 220 may selectively terminate the call request for the VoIP communication based on an inference that the call request is associated with a spoof communication. the spoof mitigation component 220 may reply to the SIP INVITE message with a “not accepted” response, which similarly prevents the VoIP communication session from being established). Consider Claim 2, Filart discloses the system of claim 1, wherein the inbound call is a first inbound call, and wherein the system is further caused to: receive a second inbound call whose SIP identifier matches at least one identifier on the list of allowable SIP identifiers; receive an indication from the SCIF that the second inbound call is a legitimate call; and in response to the indication of the legitimate call from the SCIF, cause the I-SBC to admit the second inbound call. (Paragraph 64, the SIP server may determine that the spoof-likelihood score is less than the first predetermined spoof threshold and the second predetermined spoof threshold. the spoof-likelihood score is a low spoof-likelihood score, the SIP server may infer that the identity of the originating device is likely reliable. In doing so, the SIP server may transmit the SIP INVITE message to the recipient device to facilitate establishing the VoIP communication session between the originating device and the recipient device). Consider Claim 3, Filart discloses the system of claim 2 further caused to: upon receiving an indication from the SCIF that the inbound call is legitimate, cause the I-SBC to forward the second inbound call to the IMS of the telecommunications network. (Paragraph 20, a gateway 138 may interface with the IMS core 112 and the LTE core 108. The gateway 138 may include one or more servers and related components that are tasked with providing connectivity between the IMS core 112, the LTE core 108, the client device(s) 110(1)-110(N), and the internet 140. More specifically, the gateway 138 may act as a point of entry and exit for network traffic into the telecommunications network 106). Consider Claim 4, Filart discloses the system of claim 1, wherein to receive the inbound call over the at least one network interface comprises further causing the system to: receive the inbound call from an enterprise services partner of a network operator of the telecommunications network, wherein the enterprise services partner is configured to include a unique SIP identifier known to the network operator. (Paragraph 24, the SIP server 126 may include one or more processor(s) 206 that are operably connected to memory 208. In at least one example, the one or more processor(s) 206 may be a central processing unit(s) (CPU), graphics processing unit(s) (GPU), or both a CPU and GPU or any other sort of processing unit(s). Each of the one or more processor(s) 206 may have numerous arithmetic logic units (ALUs) that perform arithmetic and logical operations as well as one or more control units (CUs) that extract instructions and stored content from processor cache memory, and then execute these instructions by calling on the ALUs, as necessary during program execution). Consider Claim 5, Filart discloses the system of claim 1, wherein to receive the inbound call over the at least one network interface comprises further causing the system to: receive the inbound call from an enterprise services partner of a network operator of the telecommunications network, wherein the enterprise services partner is configured to include a unique SIP identifier known to the network operator, wherein the SCIF is a hardware network element in the telecommunications network, and wherein the SCIF has at least one network interface that is communicatively coupled with the I-SBC. (Paragraph 15, the IBCF 124 is a network element deployed to protect the telecommunications network 106. The IBCF 124 may provide the telecommunications network 106 with measurements, access control, and data conversion facilities of communications received that the network edge. Paragraph 16, the SIP server 126 may correspond to one of the I-CSCF 118 or the S-CSCF 120. In other examples, the SIP server 126 may be separate and communicatively coupled to the I-CSCF 118 or S-CSCF 120). Consider Claim 6, Filart discloses the system of claim 1, wherein to receive the inbound call over the at least one network interface comprises further causing the system to: receive the inbound call from an enterprise services partner of a network operator of the telecommunications network, wherein the enterprise services partner is configured to include a unique SIP identifier known to the network operator, and wherein the SCIF is collocated and integrated into the I-SBC. (Paragraph 14, the IMS core 112 may include application function(s) (AF) 114, such as a Proxy Call Session Control Function (P-CSCF) 116, an Interrogating Call Session Control Function (I-CSCF) 118, and a Serving Call Session Control Function (S-CSCF) 120, a Telephony Application Server (TAS) 122, an Interconnection Border Control Function (IBCF) 124, and a SIP server 126. The P-CSCF 116 behaves like a proxy by accepting requests and serving them internally or forwarding them towards to the I-CSCF 118 and S-CSCF 120. The S-CSCF 120 acts as a Session Initiation Protocol (SIP) registrar and in some cases as a SIP redirect server( see fig.1)). Consider Claim 7, Filart discloses the system of claim 1, wherein to receive the inbound call over the at least one network interface comprises further causing the system to: receive the inbound call from an enterprise services partner of a network operator of the telecommunications network, wherein the enterprise services partner is configured to include a unique SIP identifier known to the network operator, and wherein the SCIF is implemented as a software feature in a cloud storage service, and wherein the cloud storage service is communicatively coupled with the I-SBC. (Paragraph 14, The S-CSCF 120 is responsible for processing the location registration of a client device, client authentication, and call routing and processing. The I-CSCF 118 is tasked with selecting an S-CSCF 120 for serving an initial SIP request, particularly when a client device initiating the request does not know which S-CSCF 120 should receive the request(see fig 1)). Consider Claim 8, Filart discloses the system of claim 1, wherein to receive the inbound call over the at least one network interface comprises further causing the system to: receive the inbound call from an enterprise services partner of a network operator of the telecommunications network, wherein the enterprise services partner is configured to include a unique SIP identifier known to the network operator, and wherein the list of allowable SIP identifiers is stored in a cloud storage service, and wherein the SCIF is communicatively coupled to the cloud storage service. (Paragraph 43, a determination and mitigation of a spoof communication may be performed by a spoof mitigation module of a SIP server associated with an HPLMN. variations and modifications can be made such that the spoof mitigation module may be remotely executable on a separate server or a separate computing device that is communicatively coupled to the SIP server(see fig. 1)). Consider Claim 9, Filart discloses a system of a telecommunications network, the system comprising: an interconnect session border controller (I-SBC) configured as a network element disposed at a border between the telecommunications network and peer telecommunications networks, the I-SBC including: at least one network interface; (Paragraph 23, the SIP server 126 may include input/output interface(s) 202. The input/output interface(s) 202 may include any type of output interface known in the art). at least one hardware processor; and (paragraph 24, the SIP server 126 may include one or more processor(s) 206 that are operably connected to memory 208). at least one non-transitory memory storing instructions, which, when executed by the at least one hardware processor, cause the I-SBC to: (Paragraph 26, the memory 208 may further include non-transitory computer-readable media, such as volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information, such as computer-readable instructions, data structures, program modules, or other data). receive an inbound call over the at least one network interface; compare an IP address of the inbound call against a list of allowable IP addresses; (Paragraph 21, the spoof mitigation module 102 may be configured to determine whether an incoming VoIP communication request is a spoof communication. The SIP server 126 is configured to detect receipt of a SIP INVITE message and further determine whether the PLMN identified within the most recent instance of registration data of an originating device corresponds with the origin network from which the SIP INVITE message was sent. The origin network may be identified within the SIP INVITE message. A match would indicate that the identity of the originating device is likely reliable). determine that the inbound call is an illegitimate call, wherein an illegitimate call is one which is received by the I-SBC from an IP address that does not match any IP address on the list of allowable IP addresses; and reject the illegitimate call by not forwarding it to a telecommunications network. (Paragraph 39, the spoof mitigation component 220 may selectively terminate the call request for the VoIP communication based on an inference that the call request is associated with a spoof communication. the spoof mitigation component 220 may reply to the SIP INVITE message with a “not accepted” response, which similarly prevents the VoIP communication session from being established). Consider Claim 10, Filart discloses the system of claim 9, wherein the inbound call is a first inbound call, and wherein the system is further caused to: receive a second inbound call whose IP address matches at least one IP address on the list of allowable IP addresses; cause the I-SBC to identify the second inbound call as a legitimate call; and admit the call by forwarding it to a telecommunications network. (Paragraph 64, the SIP server may determine that the spoof-likelihood score is less than the first predetermined spoof threshold and the second predetermined spoof threshold. In this instance, the spoof-likelihood score is a low spoof-likelihood score, the SIP server may infer that the identity of the originating device is likely reliable. In doing so, the SIP server may transmit the SIP INVITE message to the recipient device to facilitate establishing the VoIP communication session between the originating device and the recipient device). Consider Claim 11, Filart discloses the system of claim 10 further caused to: upon receiving a legitimate call, cause the I-SBC to forward the second inbound call to an IP Multimedia Subsystem (IMS) of the telecommunications network. (Paragraph 20, a gateway 138 may interface with the IMS core 112 and the LTE core 108. The gateway 138 may include one or more servers and related components that are tasked with providing connectivity between the IMS core 112, the LTE core 108, the client device(s) 110(1)-110(N), and the internet 140. More specifically, the gateway 138 may act as a point of entry and exit for network traffic into the telecommunications network 106). Consider Claim 12, Filart discloses the system of claim 9, wherein to receive the inbound call over the at least one network interface comprises further causing the system to: receive, by the I-SBC, the inbound call from an enterprise services partner of a network operator of the telecommunications network, wherein the enterprise services partner is configured to send calls to the telecommunications network from an IP address that is known to the telecommunications network operator. (Paragraph 24, the SIP server 126 may include one or more processor(s) 206 that are operably connected to memory 208. In at least one example, the one or more processor(s) 206 may be a central processing unit(s) (CPU), graphics processing unit(s) (GPU), or both a CPU and GPU or any other sort of processing unit(s). Each of the one or more processor(s) 206 may have numerous arithmetic logic units (ALUs) that perform arithmetic and logical operations as well as one or more control units (CUs) that extract instructions and stored content from processor cache memory, and then execute these instructions by calling on the ALUs, as necessary during program execution). Consider Claim 13, Filart discloses the system of claim 9, wherein to receive the inbound call over the at least one network interface comprises further causing the system to: receive, by the I-SBC, the inbound call from an enterprise services partner of a network operator of the telecommunications network, wherein the enterprise services partner is configured to send calls to the telecommunications network from an IP address that is known to the telecommunications network operator, and wherein the list of allowable IP addresses is stored in the I-SBC. (Paragraph 54, at 314, the SIP server may determine that the PLMN identified within the most recent instance of registration data within the HPLMN matches the origin network, the origin network having been identified as the network from which the SIP INVITE was sent, or the network identified within the SIP INVITE message. In this instance, the SIP server may infer that the identity of the originating device is likely reliable. In doing so, the SIP server may transmit the SIP INVITE message to the recipient device to facilitate establishing the VoIP communication session between the originating device and the recipient device). Consider Claim 14, Filart discloses the system of claim 9, wherein to receive the inbound call over the at least one network interface comprises further causing the system to: receive, by the I-SBC, the inbound call from an enterprise services partner of a network operator of the telecommunications network, wherein the enterprise services partner is configured to send calls to the telecommunications network from an IP address that is known to the telecommunications network operator, and wherein the list of allowable IP addresses is stored in a cloud storage service, and wherein the cloud storage service is communicatively coupled with the I-SBC. (Paragraph 43, fig. 3 illustrates a process for determining whether an incoming VoIP communication request is a spoof communication. A determination and mitigation of a spoof communication may be performed by a spoof mitigation module of a SIP server associated with an HPLMN. In this example, the spoof mitigation module is included within the SIP server. However, variations and modifications can be made such that the spoof mitigation module may be remotely executable on a separate server or a separate computing device that is communicatively coupled to the SIP server). Consider Claim 15, Filart discloses a non-transitory, computer-readable storage medium comprising instructions recorded thereon, wherein the instructions, when executed by at least one data processor of a system, cause the non-transitory, computer-readable storage medium to cause a system of a telecommunications network comprising an interconnect session border controller (I-SBC) having at least one network interface to: receive an inbound call over the at least one network interface of the I-SBC, wherein a unique call attribute known to a network operator of the telecommunications network is associated with the inbound call; cause a Spoofed Call Identification Function (SCIF) to compare the unique call attribute of the inbound call against a list of allowable unique call attributes; (Paragraph 23, the network interface(s) 204 may include a radio transceiver that performs the function of transmitting and receiving radio frequency communications via an antenna). cause the SCIF to determine that the inbound call’s unique call attribute does not match any unique call attribute on the list of allowable unique call attributes, wherein when the unique call attribute of the inbound call does not match any unique call attribute on the allowable unique call attribute list, the SCIF identifies the inbound call as an illegitimate call; and (paragraph 33, if the most recent instance of registration data indicates that the originating device is within a first PLMN (i.e. HPLMN or VPLMN), and the origin network identified within the SIP INVITE message indicates that the originating device is within a second PLMN that is different from the first PLMN (i.e. VPLMN or HPLMN), the mismatch may indicate that the identity of the originating device may be spoofed, and is likely unreliable). cause the SCIF to reject the call by not forwarding it to a telecommunications network. (Paragraph 39, the spoof mitigation component 220 may selectively terminate the call request for the VoIP communication based on an inference that the call request is associated with a spoof communication. the spoof mitigation component 220 may reply to the SIP INVITE message with a “not accepted” response, which similarly prevents the VoIP communication session from being established). Consider Claim 16, Filart discloses the non-transitory, computer-readable storage medium of claim 15, wherein when the I-SBC receives an inbound call whose unique call attribute matches at least one unique call attribute on the list of allowable unique call attributes, the system is further caused to: determine, by the SCIF, the inbound call as a legitimate call; cause the SCIF to admit the call by forwarding it to a telecommunications network. (Paragraph 15, the IBCF 124 is a network element deployed to protect the telecommunications network 106. The IBCF 124 may provide the telecommunications network 106 with measurements, access control, and data conversion facilities of communications received that the network edge. Paragraph 16, the SIP server 126 may correspond to one of the I-CSCF 118 or the S-CSCF 120. In other examples, the SIP server 126 may be separate and communicatively coupled to the I-CSCF 118 or S-CSCF 120). Consider Claim 17, Filart discloses the non-transitory, computer-readable storage medium of claim 16, wherein at least one network interface of the I-SBC is connected to an IP Multimedia Subsystem (IMS) network, and wherein the system is further caused to: upon determination by the SCIF that the inbound call is legitimate, cause the SCIF to forward the call to the IMS network. (Paragraph 20, a gateway 138 may interface with the IMS core 112 and the LTE core 108. The gateway 138 may include one or more servers and related components that are tasked with providing connectivity between the IMS core 112, the LTE core 108, the client device(s) 110(1)-110(N), and the internet 140. More specifically, the gateway 138 may act as a point of entry and exit for network traffic into the telecommunications network 106). Consider Claim 18, Filart discloses the non-transitory, computer-readable storage medium of claim 15, wherein to receive the inbound call over the at least one network interface comprises further causing the system to: receive, by the I-SBC, the inbound call from an enterprise services partner of the telecommunications network operator, wherein the enterprise services partner is configured to include the unique call attribute in the inbound call. (Paragraph 15, the IBCF 124 is a network element deployed to protect the telecommunications network 106. The IBCF 124 may provide the telecommunications network 106 with measurements, access control, and data conversion facilities of communications received that the network edge. Paragraph 16, the SIP server 126 may correspond to one of the I-CSCF 118 or the S-CSCF 120. In other examples, the SIP server 126 may be separate and communicatively coupled to the I-CSCF 118 or S-CSCF 120). Consider Claim 19, Filart discloses the non-transitory, computer-readable storage medium of claim 15, wherein to receive the inbound call over the at least one network interface comprises further causing the system to: receive, by the I-SBC, the inbound call from an enterprise services partner of a network operator of the telecommunications network, wherein the enterprise services partner is configured to include the unique call attribute in the inbound call, and wherein the unique call attribute is a SIP identifier. (Paragraph 24, the SIP server 126 may include one or more processor(s) 206 that are operably connected to memory 208. In at least one example, the one or more processor(s) 206 may be a central processing unit(s) (CPU), graphics processing unit(s) (GPU), or both a CPU and GPU or any other sort of processing unit(s). Each of the one or more processor(s) 206 may have numerous arithmetic logic units (ALUs) that perform arithmetic and logical operations as well as one or more control units (CUs) that extract instructions and stored content from processor cache memory, and then execute these instructions by calling on the ALUs, as necessary during program execution). Consider Claim 20, Filart discloses the non-transitory, computer-readable storage medium of claim 15, wherein to receive the inbound call over the at least one network interface comprises further causing the system to: receive, by the I-SBC, the inbound call from an enterprise services partner of a network operator of the telecommunications network, wherein the enterprise services partner is configured to include the unique call attribute in the inbound call, and wherein the unique call attribute is an IP address. (Paragraph 14, the IMS core 112 may include application function(s) (AF) 114, such as a Proxy Call Session Control Function (P-CSCF) 116, an Interrogating Call Session Control Function (I-CSCF) 118, and a Serving Call Session Control Function (S-CSCF) 120, a Telephony Application Server (TAS) 122, an Interconnection Border Control Function (IBCF) 124, and a SIP server 126. The P-CSCF 116 behaves like a proxy by accepting requests and serving them internally or forwarding them towards to the I-CSCF 118 and S-CSCF 120. The S-CSCF 120 acts as a Session Initiation Protocol (SIP) registrar and in some cases as a SIP redirect server( see fig.1)). Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHELE CAMILLE DOUGLAS whose telephone number is (571)270-0458. The examiner can normally be reached Monday - Friday 6:30 am - 5:00 pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Matthew Anderson can be reached at 571-272-4177. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /MICHELE C DOUGLAS/Examiner, Art Unit 2646 /MATTHEW D. ANDERSON/Supervisory Patent Examiner, Art Unit 2646