| 主权项 |
1. A method, implemented on a server, to detect fake cell towers in a network operator's network, the method comprising:
receiving live data comprising any of crowd-sourced data and tower data, wherein the crowd-sourced data is received from a plurality of cell phones operating on the network and the tower data is received from cell towers in the network; performing live data analysis on the live data and reference data, wherein the live data analysis compares the live data and the reference data to determine statistically significant patterns only shown in the live data, wherein the reference data comprises samples of the live data without fake cell towers included therein; detecting the fake cell towers based on the live data analysis and indications of the statistically significant patterns, wherein the fake cell towers are Man in the Middle (MITM) devices in the network which collect data and forward the data to a real cell tower such that a user is unaware; and characterizing the fake cell towers based on any of the tower data, the crowd sourced data, and backhaul data, wherein any of the tower data, the crowd sourced data, and the backhaul data is extracted separately for captured devices which associate with the fake cell towers and devices that escaped capture which are in range of the fake towers, wherein the characterizing uses statistical methods to compare data from the captured devices and the devices that escaped capture. |
