Provided are methods of detecting a Diameter spoofing attack. According to an embodiment, the method comprises, obtaining a normal International Mobile Subscriber Identity (IMSI) from a packet of a Diameter S6a protocol transmitted from a Mobile Management Entity (MME) to a Home Subscriber Server (HSS) of a home network, adding a record comprising the normal IMSI to a session table, obtaining an Insert Subscriber Data Request (IDR) message of the Diameter S6a protocol and determining a category of the IDR message.

A calling user initiates a telephonic communication with a receiving user by dialing a phone number of the receiving user in his or her address book. The communication is transmitted from the calling user's device to the receiving user's device through a network that is not using Internet protocol or Internet-based, e.g., Transmission Control Protocol (TCP), Internet Protocol (IP), TCP-IP, or Voice over Internet Protocol (VoIP). After a number of notifications has passed on the receiving user's device and the receiving user is not able to answer the telephonic communication, a local voicemail recorder will be activated to record and store the telephonic communication for later retrieval by the receiving user. The stored communication is identifier by a sequence of string containing at least one of a name, a telephone number, a storage location, a date-time attribute, and a duration associated with the stored communication.

A Third Generation Partnership Project (3GPP) based network, such as an enterprise private 3GPP network, is operative to provide a guest onboarding of a device using a realm-based discovery of an identity provider and a mutual authentication of identity federation peers. A secure connection may be established between the peers so that the device may be authenticated based on credentials associated with a Subscriber Identity Module (SIM) provided by its Mobile Network Operator (MNO). Credentials may be extended to those associated with embedded SIMs (eSIMs), digital certificates from private enterprises, login and passwords, and identities from a wide range of identity providers. After device authentication, the 3GPP-based network is operative to select and enforce access policies according to an identity or other attribute of the device.

A method for transmitting a subscription profile from an MNO to a secure element pre-provisioned with a temporary profile comprising a unique identifier, MCC and MNC, includes:Transmitting from the MNO the unique identifier to a SM-DP;Creating the subscription profile at the SM-DP;Provisioning in a D-HSS server having the first MCC/MNC the unique identifier and a temporary IMSI comprising a second MCC, a second MNC;Provisioning in the MNO the temporary IMSI and an ephemeral key;At the first attempt of the secure element to connect to the D-HSS server, exchanging data in signaling messages for provisioning the secure element with the temporary IMSI;At the next attempt of the secure element to connect to the MNO network with the temporary IMSI, open an APN and send from the SM-DP to the secure element the subscription profile.

Systems and methods for reducing fall back from long term evolution voice calls (VoLTE) to legacy systems. The system can include one or more lookup tables including ranges of internet protocol (IP) addresses for a plurality of user equipment (UE). The lookup tables can be stored on one or more network entities, such as on a proxy call session control function (PCSCF). In the event that a policy charging rules function (PCRF) is unable to establish a Gx session with the relevant packet gateway (PGW), the PCSCF can provide the name and/or the IP address for the appropriate PGW to the PCRF. The PCRF can then send a session request AVP to the IP address to cause the PGW to initiate Gx binding. The system enables VoLTE calls to be established despite problems with the PCRF and reduces fallback to legacy systems.

A method for providing individualized communication service includes (1) recognizing a first client being communicatively coupled to a first local communication network, (2) determining an identity of the first client, (3) transporting first data between the first client and a first operator communication network, using the first local communication network in accordance with a first service profile associated with the first client, and (4) transporting the first data using the first operator communication network in accordance with the first service profile.

A database stores unique associations between account identifiers and mobile-network telephone numbers assigned by a mobile network to mobile communications devices. The account identifiers are also associated with voice-over-IP (VoIP) telephone numbers. Voice calls between the mobile communications devices are made as voice-over-IP (VoIP) calls using respective VoIP telephone numbers. Tracking of the VoIP calls is performed through the mobile network using respective mobile-network telephone numbers, so that a prepaid balance can be enforced.

Apparatuses, systems, and methods to perform attachment of a wireless device to a next generation gateway via either a base station of a next generation radio access network (RAN) or a mobility management entity of a legacy RAN. An apparatus may be configured to receive an attachment request from a wireless device, determine authentication information via communication with a home subscriber server, determine, based at least in part on the authentication information, whether the wireless device is capable of communicating via the next generation RAT, and send, in response to determining the wireless device is capable, a connection request to a gateway of the next generation RAN. The authentication information may include subscription information associated with the wireless device.

A communication session for a UE can be restored in the event of serving call session control function (S-CSCF) node unavailability and/or application server (AS) unavailability by storing, prior to IMS unavailability, attribute-value pairs (AVPs) at a home subscriber server (HSS). These AVPs can be used independently by individual IMS nodes to restore a communication session for a UE due to an unavailable IMS node. When a first S-CSCF node becomes unavailable, a proxy CSCF (P-CSCF) node can send a SIP request originating from the UE to a second S-CSCF node. The second S-CSCF node can then send a request to the HSS for an identifier of an AS associated with the UE. Upon receipt of the AS identifier (e.g., an active AS name AVP) from the HSS, the second S-CSCF node can send the SIP request to the AS in order to restore the communication session for the UE.

Method, device, network and network entity for providing at least one Internet Protocol, IP, service application from a subscriber's multimedia device in an IP multimedia network. The method comprises executing at least one IP service application on the device and/or on an auxiliary device associated with the device. A Domain Name System, DNS, service is provided being executed on the device the DNS service relating to a domain associated with the subscriber. The DNS service has a memory associated therewith. In the memory information is stored relating to DNS resource records in accordance with the at least one IP service application that is being executed on the device and/or in the auxiliary device at that moment. An indication of the device's capability to execute a DNS service is deposited with the IP multimedia network. The indication comprises a network address on which the DNS service can be reached for a DNS query.