	US 11,799,897 B2
	Cybersecurity system for common interface of service-based architecture of a wireless telecommunications network
Venson Shaw, Kirkland, WA (US); and Gaviphat Lekutai, Kirkland, WA (US)
Assigned to T-Mobile USA, Inc., Bellevue, WA (US)
Filed by T-Mobile USA, Inc., Bellevue, WA (US)
Filed on Aug. 4, 2022, as Appl. No. 17/880,895.
Application 17/880,895 is a continuation of application No. 17/154,985, filed on Jan. 21, 2021, granted, now 11,431,746.
Prior Publication US 2022/0377103 A1, Nov. 24, 2022
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); H04L 43/028 (2022.01); H04L 69/22 (2022.01); H04L 67/02 (2022.01); H04L 61/00 (2022.01)

CPC H04L 63/1433 (2013.01) [H04L 43/028 (2013.01); H04L 61/00 (2013.01); H04L 63/0236 (2013.01); H04L 63/14 (2013.01); H04L 63/1408 (2013.01); H04L 63/20 (2013.01); H04L 67/02 (2013.01); H04L 69/22 (2013.01)]

20 Claims

1. At least one non-transitory computer-readable storage medium, storing instructions, which, when executed by at least one processor of a telecommunications system, cause a fifth-generation (5G) telecommunications network to:

instantiate a security service configured to monitor multiple network functions (NFs) or associated services of a service-based architecture (SBA) of the 5G telecommunications network,

wherein the multiple NFs are communicatively interconnected over a hypertext transfer protocol version 2 (HTTP/2) interface, and

wherein the security service is configured to protect the SBA against a cyberattack;

detect potentially malicious network traffic communicated over the HTTP/2 interface in real time or near real-time;

identify a set of NFs or associated services of the SBA that are susceptible to a cyberattack based on the detected potentially malicious network traffic; and

allocate one or more security resources for the set of NFs or associated services.