Claims:WE CLAIM:
1. A method for performing lawful interception in a communication network, the method comprising:
detecting in real-time, via at least one network device, adulteration in communication data based on comparison of a set of adulteration parameters derived from the communication data with associated thresholds within a set of thresholds;
analyzing, via the at least one network device, adulterated content in the communication data to determine feasibility of correcting the adulterated content based on satisfaction of predefined criteria; and
correcting, selectively, the adulterated content based on satisfaction of the predefined criteria.
2. The method of claim 1 further comprising monitoring, by the at least one network device, a set of network parameters to detect a change in one or more of the set of network parameters.
3. The method of claim 2, wherein the set of network parameters are selected from a group comprising network congestion, network choke, packet queueing, buffer overflows, insufficient network coverage, link unavailability, network delays, packet drops, and users involved in session for the communication data.
4. The method of claim 2 further comprising dynamically adapting one or more of the set of thresholds in response to detecting a change in one or more of the set of network parameters.
5. The method of claim 4, wherein the one or more of the set of thresholds are dynamically adapted in real time.
6. The method of claim 1, wherein the set of adulteration parameters are selected from a group comprising packets with insufficient hop length, packets with unused protocol headers filled in, packets with invalid, not used, or intentionally misleading Real-time Transport Protocol (RTP) header contents (for example, an old time stamp), interval between retransmission of the same packet, packets with difference in content between the initially sent and retransmitted version(s) of the same packet, packets with unacceptable protocol or packet header values, port changes, RST and other flag adulterations, packets with insufficient or invalid TTL contents, and packets with content length lower than the minimum possible content length for that packet type or protocol.l
7. The method of claim 1, wherein the predefined criteria comprises meeting a confidence level of accuracy in correcting the adulterated content.
8. The method of claim 1, wherein correcting comprises:
identifying unwanted packets within the communication data; and
determining a confidence level of accurately identifying the unwanted packets, wherein the confidence level satisfies one of a set of confidence level ranges.
9. The method of claim 8 further comprising removing the unwanted packets from the communication data in response to the identifying.
10. The method of claim 9 further comprising sending a corrected data stream to a lawful interception gateway in response to removing the unwanted packets.
11. The method of claim 9 further comprising sending to a lawful interception gateway, through a secondary data stream, at least one of removed unwanted packets and information associated with the removed unwanted packets based on a confidence level range which the confidence level satisfies.
12. The method of claim 9 further comprising retaining the unwanted packets in the communication data in response to the identifying, when the confidence level is within lowest confidence level range.
13. The method of claim 1 further comprising sending additional information to a lawful interception gateway, the additional information comprising at least one of entity causing adulteration, means of adulteration, frequency of adulterated packets, which adulteration parameter thresholds were crossed, and at least one of indication of inability to correct the adulterated content along with the reason and other relevant information, and indication of adulterated content being corrected along with relevant information.
14. The method of claim 1 further comprising:
sending feedback comprising information associated with the adulteration identified to a controller; and
adapting the set of threshold based on the feedback for future communication sessions.
15. A system for performing lawful interception in a communication network, the system comprising at least one network device comprising:
at least one processors; and
a computer-readable medium storing instructions that, when executed by the at least one processor, cause the at least one processor to perform operations comprising
detecting in real-time, via at least one network device, adulteration in communication data based on comparison of a set of adulteration parameters derived from the communication data with associated thresholds within a set of thresholds;
analyzing, via the at least one network device, adulterated content in the communication data to determine feasibility of correcting the adulterated content based on satisfaction of predefined criteria; and
correcting, selectively, the adulterated content based on satisfaction of the predefined criteria.
16. The system of claim 15, wherein the operations further comprise monitoring, by the at least one network device, a set of network parameters to detect a change in one or more of the set of network parameters.
17. The system of claim 16, wherein the operations further comprise dynamically adapting one or more of the set of thresholds in response to detecting a change in one or more of the set of network parameters.
18. The system of claim 15, wherein the operations further comprise:
identifying unwanted packets within the communication data; and
determining a confidence level of accurately identifying the unwanted packets, wherein the confidence level satisfies one of a set of confidence level ranges.
19. The system of claim 15, wherein the operations further comprise removing the unwanted packets from the communication data in response to the identifying.
20. The method of claim 19, wherein the operations further comprise sending a corrected data stream to a lawful interception gateway in response to removing the unwanted packets.
21. The system of claim 19, wherein the operations further comprise sending to a lawful interception gateway, through a secondary data stream, at least one of removed unwanted packets and information associated with the removed unwanted packets based on a confidence level range which the confidence level satisfies.
22. The system of claim 19, wherein the operations further comprise retaining the unwanted packets in the communication data in response to the identifying, when the confidence level is within lowest confidence level range.
23. The system of claim 15, wherein the operations further comprise:
sending feedback comprising information associated with the adulteration identified to a controller; and
adapting the set of threshold based on the feedback for future communication sessions.
24. A non-transitory computer-readable storage medium for lawful interception in a communication network, when executed by a computing device, cause the computing device to:
detect in real-time, via at least one network device, adulteration in communication data based on comparison of a set of adulteration parameters derived from the communication data with associated thresholds within a set of thresholds;
analyze, via the at least one network device, adulterated content in the communication data to determine feasibility of correcting the adulterated content based on satisfaction of predefined criteria; and
correct, selectively, the adulterated content based on satisfaction of the predefined criteria.

Dated this on 30th day of September, 2015

Swetha SN
Of K&S Partners
Agent for the Applicant
, Description:TECHNICAL FIELD
This disclosure relates generally to lawful interception and more particularly to methods and systems for performing lawful interception in communication networks.