MXPA00006149A

MXPA00006149A - System and method for the early detection of cellular telephone piracy

Info

Publication number: MXPA00006149A
Application number: MXPA/A/2000/006149A
Authority: MX
Inventors: Shridharan Balachandran
Original assignee: Ericsson Inc
Priority date: 1997-12-22
Filing date: 2000-06-21
Publication date: 2001-12-04

Abstract

A method and system for early piracy detection in a cellular telecommunications network is disclosed. When in idle mode, a network subscriber Mobile Station (MS) transmits a Current Location Identifier message (CLID) on a pseudo-random basis. The CLID, which contains MS identifying information, is picked up by the network and relayed to the Mobile Switching Center (MSC) covering the area in which the MS is currently located. When it receives the CLID, the MSC generates an MS-CLID message containing the CLID and the identifier of the nodes through which it has passed, including that of the MSC itself. The MS-CLID message is then sent to the system Home Location Register (HLR), which compares the MS identification and location information to that stored in its database. The system generates a piracy alarm when the comparison determines that another caller using the same identity is currently active or that a call being initiated is originating from a location distant to the last reported location of the legitimate MS, allowing the system operator to take action prior to the loss of inordinate amounts of air time.

Description

SYSTEM AND METHOD FOR EARLY IADETECTION OF TELEPHONE OR CELLULAR PIRACY BACKGROUND OF THE INVENTION • TECHNICAL FIELD OF THE INVENTION 5 The present invention relates to cellular telephone networks and, particularly to a system and method for the early detection of cellular piracy, more particularly, the invention relates to a system and method wherein the system operator can take measures to stop the use • 10 unauthorized system when activating a piracy alarm signal. DESCRIPTION OF THE RELATED TECHNIQUE The evolution of wireless communication in the last century, since the demonstration made in 1897 by Guglielmo 15 Marconi of the radio's ability to provide continuous contact with ships sailing in the English Channel has been remarkable. Since the discovery of Marconi, • new wired and wireless communication methods, services and standards have been adopted worldwide. This evolution has accelerated, especially in the last ten years, during which the mobile radiocommunication industry has grown by orders of magnitude, encouraged by numerous technological advances that have made portable equipment for small and medium-sized businesses increasingly smaller, cheaper and more reliable. 25 radio communication. The exponential growth of mobile telephony will continue to increase in the coming decades, since this wireless network interacts with existing wired networks and will eventually surpass them. In order to promote the compatibility of the equipment and 5 operations of several public land mobile networks (PLMN), air interface standards have been developed and are currently being implemented. In North America, the most widely used standard protocol is Advanced Mobile Phone Systems (AMPS), which is now • 10 complemented by a digital version (D-AMPS). Another standard of this type is the Global System for Mobile Communications (GSM), which is used throughout Europe and some parts of the United States of America. In each standard, the operators of PLMN establish a permanent team to cover an area geographic and enroll mobile subscribers. The operator invoices the subscriber for cellular service, said subscriber generally pays a basic charge in addition to a • variable charge depending on the use of the system by the subscriber. 20 Unfortunately, along with the popularity of cell phones, cellular piracy has come. A pirate scans the air interface to determine the presence of cell phones that initiate a connection to the PLMN, exploiting initialization procedures. To start a call, a Cellular Mobile Station (MS) transmits a signal first TO,*-. • «-; -» - in the air interface that r includes a unique MS identification information. This identification information indicates that a subscriber to the system requires • access to the cellular system, and said identification information is used by the PLMN to, among other things, bill the subscriber the call. A pirate who is listening and who intercepts the initial transmission can then replicate the signal and build a "clone", that is, a mobile station that transmits information from • 10 identical identification. When the clone then initiates a call using the subscriber's identity, the PLMN can not distinguish between the person making the call and the pirate and the legitimate subscriber; both will receive access to the system. The geographic location of the clone does not help to make any distinction since the subscriber can "move", that is, make and receive calls while outside. • from your home service area. Obviously, all uses are billed to the legitimate subscriber. Pirates 20 frequently operate a single clone for approximately one month, after which time the subscriber is likely to receive an excessively high bill for cellular service concepts and protest. Even though measures can be taken to avoid additional unauthorized uses, the PLMN operator "generally assumes the cost of the :. ^^^ _: __ ^ - ^^. I _ ^^^^^ __-__ ^^ -__ ^ ... ^. ^ Calls already made by the clone, resulting in the loss of thousands of dollars of income for time to air. This problem is more acute in the case of PLMNs # that operate under AMPS / D-AMPS protocols, which do not have 5 available techniques, such as in the GSM environment. Currently, the application of measures against pirates is difficult at best. Clones are quickly abandoned after short periods of use • 10 intensive, after which the pirate acquires another cloned identity. Accordingly, there is a need to find a way to detect the use of a clone earlier so that unauthorized use can be suspended and an attempt can be made to track the pirate before stealing amounts of time on the air. COMPENDIUM OF THE INVENTION To attack the above problems and other problems, the • present invention proposes a method and a system for initiating an alarm against clone immediately that occurs a potential piracy condition. In a preferred embodiment, an inactive mobile station (MS) that belongs to a legitimate subscriber in a cellular telephone network, when it is not connected, transmits a message ( Current Location (CLID) on a pseudo random basis. The CLID contains mobile station identification information.

The CLID is picked up by the Base Transceiver Station (BTS) and transmitted through the Base Station Controller (BSC) to a Message Switching Center (MSC). The MSC • assembles a location identifier message MS (MS-5 CLID) that contains the CLID and the identity of each node through which the CLID has passed. The MSC then transfers the MS-CLID to the Home Location Register (HLR) of the system, which checks to see if an entity that appears identical to the MS transmitting the CLID is currently active. • 10 If this is the case, there is a piracy condition and a clone alarm is transmitted to the system operator. Preferably, the frequency of the pseudo-random CLID transmissions can be varied by the system in accordance with the current geographic location of the Mobile Station. More frequent transmissions can be made in areas known to have important piracy operations. In another modality, it is carried out • an identity check in a separate Authentication / Privacy (APR) record to conserve HLR resources. In another embodiment, when the HRL receives a record from the MS or an MS-CLID, it updates its database in CLID to reflect the new location information of the mobile station. Preferably, the location information stored in the HLR database will be included in the last MS-CLID. 25 The HLR also initiates a transmission to the mobile station ^ a..j & _. in such a way that the mobile station can store in a non-volatile memory the MS-CLID stored in the HLR database. This stored MS-CLID is included by the mobile station when it transmits the next CLID. In this mode, when the HLR receives * then an MS-CLID, then in addition to checking for the presence of possible clones, it also verifies that the new MS-CLID also contains within the old MS-CLID previously returned to the mobile station. If this is not the case, a potential piracy condition exists because a clone is attempting to emulate the mobile station by transmitting a CLID, and a clone alarm is transmitted to the system operator. In another embodiment, the HLR also maintains information regarding the pseudo random pattern generation that determines when a mobile station will transmit a CLID. Even though a mobile station may not transmit a CLID in the next interval, for example because it is connected to # at that time, it is configured in this mode to transmit at an expected time. Upon receiving a 20 MS-CLID transmission, the HLR, in addition or alternatively to other comparisons, verifies that the CLID was sent at an appropriate time. If this is not the case, there is a potential piracy condition and a clone alarm is transmitted to the system operator. 25 Upon receiving a clone alarm, the system operator £ &mij & * * * - .. ,, ^ to ^ 3Ma ^ faait ^ a -.- w «.! - v. ^ - ^^ ..." > . > -, ._ ^^. ^^^^ ss ^^ B ^ & S¡ ^ j £: ^ íik ^^ ií ^ m ^ A, & i M- ^ .a & -FE selects between varIjHB possible actions. For example, the operator could try < 3fjj rminate the location of the piracy issue or you could interrupt the call of the • supposed pirate to determine HE said call makes it a legitimate 5 subscriber. To or investigate each alarm, the event could simply be recorded and also the location of the alleged pirate registered for future use. The trace could then be started after having received several alarms regarding the same mobile station. Any • 10 way, the system operator would be warned of a hacking situation long before a subscriber complains about a wrong cell phone bill. A more complete appreciation of the present invention and its scope can be obtained from the following drawings 15 which are briefly described below, from the following detailed description of the presently preferred embodiments of the invention, and from the • claims. BRIEF DESCRIPTION OF THE DRAWINGS A more complete understanding of the method and apparatus of the present invention can be obtained with reference to the following detailed description when taken in conjunction with the accompanying drawings, wherein: Figure 1 is a block diagram of a telecommunications system in accordance with the present invention; «Fc s ^ ^^^^^^^^^ á ^ ^^^ -. ^^^ A ^ & ^^ flflM M ™ * ™ Figure 2 is a block of a telecommunications system illustrating the routing of a CLID / MS-CLID message in accordance with this • invention; Figure 3 is a flow chart illustrating how the system employs the MS-CLID in the piracy detection process in accordance with one embodiment of the present invention; Figure 4 is a block diagram illustrating the • 10 CLID / MS-CLID routing and location messages reported for the last time in accordance with the present invention; and Figure 5 is a flowchart how the system employs the CLID / MS-CLID system in the piracy detection process 15 in accordance with an alternative embodiment of the present invention. DETAILED DESCRIPTION OF THE DRAWINGS • The present invention will now be described more fully with reference to the accompanying drawings, in which preferred embodiments of the invention are shown. However, this invention can be incorporated differently and should not be considered as limited to the modalities presented here; on the contrary, these modalities are offered only in such a way that this disclosure is complete and complete and in such a way as to fully provide the scope of the invention to those skilled in the art. With reference to Fig. 1 of the drawings, a public land mobile network (PLMN) 10, such as a network, is illustrated. • cellular, in turn composed? § several areas 12, each one having a Mobile Switched Accent (MSC) 14 and a Visitor Location Register (VLR) 16 integrated. The MSC / VLR 12 areas, in turn, include a plurality of Location Areas (LA) 18. An LA18 is the part of a MSC / VLR area 12 where a Mobile Station (MS) 20 can be moved • 10 freely without having to send a location update information to the Home Location Register (HLR) 26, described below. Preferably, the MSCs are connected to the HLR through a Network Signaling System number 7 (SS /). Each location area 18 is divided into several cells 23. The mobile station 20 is the physical equipment, for example, a vehicle telephone or another type of telephone • portable, used by mobile subscribers to communicate with the cellular network 10. Base 20 Transceiver Station (BTS) 24 is the physical equipment, illustrated for simplicity as a radio tower, which offers radio coverage to the area geographic of the cell 23 where the radio traffic is handled to the mobile station 20 and from the mobile station 20. One or several BTSs are controlled by a Base Station Controller (BSC) 25, and one or more BSCs may be governed by a single MSC 14. With additional reference to Figure 1, the PLMN Service Area or cellular network 10 includes an HLR 26, which is a database containing all the * information of the Subscriber, for example, user profiles, current location, as well as routing information and other administrative information. The HLR 26 itself may be located in the same location as a given MSC 14, may be an integral part of an MSC 14, or may serve several MSCs 14; the last configuration is illustrated in figure 1. In accordance with the present invention, the BTS, the BSC, the MSCs, the VLRs and the HLR together make up a network security system 28. The current location of the stored mobile stations in 15 the HLR 26 database is determined in the first instance through a process known as registration. In the register, the mobile station 20 transmits a registration request message in a control channel to the BTS 24 which controls the cell. The BTS 24 in turn sends the message through its 20 BSC 25 associated with the MSC 14 (update of VLR 16, possibly, as for example, when the mobile station 20 s is moving), and then towards the HLR 26. A registration typically occurs when the mobile station 20 is turned on, when it moves from one LA to another, or at other predetermined times, such as when a call is made.

The location information of mobile station 20 stored in HLR 26 is employed (in combination with VLR 16, if necessary) as for example, when attempting to establish • a call with the mobile station 20. 5 As noted, to steal air time from a cellular service provider, a pirate imitates the registration process when making a call. By scanning the air interface, the pirate detects a registration message and builds a clone capable of sending an identical transmission. • 10 Since calls made from the clone can not be distinguished from legitimate calls, both types of calls will be billed to the subscriber. The subscriber and the system operator will generally not be aware that the cloning occurred until the generation of an invoice that charges the call made by the clone. An early detection of piracy can be achieved, however, through additional cooperation between the mobile station 20 and the • network security system 28. In a preferred embodiment of the present invention, during a period of inactivity, the mobile station 20 generates a signal, for example a paging signal / short message service (SMS) which is known as a Current Location Identification (CLID) message. The CLID contains unique identification information for the mobile station 20. Referring now to Figure 2, there is illustrated a block diagram of a telecommunications system illustrating the routing of a CLID between the mobile station 20 and the HLR 26 in accordance with the present invention. As in the • case of the registration, the mobile station 20 transmits first the 5 CLID in a control channel in the air interface to a BTS 24 that controls the cell. The BTS 24 then sends the CLID to its BSC 25. From the BSC 25, the CLID is sent to the MSC 14. The MSC 14 determines the exact logical path back to the mobile station 20, including the 'w identifier MSC14, the VLR identifier 16 (optionally) associated with the MSC 14, the identifier BSC and the identifier BTS. The MSC 14 then enters into contact with the HLR 26 and transmits a Current Station Identification Message of Mobile Station (MS-CLID), which includes the CLID and the aforementioned logical path identifiers. Preferably. The MS-CLID includes the CLID transmitted from the mobile station and the identifiers of BTS, BSC, MSC, and (where applicable) VLR. It is not essential, however, that the MSC-CLID comprises all these elements or that it excludes others, but it is preferable that the MSC-CLID transmitted to the HLR 26 contain a location and signal path information as accurate as possible. Preferably, the CLID and MS-CLID transmissions are achieved through a Transaction Capability Application Part 25 (TCAP) request from Signaling System Number 7 (SS7).

"^ A **« gjj-SBa- ^. ^ »Aasttaiaei ___- a ___ - _-- .. ^. ^^ _ * _. __" _ a_s »sMSfea ^ B ^ Jj ^ BtaMa ^ w ^ fewi ^ -i -. ^. »^ -. Jar ^ gA- > -_- Reference is now made to Figure 3, which is a flow chart illustrating how the HLR 26 uses the MS-CLID. according to the present invention, the • CLID and therefore the MS * ctlD, contains within it a% > 5 unique identifier associated with the mobile station 20 that originated the CLID transmission. The HLR 26 (illustrated in Figure 2) contains the application that processes the MS-CLID signal. Upon receipt of the MS-CLID, step 301, HLR 26, in step 305, start another TCAP request to determine if another • 10 entity that uses the same unique mobile station identifier is active. Since the CLID is transmitted only by an idle mobile station, if a VLR 26 answers affirmatively, step 310, a clone alarm is generated by the HLR 26 in step 315. Alternatively, an activity status information could be continuously updated through the VLRs 16 and said information could be stored in the HLR database 26, in said # case a simultaneous activity determination could be made without first making a TCAP request (not illustrated).

On the other hand, if no VLR 16 answers affirmatively, step 320, then the HLR leaves the MS-CLID message without generating alarm, step 330. In another embodiment, the HLR 26 determines in step 340 the logical path back to the clone , that is, the entity active when the MS-CLID was referred. The time of the alarm, the location of MS 20, and the clone location are then recorded for future reference, step 350. Even though the CLID may be sent at any time in • which Mobile Station 20 is inactive, said 5 CLID is preferably started on a pseudo-random basis. This prevents a pirate from avoiding detection by simply making calls during intervals where a CLID transmission is not expected. The frequency of pseudo-random transmissions is determined by a • 10 algorithm and germ resident in the mobile station 20. Since it is never transmitted by the mobile station, it is not possible for a pirate to accurately predict the time of the next CLID transmission. In a particularly preferred embodiment (not illustrated in Figure 3), when the HLR 26 receives notice that the mobile station is operating in an area with high piracy activity, as determined by the system operator based on experience passed, the HLR 26 requests that the MSC 14 of the area where the mobile station 20 is currently operating generates a new seed and transmits it to the mobile station 20. The new seed, in combination with the algorithm resident in the mobile station 20 , results in CLID transmissions that occur at more frequent intervals. When the mobile station leaves the area, the CLID frequency is reduced in the same way.

«SftwK-M-. In another mode (not illustrated in FIG. 3), a mobile station 20 not turned on will automatically turn on at the appropriate time to send a CLID message and then it will be • off again to conserve battery power. 5 This feature could be manually disabled when the CLID transmission should not occur, such as during an air flight. In another modality, the review of the simultaneous activity is not carried out through the HLR 26 itself, but through • 10 an authentication / privacy record (APR) 27 (illustrated in Figure 2), which has access to the HLR database 26. In this mode, the HLR resources are not diverted to this separate operation, except insofar as to its action as an intermediate node of message transfer. 15 The amount of information contained in the piracy alarm message or recorded, varies at the discretion of the system operator. It is preferable that the operator be warned as to the cause of the clone alarm, and the location of the clone as close as can be determined. Upon receiving a hacking alarm, the system operator could attempt a more accurate identification of the location of the clone through standard techniques such as signal triangulation / loopback time. Reference is now made to Figure 4, which is a 25-block diagram illustrating another embodiment of the present invention.

In this modality an increased protection is obtained through a higher load on system resources. Known as "heavyweight" protection this modality • provides improved detection of hacking in cases 5 in which the clone is not active simultaneously with the CLID transmission. To achieve this result, the base station 20 has a non-volatile memory address (LM) 21 where the last calculated MS-CLID is stored. In a heavy weight configuration, the CLID and the MS-CLID are • 10 transmit as described above with reference to FIG. 2, but in addition, the MS-CLID, which preferably includes the identifier of BST, BSC and MSC, along the path where the CLID or message is moved. register, is returned through the same path to the mobile station 15 where it is stored in the LM 21. Generally, when the LM 21 stores an MS-CLID received by the mobile station 20, any previously stored information is deleted. It can be observed however that multiple MS-CLIDs could be stored and applied to provide additional protection in accordance with the present invention. When a CLID is generated by a mobile station 20 it includes the last received MS-CLID stored in the LM 21 (and, if additional historical information is desired). Reference is now made to Figure 5 which is a flow chart illustrating the operation of heavy weight HLR 26 in j * NaES -. "- aB-j». 'w. ^^^ .-. ¿^^ a.' ^ ¿^^ S- combination with an associated APR 27. In this modality when the HLR 26 receives a MS-CLID (Step 301) generates a TCAP request containing the MS-CLID and transmits it to APR 27 (step • 500) The APR 27 performs d < §§pi? Is a series of revisions 5 ( which are described below in a preferred sequence, but which can be performed in any order without departing from the spirit of the invention.) First, the APR 27 performs the concurrent activity review mentioned above.When receiving an MS_CLID, the APR 27 10 determines in step 505 whether another entity using the same unique mobile station identifier is in activity For the purposes of this embodiment, it is irrelevant that the information regarding the status of activity MS be continuously updated on the basis of data APR 27 (or HLR 26), or if a separate request must be made to determine the information when an MS-CLID is received. As previously described with reference to Figure 3, if a VLR 16 responds in the affirmative, step 510, there is a hacking condition and a clone alarm is generated in step 315. On the other hand, if no affirmative answer is received, step 320, then all other revisions are still carried out, preferably starting with the timing revision (step 530). The APR 27, which has stored in its database in 25 pseudo-random CLID interval algorithm and germ .. > ¿^, ^ 8isfafeilÉ? Á employed by the MS 20, verifies in step 530 that the CLID was generated at an expected time. Even when a pirate can intercept and emulate a CLID, he will not have the algorithm and • the germ of mobile station 20 and APR 27. Any 5 CLID transmitted by a clone will therefore almost certainly occur in the wrong range. If the APR 27 determines in step 530 that this has occurred (step 535), a hacking condition exists and a clone alarm is generated (step 315), 10 In addition, since the previously received MS-CLID was stored and returned to the mobile station 20, the APR database 27 (or alternatively, the HLR database 26) and the LM 21 both contain in storage the same MS-CLID. When the mobile station 20 then transmits a CLID message, it includes this pre-location information ("old MS-CLID"), which in turn is included in the "new MS-CLID" calculated by MSC 14 and transmitted to the HLR 26 and APT 27. If step 530 confirms that the CLID was generated at an expected interval (step 540), this old MS-CLID 20 now contained in the received MS-CLID is compared in step 550 with the old MS-CLID stored in the HLR 26 or in the APR database 27. If the old MS-CLIDs do not correspond , step 555, there is a possible hacking situation or the possible hacking situation has occurred and a hacking alarm is sent to the system operator, step 315. Obviously, if no MS-CLID was stored on a database of piracy. system and transmitted to mobile station 20 for storage in LM 21, then • A "correspondence" continues to occur. If a correspondence occurs, step 560, the HLR 26 or APR 27 updates its database again to reflect the newly received MS-CLID, step 565, and notifies the MSC 14 (step 570), which transmits the MS-CLID to mobile station 20, where it replaces the information previously stored in LM 21 (step 575). Although a specific process is illustrated in FIG. 5, it will be noted that it is not critical to the invention how the data storage, data processing, or alarm functions are allocated between the HLR 26 and the APR 27. Even in heavy weight mode, all functions 15 could be performed by HLR 26 and it is not necessary that in this case an APR 27 is present. As in the case of light weight mode described above, if HLR 26 (or APR 27) is • updated when a mobile station 20 s becomes active or inactive, a separate TCAP request to determine this state (upon receipt of an MS-CLID) can be eliminated. Also, as previously described with reference to Figure 3, if desired, the system could also determine or determine the location of clone step 340, and generate a clone report (step 350). Although it has been illustrated in the accompanying drawings and described in the above detailed description one embodiment of the method and apparatus of the present invention, it will be understood that the invention is not limited to the disclosed mode, but rather that • may present numerous rearrangements, modifications and substitutions without departing from the spirit of the invention presented and defined in the following claims. The foregoing description is the description of a preferred embodiment for implementing the present invention and the scope of the present invention is not necessarily limited by • 10 this description. The scope of the present invention is defined in the following claims. fifteen • twenty

Claims

CLAIMS 1. A method for detecting piracy of a mobile station within a cellular telecommunication system, said method comprising the steps of: maintaining, within a base of said telecommunications system, an activity marker associated with said mobile station, said activity marker is established when said mobile station is in active state; • transmitting, through said mobile station, an identification signal several times while said mobile station is in an inactive state; determining, after at least one of said identification signal transmissions, if said activity marker for said inactive mobile station is in active state; and generate an alarm signal if said activity marker • for said inactive mobile station it is in active state.
2. The method according to claim 1, wherein said identification signal is transmitted by said inactive mobile station at spaced intervals in a pseudo-random manner.
3. The method according to claim 2, wherein said pseudo-random ranges are determined using an algorithm stored both in said mobile station and in said database, and further comprising the steps of: # determining, after at least one of said 5 identification signal transmissions, if said at least one signal transmission of identification occurred in a predictable time by said algorithm; and generating an alarm signal if said at least one identification signal transmission was not sent in a • 10 predictable time by said algorithm. The method according to claim 2, further comprising the step of varying the frequency of said pseudo-random transmissions by a control signal sent to said mobile station. 5. The method according to claim 4, wherein said step of varying said frequency of said pseudo-random transmissions varies based on the areas in • which said mobile station has been operating recently. 6. The method according to claim 1, further comprising the steps of: maintaining, within a database of said telecommunications system, a last reported location of said mobile station; Determining after said at least one transmission of A identification signal, a current location of said mobile station within said telecommunications system; • compare said current location of said mobile station 5 after said transmission of identification signal to said last reported location; and generating an alarm signal if said current location of said mobile station differs from said last reported location. 7. The method according to claim 1, further comprising the steps of: determining, after said at least one identification transmission signal, the identification signal path, wherein said signal path of The identification includes an identifier corresponding to at least one of the nodes of said telecommunications system through which said signal • identification has been transmitted more recently; maintain, within a database of said system of 20 telecommunications, said identification signal path; updating, after said comparison step, said last reported location of said mobile station within said base station from locations to the location 25 current; ms s f. 1 to A? \ < ft? a-g transmitting said identification signal path to said mobile station; store, within a memory of said mobile station, # said conformal identification signal path is received 5; transmitting, from said mobile station, a second identification signal, wherein said second identification signal includes said last updated identification signal path received by said mobile station.; comparing said identification signal path within said second identification signal with said identification path in said database of said telecommunications system; and generating an alarm signal if said identification signal path within said second identification signal is different from said signal path? of identification in said database of said telecommunications network. 8. The method according to claim 1, wherein said database of said telecommunications system is located within a home location register of said telecommunications system. 9. The method according to claim 1, wherein said determination step is carried out within a iJ- ^ faith «-« > * -Sa »aj ^^ Sti ^^^^ É-r ^» > »Aa» _- OLn-iSi », -" "> TO" . authentication record in communication with the home location register of said telecommunications network. • The method according to claim 1, wherein said transmission step is carried out automatically. The method according to claim 10, wherein said mobile station, if it is in an off condition at the time at which the transmission is scheduled • 10 of said transmission signal, it is automatically turned on for a period at least long enough for said transmission to occur. The method according to claim 1, wherein said activity marker indicates whether the mobile station 15 is active based on a request to location records of visitors in communication with said telecommunications system. The method according to claim 12, wherein said request is made after at least one of said 20 transmissions of identification signal. 14. The method according to claim 1, wherein said activity marker is established based on a warning provided by the visitor location records when said mobile stations become 25 active or inactive in relation to voice. 15. The method according to claim 1, further comprising the step of determining a specific area where an alleged clone is operating. • The method according to claim 15, wherein said presumed area of operations is determined by a process of triangulation of signal loop regression time. 17. The method according to claim 1, wherein said alarm signal causes the generation of a report H? 10 of piracy. 18. A method to detect piracy in a telecommunications system, said method comprises the steps of: maintaining, within a home location register, a database of locations containing several 15 locations of a corresponding plurality of active mobile stations associated with the telecommunications system; • transmit from a given mobile station of said mobile stations a current location identifier, Said current location identifier corresponds to said given mobile station; transferring said current location identifier of said given mobile station to said home location register; 25 determine, within said location record of i address upon receiving said current location identifier if an active mobile station identifier, for at least one of said locations in said database • of locations of said active mobile stations 5 corresponds to said current location identifier; and generating an alarm if, in said determination step, said current location identifier corresponds to said active mobile station identifier. 19. The method according to claim 18, which • further comprises the steps of: determining the location of said mobile station transmitting said current location identifier; updating said location database in the home location record to said current location identifier location; transmitting said current location identifier location to said given mobile station, said mobile station stores said current location identifier location in a memory; 20 transmitting from said given mobile station a second current location identifier, said second current location identifier includes said current location identifier stored; comparing said current location identifier 25 stored in said second location identifier ^^ > ^, ^^ - ^^ l¡ ^ & ^ ^ ^ ^. ^^ ,, _. rifiÉa, ^. ^^ »^ ... ^ ¿^^ ij ^^^ j ^^^^ ,,,. current with said current location identifier for said mobile station given in said location base station; and • generating said alarm if the current location identifier 5 stored within said second current location identification does not correspond to said current location identifier for said mobile station given in said location database of said home location register. • The method according to claim 19, further comprising the step of determining the location of a presumed clone when said alarm is generated. 21. The method according to claim 20. Where said alarm causes the generation of a report of 15 piracy. The method according to claim 18, further comprising the steps of: counting the number of current location identifiers transmitted by said given mobile station within a predetermined period of time, and alerting the system operator if the number of transmissions counted in said counting step exceeds a predetermined level. 23. A cellular telecommunications system for detecting piracy of a mobile station, said system comprises: an address location record that has a location database that contains the last reported location of several mobile stations associated with said location • home location registration; 5 a signal generator in at least one of said mobile stations for sending respective messages from current locations to said home location register-means of determination to determine whether a • The identifier corresponding to a given mobile station of said mobile stations corresponds to the identifier corresponding to at least one other active mobile station sending said respective messages of current location; and an alarm generator for generating an alarm if said given mobile station identifier corresponds to said other active mobile station identifier. 24. The system according to claim 23, wherein SP "said home location register determines the current location of said given mobile station and transmits said current location to said mobile station, and further comprises a storage location in said location. mobile station for storing location information sent from said home location register. RESU1ÉK; D1E INVENTION A method and system for detecting early piracy in a cellular telecommunications network is presented. When in an idle mode, a mobile network subscriber station (MS) transmits a Current Location Identifier (CLID) message on a pseudo random basis. The CLID containing MS identification information is collected by the network and retransmitted to the Mobile Switching Center (MSC) that covers the area where it is located • §? 10 currently the mobile station. When it receives the CLID, the MSC generates an MS-CLID message containing the CLID and the identifier of the nodes through which it has passed, including the identifier of the MSC itself. The MS-CLID message is then sent to the Home Location Register 15 (HLR) of the system, which compares the mobile station identification and the location information with the information stored in its database. The system generates an alarm # of piracy when the comparison determines that another person using the same identity is currently active and that 20 a call initiation is coming from a location distant from the last reported location of the legitimate MS, allowing the system operator to take action before of excessive loss of airtime. 'k. -JßÍ? * KStíí £ sSi &