Abstract:
Invalid transmissions in an ATM network (200) are identified by maintaining a user profile (304) relating to network use for each participating node of the network (200) and detecting potentially invalid transmissions based on a deviation (312) from the user profile. In a preferred embodiment, the user profile is continuously updated by monitoring transmissions within the ATM network (200), taking advantage of information included in defined fields of the transmitted ATM cells. When a detected deviation exceeds a predetermined threshold (314), the source node of the transmission is investigated to verify the identity of the source node user. The investigation is accomplished prior to establishing a security link between the source node and a secured node (202), thereby increasing availability of the secured node (202) for use by authorized network users.