Signaling Security in LTE Roaming

LTE (Long Term Evolution) also known as 4G, is highly in demand for its incomparable levels of experience like high data rates, low latency, good Quality of Services(QoS) and roaming features. LTE uses Diameter protocol, which makes LTE an all IP network, connecting multiple network providers, providing flexibility in adding nodes and flexible mobility management while roaming. Which in turn makes LTE network more vulnerable to malicious actors. Diameter protocol architecture includes many nodes and the communication between the nodes is done through request and answer messages. Diameter manages the control session. Control session includes the signaling traffic which consists of messages to manage the user session. Roaming signaling traffic arises due to subscribers movement out of the geographical range of their home network to any other network. This signaling traffic moves over the roaming interconnection called S9 roaming interface. This thesis project aims to interfere and manipulate traffic from both user-to-network and network-to-network interfaces in order to identify possible security vulnerabilities in LTE roaming. A fake base-station is installed to establish a connection to a subscriber through the air interface. The IMSI (International Mobile Subscription Identity) is captured using this fake station. To explore the network-to-network communication an emulator based LTE testbed is used. The author has investigated how Diameter messages can be manipulated over the S9 interface to perform a fraud or DoS attack using the IMSI number. The consequences of such attacks are discussed and the countermeasures that can be considered by the MNOs (Mobile Network Operators) and Standardization Committees

Telecommunication Economics

This book constitutes a collaborative and selected documentation of the scientific outcome of the European COST Action IS0605 Econ@Tel "A Telecommunications Economics COST Network" which run from October 2007 to October 2011. Involving experts from around 20 European countries, the goal of Econ@Tel was to develop a strategic research and training network among key people and organizations in order to enhance Europe's competence in the field of telecommunications economics. Reflecting the organization of the COST Action IS0605 Econ@Tel in working groups the following four major research areas are addressed: - evolution and regulation of communication ecosystems; - social and policy implications of communication technologies; - economics and governance of future networks; - future networks management architectures and mechanisms

A complex systems perspective on innovation, investment and regulation of evolving telecommunications networks

This thesis is a Doctoral Thesis of the International Executive Doctorate Programme (DBA) at the School of Management, Cranfield University, UK. The purpose of the study is to present the results of the research dedicated to the topic of Infrastructure Sharing, a common method to make use of the limited infrastructure resources of many stakeholders. The research aims to develop a decision support tool for a National Regulating Authority (NRA) on the basis of a software simulation representing infrastructure in use as complex systems consisting of agent and infrastructure networks. By applying a computational Agent-Based Modelling (ABM) approach to policy decisions, i.e. influence of Duct and Pole Access (DPA) to incumbent telecommunication infrastructures, the research investigates regulatory considerations that stimulate the development of alternative networks. The final deliverable of the research is a simulation tool that provides a solid foundation for simulating experiments, which allows analysis of demand for broadband services by different subgroups of users. The results of the study are of value for regulators, practitioners, representatives of telecommunication and other network industries, and scholars who deal with the topic of sustainable infrastructure development and recognise the value of a complex system perspective

Telecommunication Economics

This book constitutes a collaborative and selected documentation of the scientific outcome of the European COST Action IS0605 Econ@Tel "A Telecommunications Economics COST Network" which run from October 2007 to October 2011. Involving experts from around 20 European countries, the goal of Econ@Tel was to develop a strategic research and training network among key people and organizations in order to enhance Europe's competence in the field of telecommunications economics. Reflecting the organization of the COST Action IS0605 Econ@Tel in working groups the following four major research areas are addressed: - evolution and regulation of communication ecosystems; - social and policy implications of communication technologies; - economics and governance of future networks; - future networks management architectures and mechanisms

Analysis and Mitigation of Recent Attacks on Mobile Communication Backend

2014 aasta viimases kvartalis demonstreeriti mitmeid edukaid rünnakuid mobiilsidevõrkude vastu. Need baseerusid ühe peamise signaaliprotokolli, SS7 väärkasutamisel. Ründajatel õnnestus positsioneerida mobiilseadmete kasutajaid ja kuulata pealt nii kõnesid kui ka tekstisõnumeid. Ajal mil enamik viimase aja ründeid paljastavad nõrkusi lõppkasutajate seadmete tarkvaras, paljastavad need hiljutised rünnakud põhivõrkude endi haavatavust. Teadaolevalt on mobiilsete telekommunikatsioonivõrkude tööstuses raskusi haavatavuste õigeaegsel avastamisel ja nende mõistmisel. Käesolev töö on osa püüdlusest neid probleeme mõista. Töö annab põhjaliku ülevaate ja analüüsib teadaolevaid rünnakuid ning toob välja võimalikud lahendused. Rünnakud võivad olla väga suurte tagajärgedega, kuna vaatamata SS7 protokolli vanusele, jääb see siiski peamiseks signaaliprotokolliks mobiilsidevõrkudes veel pikaks ajaks. Uurimustöö analüüs ja tulemused aitavad mobiilsideoperaatoritel hinnata oma võrkude haavatavust ning teha paremaid investeeringuid oma taristu turvalisusele. Tulemused esitletakse mobiilsideoperaatoritele, võrguseadmete müüjatele ning 3GPP standardi organisatsioonile.In the last quarter of 2014, several successful attacks against mobile networks were demonstrated. They are based on misuse of one of the key signaling protocol, SS7, which is extensively used in the mobile communication backend for signaling tasks such as call and mobility management. The attackers were able to locate the mobile users and intercept voice calls and text messages. While most attacks in the public eye are those which exploits weaknesses in the end-device software or radio access links, these recently demonstrated vulnerabilities exploit weaknesses of the mobile core networks themselves. Understandably, there is a scramble in the mobile telecommunications industry to understand the attacks and the underlying vulnerabilities. This thesis is part of that effort. This thesis presents a broad and thorough overview and analysis of the known attacks against mobile network signaling protocols and the possible mitigation strategies. The attacks are presented in a uniform way, in relation to the mobile network protocol standards and signaling scenarios. Moreover, this thesis also presents a new attack that enables a malicious party with access to the signaling network to remove lost or stolen phones from the blacklist that is intended to prevent their use. Both the known and new attacks have been confirmed by implementing them in a controlled test environment. The attacks are serious because SS7, despite its age, remains the main signaling protocol in the mobile networks and will still long be required for interoperability and background compatibility in international roaming. Moreover, the number of entities with access to the core network, and hence the number of potential attackers, has increased significantly because of changes in regulation and opening of the networks to competition. The analysis and new results of this thesis will help mobile network providers and operators to assess the vulnerabilities in their infrastructure and to make security-aware decisions regarding their future investments and standardization. The results will be presented to the operators, network-equipment vendors, and to the 3GPP standards body

Analyzing the m-business landscape

The m-business landscape never stops to change and the impacts on the mobile market are constant as players reposition themselves on the market according to the new opportunities and threats brought by rapid technological developments. This paper provides a conceptual tool to better understand this player arena and its objective is threefold. The first one is to analyze the role of the key actors using ontology for defining and assessing their business models. The second objective is to analyze and visualize the interaction of actors with each other from a value system perspective. The final objective is to evaluate and represent the dependencies of the actors, their strategies and their convergence or divergence on different issues by using an approach borrowed from policy makin

Mobile telecommunication networks and mobile commerce : towards its applications in chinese market

La télécommunication mobile connecte les personnes de n'importe où à tout moment. La transmission de la voix et des données à travers les réseaux de télécommunication mobile permet d'envoyer des informations et de diriger des transactions d'une manière nouvelle. Cela crée un nouveau domaine d'affaires qui s'appelle du commerce mobile, une affaire étendue basée sur l'Internet avec de nombreux des caractéristiques uniques ajoutés. Comme un soutien fondamental du plate-forme, les réseaux de la télécommunication mobile joue un rôle essentiel dans le commerce mobile. Leurs caractéristiques techniques et le déploiement déterminent l'essence pour le commerce mobile. Dans cette mémoire, nous étudions et présentons les caractéristiques techniques des technologies communications mobiles du réseau 1G à 3G et au-delà. Nous étudions également les technologies WLAN et WAP qui sont courantes dans le commerce mobile en Chine et dans le monde. Le commerce mobile est en train de se développer, le nombre d'utilisateurs de téléphones mobiles sont de plus en plus en Chine et dans ce monde. Les utilisateurs mobiles énormes en Chine ainsi que la maturité des technologies 3G affichent un fort potentiel pour offrir et d'adopter plus les nouveaux services mobiles. Après réviser l'évolution du commerce mobile et l'histoire du succès i-mode au Japon, nous nous concentrons sur le mobile du marché chinois de manière à découvrir son marché, l'infrastructure du réseau mobile, et le modèle d'affaires. Fondé sur la base de notre enquête sur le commerce mobile chinois, nous présentons, selon notre jugement, les services mobiles et des applications que sont convenables pour la Chine. Parmi eux, nous pensons qu'il y a la tendance sur les services basés sur la localisation et services orientées de l'architectures. Cette tendance peut attirer plus d'attention à offrir de nouveaux services. En plus, elle peut offrir des services d'intégration et de personnalisation qui viennent de fournisseurs de services mobiles et des utilisateurs finaux. ______________________________________________________________________________ MOTS-CLÉS DE L’AUTEUR : Gestion intégrée et écosystémique, Principe de précaution, Communication entre acteurs, Risques sur l'environnement et la santé