Vulnerabilities of signaling system number 7 (SS7) to cyber attacks and how to mitigate against these vulnerabilities.

As the mobile network subscriber base exponentially increases due to some attractive offerings such as anytime anywhere accessibility, seamless roaming, inexpensive handsets with sophisticated applications, and Internet connectivity, the mobile telecommunications network has now become the primary source of communication for not only business and pleasure, but also for the many life and mission critical services. This mass popularisation of telecommunications services has resulted in a heavily loaded Signaling System number 7 (SS7) signaling network which is used in Second and Third Generations (2G and 3G) mobile networks and is needed for call control and services such as caller identity, roaming, and for sending short message servirces. SS7 signaling has enjoyed remarkable popularity for providing acceptable voice quality with negligible connection delays, pos- sibly due to its circuit-switched heritage. However, the traditional SS7 networks are expensive to lease and to expand, hence to cater for the growing signaling demand and to provide the seamless interconnectivity between the SS7 and IP networks a new suite of protocols known as Signaling Transport (SIGTRAN) has been designed to carry SS7 signaling messages over IP. Due to the intersignaling between the circuit-switched and the packet-switched networks, the mo- bile networks have now left the “walled garden”, which is a privileged, closed and isolated ecosystem under the full control of mobile carriers, using proprietary protocols and has minimal security risks due to restricted user access. Potentially, intersignaling can be exploited from the IP side to disrupt the services provided on the circuit-switched side. This study demonstrates the vulnerabilities of SS7 messages to cyber-attacks while being trans- ported over IP networks and proposes some solutions based on securing both the IP transport and SCTP layers of the SIGTRAN protocol stack

The possibilities of SS7 signalling transport over IP network using YATE switch

Diplomová Práce se věnuje problematikou signalizačního systému číslo 7 (SS7), a to zejména přenosem signalizace SS7 přes sítě na bázi IP protokolu. K ověření možností přenosu byla vytvořena konvergovaná síť s využitím Open Source PBX YATE, kde jsou potřebné protokoly implementovány. V úvodu diplomové práce je uveden popis signalizačního systému SS7, který je následován vysvětlením funkce každé z vrstev (MTP2 až aplikační) a přenášených zpráv síti SS7. Dále byla věnována pozornost protokolům, které umožňují přenos SS7 přes IP síť. V diplomové práci byla také popsána architektura PBX YATE, konfigurační soubory a způsoby instalace v operačním systému Linux. Rovněž byly stručně popsány důležité soubory pro realizaci této práce. Experimentální práce byly zahájeny s využitím dvojice virtuálních počítačů, které měly naistalovány dvě různé PBX, a to YATE a Asterisk. Dalším krokem byla realizace konvergované sítě pro ověření teoretických předpokladů. Pro tyto účely již byly využity servery s instalovanými TDM kartami. S pomocí těchto serverů byly ověřeny protokoly SS7, SIGTRAN, implementována MGCP brána a protokol SIP-T. Experimenty byly úspěšné, nicméně lze jistě pokračovat dalšími a ověřit další možnosti.This study examines the use of SS7 signaling system over IP networks by using the open source PBX YATE. At first it starts with describing the SS7 followed by an explanation of the function of each of its levels and the messages that are used within the SS7 network. The study then sheds some light on the ways of using SS7 inside IP network with the use of some protocols. It also discusses the architecture of YATE and its files, and how it is installed in Linux operating system. Finally, it describes the important files for delivering this task. The study was commenced by using two virtual machines that have two different open source PBX's which are YATE and Asterisk, and after acquiring some results by establishing communication between them via the means of SIP trunk, furthermore the study was extended to the laboratory in order to test it over real servers that have TDM cards, in order to apply the study by the means of SS7 protocols, SIGTRAN, MGCP gateway and SIP-T. The experiments have almost delivered successful communications after conducting a configuration for the files on multiple sides.

NGN-laboratorion verkkoliitännät

Työssä selvitettiin, miten Satakunnan ammattikorkeakoulun NGN-laboratorion verkosta voidaan tarjota palveluliitäntöjä kolmansille osapuolille. Mahdollisia palveluita olisivat esim. NGN-laboratorion älyverkkoliitäntä IN– ja CAMEL-pyynnöille, GSM-viestikeskusliitäntä, kansainvälinen verkkovierailu tai etäälle sijoitettava tukiasema. Työssä oleellinen osa oli tunnistaa palvelut, sekä selvittää tapa jolla toteuttaa niiden vaatimat yhteydet, perustuen standardiratkaisuihin, kuten SIGTRAN tai CESoPSN.This thesis investigated how to provide service connections to third parties from the NGN laboratory. Potential services could be for example the Intelligent Network access for IN and CAMEL requests, access to SMSC, international GSM roaming or a remote base station. It was essential to recognise these services and find out how those connections are realised based on standard solutions like SIGTRAN or CESoPSN

Desenvolvimento de sistemas media gateway de acesso ETSI TISPAN

Mestrado em Engenharia Electrónica e de Telecomunicações e InformáticaAs Redes de Próxima Geração prometem trazer muitos benefícios aos operadores de telecomunicações. Os operadores que as implementarem poderão oferecer uma maior variedade de aplicações e serviços aos seus subscritores independentemente da sua localização, com custos e complexidade reduzidos. Desta forma os operadores poderão aumentar a sua oferta, com os novos serviços que podem ser oferecidos, enquanto as suas despesas de capital e operação poderão ser reduzidas com a migração das redes telef ónicas baseadas em TDM para as novas arquitecturas de convergência IP. A presente dissertação efectua um estudo destas redes, apresentando os seus requisitos, arquitecturas, protocolos e princípios de funcionamento, dando especial relevância ao sistemas Media Gateway de Acesso e de Trunking. Desta forma foram estudadas e testadas soluções dos subsistema TISPAN de emulação da rede PSTN baseada em IMS para os acessos fixos e dos sistemas de Trunking TISPAN e IMS. É também apresentado o projecto de desenvolvimento de uma Media Gateway de Acesso a integrar na rede SHipNET da PT Inovação. ABSTRACT: Next Generation Networks will bring many benefits to telecommunication networks operators. Operators that deploy it can potentially offer a much wider range of applications and services, to subscribers irrespective of their location, at reduced cost and complexity. This way, operators will increase their revenues through the additional services that can be offered, while their capital expenditure and operation expenses will decrease with their migration from legacy TDM networks to converged network architectures based on IP. This thesis presents a study of these networks, showing their requirements, architectures, protocols and operational principles, giving special relevance to the Media Gateway systems: Access and Trunking. Thus, were studied and tested solutions of the TISPAN PSTN Emulation Subsystem based on IMS, for fixed access, and Trunking systems of IMS and TISPAN. This thesis also presents the project of development of an Access Media Gateway to integrate into the SHipNET network of PT Inovação

Leistungsbewertung und Optimierung eines neuen Transportprotokolls

Das Stream Control Transmission Protocol (SCTP) wurde als Basis f¨ur den effizienten Transport von Signalisierungsnachrichten aus dem Zentralen Zeichengabesystem No.7 (SS7) über IP-basierte Netze entwickelt. SCTP ist ein generisches Vielzweck-Transportprotokoll, welches verbindungsorientiert operiert und eine zuverlässige, nachrichtenorientierte Datenübertragung bietet. So unterstützt es mehrere unabh¨angige Nachrichtenströme in einer Verbindung sowie flexible Zustellmechanismen. Im Gegensatz zu TCP unterst¨utzt SCTP mehrere Netzadressen pro Verbindung (Multihoming), und aus diesem Grund sind SCTP-Endpunkte ¨uber mehrere – möglicherweise redundante – Netzwerkpfade erreichbar. In der vorliegenden Dissertation wurde das Verhalten und die Leistungsfähigkeit des SCTP in verschiedenen Szenarien untersucht. Geeignete Werkzeuge wurden zu diesem Zweck entwickelt: in einer Testbett-Umgebung wurde eine Unixbasierte Protokollimplementation namens sctplib dazu benutzt, die Fairness von SCTP im Zusammenspiel mit TCP sowie die Eignung des SCTP f¨ur den SS7-basierten Signalisierungstransport zu untersuchen. Ein ereignisorientiertes Simulationsmodell des SCTP-Datenpfades und einiger Elemente des Kontrollpfades wurde erstellt und mit Hilfe der Ergebnisse aus den Untersuchungen im Testbett validiert. Mit einer Erweiterung dieses Modells wurden Lastverteilungsalgorithmen untersucht. Lastverteilung ist aus der Perspektive eines Netzbetreibers wünschenswert, um eine gleichm¨aßige Verteilung der Verkehrslast zu erreichen, und Spitzenlasten im Netz abzufangen. Ihre effiziente Unterstützung erfordert jedoch betr¨achtliche Protokollmodifikationen beim SCTP. Neben einer Bewertung der in der Literatur beschriebenen Lastverteilungsalgorithmen wurden eigene Modifikationen dieser Algorithmen vorgeschlagen und gleichfalls bewertet. Dabei konnte gezeigt werden, dass die beschriebenen Modifikationen zu einer Optimierung der existierenden Lastverteilungsalgorithmen führen, sowohl im Hinblick auf den Gesamtdurchsatz als auch auf die zu erwartende Nachrichtenverzögerung

A new security extension for SCTP

In 2000, the Signaling Transport (SIGTRAN) working group of the IETF defined the Stream Control Transmission Protocol (SCTP) as a new transport protocol. SCTP is a new multi-purpose reliable transport protocol. Due to its various features and easy extensibility it is a valid option not only for already standardised applications but also in many new application scenarios. SCTP has several advantages over TCP and UDP. The analysis of already standardised as well as potential SCTP application scenarios clearly indicates that secure end-to-end transport is one of the crucial requirements for SCTP in the future. Up to now there exist two standardised SCTP security solutions which are called TLS over SCTP [37] and SCTP over IPSec [12]. The goal of this thesis was to evaluate existing SCTP security solutions and find an optimised and efficient security solution. Several drawbacks of the standardised SCTP security solutions identified during the analysis are mainly related to features distinguishing SCTP from TCP and UDP. To avoid these drawbacks a new security solution for SCTP, called Secure SCTP (S-SCTP), is proposed which integrates the cryptographic functions into SCTP. One main requirement was that S-SCTP should be fully compatible with standard SCTP while additionally providing strong security i.e. data confidentiality, integrity and authentication. This also means that all features, options and extensions available for standard SCTP have to be supported. Furthermore, S-SCTP should have advantages with respect to performance over all parameter ranges of SCTP and be user-friendly. To specify the S-SCTP protocol extension several new control messages and new message parameters have been defined. Furthermore, procedures for initialisation, rekeying, and termination of secure sessions have been specified and modelled in SDL. Based on an SCTP implementation available in our group and an open source implementation of TLS, TLS over SCTP and S-SCTP have been implemented. These implementations as well as an SCTP over IPSec configuration were used to do comparative performance studies in a lab testbed. These experiments show that the S-SCTP concept achieves its design goals. It supports all features and current extensions of SCTP. Furthermore, it avoids the inefficiencies of the other solutions over a wide range of application scenarios and protocol parameter settings

Um estudo experimental dos protocolos TCP, SCTP e XTP

Dissertação (mestrado) - Universidade Federal de Santa Catarina, Centro Tecnológico. Programa de Pós-Graduação em Ciência da ComputaçãoNas redes de dados das operadoras de telefonia celular é fundamental que o protocolo utilizado na comunicação entre terminais seja confiável e seguro e que possa prover o máximo de garantias a integridade dos dados. Os protocolos usualmente utilizados na comunidade científica fazem parte da pilha TCP/IP. O protocolo UDP não acrescenta confiabilidade à rede e apenas implementa a multiplexação. Por outro lado, o protocolo TCP tem a vantagem de ser um protocolo confiável possuindo conexões ponto-a-ponto. Na rede de telefonia celular, considera-se nas maioria das vezes o protocolo TCP e deseja-se que as vantagens de UDP existam no TCP. Desta forma, nessa dissertação optou-se pelo estudo dos protocolos SCTP e XTP por possuírem tais características em comum e acrescentar alguns diferenciais. Entre os recursos que mais de destacam no SCTP estão a transmissão de mensagens indivisíveis, múltiplos fluxos de mensagens por conexão, variação da confiabilidade das mensagens, entre outras. Por outro lado o XTP tem como características trabalhar em aplicações de alto desempenho, e por possuir similaridades com o TCP. A proposta deste trabalho de pesquisa é de prover um estudo empírico utilizando-se dos protocolos TCP, SCTP e XTP. O estudo caracteriza-se por considerar os recursos do SCTP e XTP, a fim de demonstrar em uma rede real interna de uma operadora de telefonia móvel o diferencial dos mesmos suportando protocolos de aplicação e simulando diversas condições de rede

Enrutamiento y seguridad de señalización en el núcleo de las redes móviles 5G stand-alone

Este TFG ofrece el estudio y análisis de la gestión de la señalización en el núcleo de redes móviles 5G Stand-Alone. Está basado en el estado actual de su estandarización, así como en la implantación real de esta tecnología en las redes móviles existentes a nivel mundial. Mostrando la evolución y los cambios más relevantes con respecto a las tecnologías móviles precedentes, pone foco en las funciones de red específicamente definidas para el manejo de la señalización en el núcleo de las redes móviles 5G Stand-Alone, tanto a nivel de enrutamiento como de seguridad. Ofrece también un análisis específico de los escenarios de roaming, explorando casos de uso reales de señalización extremo a extremo.This TFG provides the study and analysis of the architecture and topology required for Core Network Signaling in 5G Stand-Alone mobile networks. It is based on its current standardization status, as well as in the current real implementations of this technology in the existing mobile networks worldwide. Showing the evolution and the most relevant changes compared to the preceding mobile technologies, it focuses on the network functions specifically defined for managing signaling in the core networks of 5G Stand-alone mobile networks, both at routing level and security level. It also offers specific analysis of roaming scenarios, exploring real end to end signaling use cases.Grado en Ingeniería Telemátic

Розробка алгоритму обробки сигнальних повідомлень ОКС № 7 в мережах NGN на базі технології SIGTRAN

Вигонюк В.І. Розробка алгоритму обробки сигнальних повідомлень ЗКС7 в мережах NGN на базі технології SIGTRAN : кваліфікаційна робота бакалавра / Вигонюк Вадим Ігорович. – Дніпро, 2020. – 95 с.В роботі розроблено алгоритм обробки сигнальних повідомлень ОКС № 7 в мережах NGN на базі технології SIGTRAN. Виконано аналіз результатів