Analysis and Mitigation of Recent Attacks on Mobile Communication Backend

2014 aasta viimases kvartalis demonstreeriti mitmeid edukaid rünnakuid mobiilsidevõrkude vastu. Need baseerusid ühe peamise signaaliprotokolli, SS7 väärkasutamisel. Ründajatel õnnestus positsioneerida mobiilseadmete kasutajaid ja kuulata pealt nii kõnesid kui ka tekstisõnumeid. Ajal mil enamik viimase aja ründeid paljastavad nõrkusi lõppkasutajate seadmete tarkvaras, paljastavad need hiljutised rünnakud põhivõrkude endi haavatavust. Teadaolevalt on mobiilsete telekommunikatsioonivõrkude tööstuses raskusi haavatavuste õigeaegsel avastamisel ja nende mõistmisel. Käesolev töö on osa püüdlusest neid probleeme mõista. Töö annab põhjaliku ülevaate ja analüüsib teadaolevaid rünnakuid ning toob välja võimalikud lahendused. Rünnakud võivad olla väga suurte tagajärgedega, kuna vaatamata SS7 protokolli vanusele, jääb see siiski peamiseks signaaliprotokolliks mobiilsidevõrkudes veel pikaks ajaks. Uurimustöö analüüs ja tulemused aitavad mobiilsideoperaatoritel hinnata oma võrkude haavatavust ning teha paremaid investeeringuid oma taristu turvalisusele. Tulemused esitletakse mobiilsideoperaatoritele, võrguseadmete müüjatele ning 3GPP standardi organisatsioonile.In the last quarter of 2014, several successful attacks against mobile networks were demonstrated. They are based on misuse of one of the key signaling protocol, SS7, which is extensively used in the mobile communication backend for signaling tasks such as call and mobility management. The attackers were able to locate the mobile users and intercept voice calls and text messages. While most attacks in the public eye are those which exploits weaknesses in the end-device software or radio access links, these recently demonstrated vulnerabilities exploit weaknesses of the mobile core networks themselves. Understandably, there is a scramble in the mobile telecommunications industry to understand the attacks and the underlying vulnerabilities. This thesis is part of that effort. This thesis presents a broad and thorough overview and analysis of the known attacks against mobile network signaling protocols and the possible mitigation strategies. The attacks are presented in a uniform way, in relation to the mobile network protocol standards and signaling scenarios. Moreover, this thesis also presents a new attack that enables a malicious party with access to the signaling network to remove lost or stolen phones from the blacklist that is intended to prevent their use. Both the known and new attacks have been confirmed by implementing them in a controlled test environment. The attacks are serious because SS7, despite its age, remains the main signaling protocol in the mobile networks and will still long be required for interoperability and background compatibility in international roaming. Moreover, the number of entities with access to the core network, and hence the number of potential attackers, has increased significantly because of changes in regulation and opening of the networks to competition. The analysis and new results of this thesis will help mobile network providers and operators to assess the vulnerabilities in their infrastructure and to make security-aware decisions regarding their future investments and standardization. The results will be presented to the operators, network-equipment vendors, and to the 3GPP standards body

Sandspur, Vol 108, No 17, April 26, 2002

Rollins College student newspaper, written by the students and published at Rollins College. The Sandspur started as a literary journal.https://stars.library.ucf.edu/cfm-sandspur/1181/thumbnail.jp

Convergence: the next big step

Recently, web based multimedia services have gained popularity and have proven themselves to be viable means of communication. This has inspired the telecommunication service providers and network operators to reinvent themselves to try and provide value added IP centric services. There was need for a system which would allow new services to be introduced rapidly with reduced capital expense (CAPEX) and operational expense (OPEX) through increased efficiency in network utilization. Various organizations and standardization agencies have been working together to establish such a system. Internet Protocol Multimedia Subsystem (IMS) is a result of these efforts. IMS is an application level system. It is being developed by 3GPP (3rd Generation Partnership Project) and 3GPP2 (3rd Generation Partnership Project 2) in collaboration with IETF (Internet Engineering Task Force), ITU-T (International Telecommunication Union – Telecommunication Standardization Sector), and ETSI (European Telecommunications Standards Institute) etc. Initially, the main aim of IMS was to bring together the internet and the cellular world, but it has extended to include traditional wire line telecommunication systems as well. It utilizes existing internet protocols such as SIP (Session Initiation Protocol), AAA (Authentication, Authorization and Accounting protocol), and COPS (Common Open Policy Service) etc, and modifies them to meet the stringent requirements of reliable, real time communication systems. The advantages of IMS include easy service quality management (QoS), mobility management, service control and integration. At present a lot of attention is being paid to providing bundled up services in the home environment. Service providers have been successful in providing traditional telephony, high speed internet and cable services in a single package. But there is very little integration among these services. IMS can provide a way to integrate them as well as extend the possibility of various other services to be added to allow increased automation in the home environment. This thesis extends the concept of IMS to provide convergence and facilitate internetworking of the various bundled services available in the home environment; this may include but is not limited to communications (wired and wireless), entertainment, security etc. In this thesis, I present a converged home environment which has a number of elements providing a variety of communication and entertainment services. The proposed network would allow effective interworking of these elements, based on IMS architecture. My aim is to depict the possible advantages of using IMS to provide convergence, automation and integration at the residential level

Applying human-like intelligence to future generation network to improve communication efficiency

Includes abstract.Includes bibliographical references (leaves 251-257).In recent decades, communications network has evolved at drastic speed to provide advanced and intelligent services. This strengthening service provision owes to the successful establishment of various intelligent networks and the use of artificial intelligence, pervasive computing, and social networking in communications. It has consequently endowed network users with abundant choices of communication services. While these communications services are bringing convenience to human lives, people in turn are performing more tasks. The current network with its large number of available communications services is then often burdening network users with the complexity and inflexibility in using these services. In particular, the network lacks the initiative and the ability to investigate a user’s most recent communication needs and subsequently adjust the manner of service provision according to these needs and user connecting possibilities. The network needs to be more intelligent to handle these problems. We therefore propose importing human-like intelligence into the network to facilitate communication-session processing according to user needs

THE ECONOMICS OF MOBILE INTERNATIONAL ROAMING

International roaming is a hot topic in the telecommunications industry. Many countries have witnessed a downward trend in mobile domestic prices. On the contrary, international roaming prices remained reluctant to follow the domestic trend. In Europe, the service has been regulated with price cap since 2007, and regulation is maintained for years to come. The existing literature on the economics of international roaming has focused on theoretical modelling, which assumes a uniform retail price (i.e. common across visited networks). The main finding is that wholesale and retail prices rise with the number of visited networks. Additionally, vertical merger is found unprofitable; and home network steering does not cause downward pressure on wholesale prices. We found that the assumption of uniform retail pricing leads to results that are inconsistent with wholesale competition because visited networks appear in the demand as complements rather than substitutes. We present theoretical models that match the existing literature’s findings, and compare results to the case whereby the retail price is discriminatory (i.e. differs by visited networks). With discriminatory retail, substitutability of networks reduces prices, and the incentive for vertical merger exists. In a steering game, steering is found able to reduce wholesale prices; and networks alliances are formed in equilibrium. The empirical literature on international roaming is limited to few industry studies. We use an aggregated dataset on prices and quantities for networks visited by roamers from one major mobile provider whose subscribers travel a lot across the world, Etisalat. The study period witnessed a retail price shift from discriminatory to uniform. The main findings are: (1) competition, as measured by the number of visited networks, reduces wholesale price; (2) traffic steering is effective, especially towards preferred networks (alliance and cross-owned); (3) only alliance networks offer wholesale discounts; and (4) demand is more elastic than crude industry studies

Service opportunities for next generation networks

Next Generation Networks was the buzzword last year. Different people imagine different things when they think of NGN. How can this concept be defined? NGN is the application of Internet, IP and IT solutions to Telecom Services, including (but not only) the integration and sometimes the substitution of circuit switching with packet switching either for trunking or for access. Surprisingly, usually people think of a mere porting of Telecom protocols over an IP network (read H.323 protocol). Why should we reuse existing telecom solutions over an IP transport? The usual answer is to reduce cost of ownership. Is that really true? Is that a reason enough? Indeed, the introduction of NGN opens a huge opportunity for incumbent telecom operators: enabling the renewal in the service offering (meaning cash!) In this paper, we present the objectives and results of the Eurescom Project P1109”Next Generation Networks: the service offering Standpoint”. The overall goal is to evaluate solutions for NGNs from a service-offering standpoint and understanding the wider effects of introducing NGNs both in a fixed and 3G mobile network infrastructure, in terms of the inter-operability and functionality of next generation network products. In particular this paper focuses on the implementation of service scenarios (i.e. call center, VPN) on top of NGN platforms. The implementation of the service scenarios is meant to measure the attitude of NGN service platforms to provide new services in a developer friendly way

Vulnerabilities of signaling system number 7 (SS7) to cyber attacks and how to mitigate against these vulnerabilities.

As the mobile network subscriber base exponentially increases due to some attractive offerings such as anytime anywhere accessibility, seamless roaming, inexpensive handsets with sophisticated applications, and Internet connectivity, the mobile telecommunications network has now become the primary source of communication for not only business and pleasure, but also for the many life and mission critical services. This mass popularisation of telecommunications services has resulted in a heavily loaded Signaling System number 7 (SS7) signaling network which is used in Second and Third Generations (2G and 3G) mobile networks and is needed for call control and services such as caller identity, roaming, and for sending short message servirces. SS7 signaling has enjoyed remarkable popularity for providing acceptable voice quality with negligible connection delays, pos- sibly due to its circuit-switched heritage. However, the traditional SS7 networks are expensive to lease and to expand, hence to cater for the growing signaling demand and to provide the seamless interconnectivity between the SS7 and IP networks a new suite of protocols known as Signaling Transport (SIGTRAN) has been designed to carry SS7 signaling messages over IP. Due to the intersignaling between the circuit-switched and the packet-switched networks, the mo- bile networks have now left the “walled garden”, which is a privileged, closed and isolated ecosystem under the full control of mobile carriers, using proprietary protocols and has minimal security risks due to restricted user access. Potentially, intersignaling can be exploited from the IP side to disrupt the services provided on the circuit-switched side. This study demonstrates the vulnerabilities of SS7 messages to cyber-attacks while being trans- ported over IP networks and proposes some solutions based on securing both the IP transport and SCTP layers of the SIGTRAN protocol stack

Indexing, browsing and searching of digital video

Video is a communications medium that normally brings together moving pictures with a synchronised audio track into a discrete piece or pieces of information. The size of a “piece ” of video can variously be referred to as a frame, a shot, a scene, a clip, a programme or an episode, and these are distinguished by their lengths and by their composition. We shall return to the definition of each of these in section 4 this chapter. In modern society, video is ver