Signaling system 7 (SS7) network security

Moore, Tyler; Kosloff, T.; Keller, Jörg; Manes, Gavin; Shenoi, Sujeet

doi:10.1109/mwscas.2002.1187082

Cited by 21 publications

(12 citation statements)

References 1 publication

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Though the PSTN was a closed network, the security-free SS7 protocol stack on which it is based was of no consequence. However, by connecting the PSTN to the core network that is in turn connected to the Internet, the largest open public network, the SS7-based PSTN network has "no security left" [19].…”

Section: Security Implications Of Pstn Connectivitymentioning

confidence: 99%

Cellular Network Security

Liu

LaPorta

Kotapati

2014

Network and System Security

View full text Add to dashboard Cite

Section: Security Implications Of Pstn Connectivitymentioning

confidence: 99%

Cellular Network Security

Liu

LaPorta

Kotapati

2014

Network and System Security

View full text Add to dashboard Cite

“…Hence it is first and foremost important to protect SS7. Only for secure signaling system is it possible to realize safe communications [2] . However, 2G core network is short of access control and authentication mechanisms.…”

Section: Introductionmentioning

confidence: 99%

Security Analysis and Amendment of 3G Core Network Based on MTPsec

Yang

2008

2008 IEEE Pacific-Asia Workshop on Computational Intelligence and Industrial Application

View full text Add to dashboard Cite

Mobile core network uses Signaling System No. 7 (SS7) as its signaling system. SS7 takes charge of call setup, roaming, teardown messages, database queries and so on, and becomes the important goals of the attackers or the stealers as there is a large number of user's information, such as identity, location, and service, contained in signaling messages. The use of MTPsec at MTP3 layer in SS7 protocol stack is a good solution to provide secure protection for signaling messages in 3G core network. MTPsec consists of key exchange (KE) protocol and authentication header (AH) protocol. However, some leaks in KE protocol make the core network face serious threats. In this paper, we firstly discuss the mechanism of MTPsec, analyze the security of KE protocol, and then point out that the flaw in KE may cause "man-in-middle attack". Secondly, we propose a possible modification to prevent the MTPsec protocol from the attacks. Finally, we use BAN logic to make formal analysis on the security of the original and the modified authentication protocols in KE, respectively. It is shown that the modified protocol can offer the secure authentications between the initiator and the responder.

show abstract

“…Although many 3G attack scenarios have been identified (e.g., in [1,2,5,11,14,16,17,22,23,25,26]) and a few 3G threat taxonomies have been proposed (e.g., in [21,26,41]), prior research has not developed any systematic methodology for automatic vulnerability assessment of 3G networks.…”

mentioning

confidence: 99%

Dependency relation based vulnerability analysis of 3G networks: Can it identify unforeseen cascading attacks?

2007

View full text Add to dashboard Cite

Cascading attacks pose a new threat to the third generation (3G) wireless telecommunications network. These attacks are dangerous and difficult to detect due to their remote far-reaching effects. To automate the accurate detection of these attacks and their remote effects, we developed a telecommunication specification based toolkit called the Advanced Cellular Network Vulnerability Assessment Toolkit-aCAT. aCAT is unique due to the incorporation of 3G network specific dependency model, infection propagation rules, as well as expert knowledge. These features allow aCAT to accurately and exhaustively identify cascading attacks and their remote effects. aCAT illustrates the types of cascading attacks that may be derived from the specifications, and showcases its utility in uncovering these attacks.

show abstract

Signaling system 7 (SS7) network security

Cited by 21 publications

References 1 publication

Cellular Network Security

Cellular Network Security

Security Analysis and Amendment of 3G Core Network Based on MTPsec

Dependency relation based vulnerability analysis of 3G networks: Can it identify unforeseen cascading attacks?

Contact Info

Product

Resources

About