Presentation Material
Abstract
Ever since the public revelation of global surveillance and the exploits targeting the mobile communication backend, the general awareness of security and privacy in telecommunication industry has increased. Misusing the technical features of mobile core network technology - specifically the Signaling System 7 (SS7) - has disclosed numerous ways to locate, track and manipulate the routine cellular activities of cellphone users. In fact, the SMS-based key recovery mechanism becoming vulnerable because of the SS7 vulnerabilities.
Many mobile network operators rush to upgrade their networks to 4G/LTE from 2G and 3G, not only to improve the service, but also the security. With relatively more security and privacy features, Diameter protocol - the successor of SS7 in Long Term Evolution (LTE) networks are believed to guarantee more protection to the network itself and to the end-users. However, Diameter inherits many functionalities and traits of the SS7 network. Therefore, some attacks are also possible there e.g. location tracking in LTE by abusing the Diameter-based interconnection.
In this talk, we dig deeper into the Diameter interconnection to uncover the Denial of Service (DoS) attacks to detach targeted mobile phone users from the network and disrupt the network nodes. We first discuss the current status of interconnection or mobile telephony core network security, followed by outlining several DoS attacks against targeted users and the LTE network itself. We discuss the practicalities of such attacks with the help of live/recorded demo, network logs and wireshark traces during this talk. Our proposed solution includes improvised measures in the interconnection edge nodes, proper security configurations in LTE networks and strategies for improvising filtering policies of firewalls that defend the system from roaming abuses.
AI Generated Summarymay contain errors
Here is a summarized version of the content:
The speaker discussed the importance of protecting mobile networks from denial-of-service attacks, financial fraud risks, and netbook performance issues. They emphasized that security measures are not automatic and require effort to implement.
A question was raised about encrypting communication between mobile devices and power servers, but the speaker explained that this would not prevent attacks since authentication depends on the SIM card and home subscriber network. Even with encryption, a user’s connection can still be intercepted and compromised.
Another question concerned the use of IPSec and 3GPP certificates for secure connections. The speaker clarified that while certificate implementation is mandatory, variants for password usage are possible but outside of standard protocols.
A discussion ensued about the feasibility of launching attacks against one’s own users or those roaming on other networks. The speaker explained that operators can configure their network edge agents to block malicious messages, but this requires proper configuration and logic.
Finally, the speaker emphasized that when roaming, users are more exposed to security risks since they are in a foreign network with less protection than their home network.