Ss7 vulnerabilities and attack exposure
Yüklə 5,08 Mb. Pdf görüntüsü
|
| 3 hours:
average subscriber down-time Smart devices malfunction can lead to subscriber churn 15 Figure 16� Percentage of successful attacks, depending on the presence of a signaling traffic filtering and blocking system 0% No SMS Home Routing SMS Home Routing in place 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% 100% 67% Table 2� Installed protection tools (percentage of networks) Protection mechanisms in place 2015 2016 2017 SMS Home Routing in place 100% 67% 100% Signaling traffic filtering and blocking system in place 0% 7% 33% SMS Home Routing prevents IMSI and network configuration disclosure via SendRoutingInfoForSM� The number of successful attacks is decreased by one third in case of enabling SMS Home Routing� However, in respect of incorrect equipment configuration, actual data can be obtained in 67 percent of cases� SMS Home Routing cannot be used as a protection mechanism against other at- tacks� Moreover, it is not intended to protect a network� It is devised for correct routing of incoming SMS messages� Research results show that networks with SMS Home Routing are not more secure than others, perhaps because operators often rely solely on SMS Home Routing, neglecting additional security measures� Figure 15� Obtaining IMSI with the SendRoutingInfoForSM method, depending on the presence of SMS Home Routing (percentage of successful attacks) 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% No signaling traffic filtering and blocking system Signaling traffic filtering and blocking system in place InsertSubscriberData DeleteSubscriberData 76% 60% 100% 60% SendRoutingInfoForLCS 4% 0% AnyTimeInterrogation 4% 0% SendIMSI 23% 0% SendRoutingInfo 59% 0% ProvideSubscriberInfo 83% 0% UnstructedSS-Notify 100% 0% SS7 VULNERABILITIES AND ATTACK EXPOSURE REPORT 16 Let us compare the results of attack attempts against which signaling traffic filter- ing and blocking systems are recommended as countermeasures� Correct signaling traffic filtering reduces the risks of passing unauthorized requests� This is partly confirmed by the following diagram, which compares the possibility of each threat being implemented� It is noteworthy that there were no successful attempts to track the location of a subscriber in networks with a traffic filtering and blocking system� In 40 percent of cases, such attack attempts were successful in other networks� Traffic filtering does not ensure overall security Figure 17� Percentage of successful attacks, depending on the presence of a signaling traffic filtering and blocking system 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% 0% Network information disclosure Disclosure of subscriber information 10% 20% 30% 40% 60% 70% 80% 90% 100% 44% 0% 55% 31% Fraud 66% 37% Subscriber denial of service 75% 55% Subscriber traffic interception 72% 59% No signaling traffic filtering and blocking system Signaling traffic filtering and blocking system in place Obviously, a filtering system alone cannot protect the network thoroughly� Let us look into why this is so� All messages listed in this report are divided into three categories as defined in GSMA IR�82� 1) The first category includes messages sent solely between home network elements� 2) The second category includes messages sent from the operator home network to the visited network where the subscriber is registered� 3) The third category includes messages sent from the visited network to the home network� Yüklə 5,08 Mb. Dostları ilə paylaş:
|