TY - JOUR
T1 - SS7 Vulnerabilities - A Survey and Implementation of Machine Learning vs Rule Based Filtering for Detection of SS7 Network Attacks
AU - Ullah, Kaleem
AU - Rashid, Imran
AU - Afzal, Hammad
AU - Iqbal, Mian Muhammad Waseem
AU - Bangash, Yawar Abbas
AU - Abbas, Haider
N1 - Publisher Copyright:
© 1998-2012 IEEE.
PY - 2020/4/1
Y1 - 2020/4/1
N2 - The Signalling System No. 7 (SS7) is used in GSM/UMTS telecommunication technologies for signalling and management of communication. It was designed on the concept of private boundary walled technology having mutual trust between few national/multinational operators with no inherent security controls in 1970s. Deregulation, expansion, and merger of telecommunication technology with data networks have vanquished the concept of boundary walls hence increasing the number of service providers, entry points, and interfaces to the SS7 network, which made it vulnerable to serious attacks. The SS7 exploits can be used by attackers to intercept messages, track a subscriber's location, tape/redirect calls, adversely affect disaster relief operations, drain funds of individuals from banks in combination with other methods and send billions of spam messages. This paper provides a comprehensive review of the SS7 attacks with detailed methods to execute attacks, methods to enter the SS7 core network, and recommends safeguards against the SS7 attacks. It also provides a machine learning based framework to detect anomalies in the SS7 network which is compared with rule based filtering. It further presents a conceptual model for the defense of network.
AB - The Signalling System No. 7 (SS7) is used in GSM/UMTS telecommunication technologies for signalling and management of communication. It was designed on the concept of private boundary walled technology having mutual trust between few national/multinational operators with no inherent security controls in 1970s. Deregulation, expansion, and merger of telecommunication technology with data networks have vanquished the concept of boundary walls hence increasing the number of service providers, entry points, and interfaces to the SS7 network, which made it vulnerable to serious attacks. The SS7 exploits can be used by attackers to intercept messages, track a subscriber's location, tape/redirect calls, adversely affect disaster relief operations, drain funds of individuals from banks in combination with other methods and send billions of spam messages. This paper provides a comprehensive review of the SS7 attacks with detailed methods to execute attacks, methods to enter the SS7 core network, and recommends safeguards against the SS7 attacks. It also provides a machine learning based framework to detect anomalies in the SS7 network which is compared with rule based filtering. It further presents a conceptual model for the defense of network.
KW - SMS fraud
KW - SMS interception
KW - SS7 attacks
KW - SS7 vulnerabilities
KW - call interception
KW - machine learning
KW - rule based filtering
KW - tracking mobile subscribers
UR - http://www.scopus.com/inward/record.url?scp=85083454889&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85083454889&partnerID=8YFLogxK
U2 - 10.1109/COMST.2020.2971757
DO - 10.1109/COMST.2020.2971757
M3 - Article
AN - SCOPUS:85083454889
SN - 1553-877X
VL - 22
SP - 1337
EP - 1371
JO - IEEE Communications Surveys and Tutorials
JF - IEEE Communications Surveys and Tutorials
IS - 2
M1 - 8984216
ER -