IMS Security and Protection - PowerPoint PPT Presentation

About This Presentation
Title:

IMS Security and Protection

Description:

Cannot stop. Spoofed Caller IDs. Limited. signatures. May block. Good calls ... Handle voice SPAM. Sipera Systems, Proprietary & Confidential 12 ... – PowerPoint PPT presentation

Number of Views:65
Avg rating:3.0/5.0
Slides: 20
Provided by: images6
Category:

less

Transcript and Presenter's Notes

Title: IMS Security and Protection


1
IMS Security and Protection
  • Micaela GiuhatVP Product Management
  • Sipera Systemsemail micaela_at_sipera.com

2
Outline
  • Open system security
  • VoIP security requirements
  • Industry approach and strategies
  • IMS security requirements
  • IMS vulnerabilities
  • Attack examples
  • Solution
  • Summary

3
Open Systems can be attacked
Internal Web Servers
Traditional voice network is closed
system VS Internet which is open
E-mail Servers
External Web Servers
Core Network
  • Denial of Service Attacks
  • Viruses
  • SPYware
  • Blended Attacks
  • E-mail SPAM

Internet
4
The Internet Security Industry
  • Applications Protected
  • Web Apps
  • E-mail
  • Database

Internal Web Servers
E-mail Servers
Network Security Logs Correlation
SPAM Filter
IPS
External Web Servers
IDS
Firewall
Core Network
But Problems still persist
Internet
5
Enter VoIP
Internal Web Servers
  • VoIP is different
  • Real time
  • Peer-to-peer
  • Protocol rich
  • Complex state machine (several dozen states)

E-mail Servers
Network Security Logs Correlation
SPAM Filter
IPS
External Web Servers
IDS
Firewall
Core Network
Communication Servers
  • Feature rich (several hundred services)
  • Separate signaling media planes
  • Low tolerance to false positives negatives

Internet
6
Current Industry Approach
Approach is unworkable 1. Not real time 2.
Cannot handle encrypted traffic 3. Cant keep up
with new feature addition
Internal Web Servers
E-mail Servers
Network Security Logs Correlation
SPAM Filter
IPS
External Web Servers
IDS
Firewall
Core Network
Communication Servers
Current Industry thinking is to add VoIP
sensibilities to all the existing security boxes
Although nothing is actually available yet
Internet
7
Current Strategies
Security Agent
May block Good calls
  • Hard to manage
  • Will not meet performance specifications
  • Does not address multi vendor
  • Cannot keep up with new features
  • Not available yet

Protect against Windows OS vulnerabilities
Opens pinholes
ALG is vulnerable
FW/ALG
Event Correlation Remediation
VoIP Traffic analysis Signature/Anomaly
Filtering
IDS/IPS
Limited signatures
Core switch
Scrub IP DoS/DDoS Traffic
PSTN GW
Guard
Cannot stop Spoofed Caller IDs
Certs
Authentication Encryption
8
Desired Approach
Integrated, real time VoIP security solution that
comprehensively tackles all VoIP vulnerabilities,
both Enterprise Carrier
Internal Web Servers
E-mail Servers
Network Security Logs Correlation
SPAM Filter
IPS
External Web Servers
IDS
Firewall
Core Network
Communication Servers
Internet
9
Tolerance for False Negatives Email Vs Voice
10
Typical Solution vs. Desired Solution
11
Comprehensive IMS Security System
  • A Comprehensive IMS Security System must
  • Prevent unauthorized usage
  • Protect end-user privacy
  • Protect IMS infrastructure from attacks
  • Protect end-users from attacks
  • Handle voice SPAM

12
Security Aspects addressed in IMS
13
Security Aspects addressed in IMS
User Traffic Behavioral Learning
Call State Service aware
IMS/SIP/H.248/RTP/MPEG aware
Not addressed
Peer - Peer
Real time
IP Traffic
Web
Database
VoIP
IMS
IP TV
E-mail
TCP/UDP/ICMP/FTP/HTTP/SQL aware
Client - Server
Existing Internet Security Solutions
Non-Real time
Characteristics
14
IMS reference architecture
Rf
/Ro
Rf
/Ro
Charging
Charging
Sh
Sh
HSS
HSS
Functions
Functions
AS
AS
Dh
Dh
ISC
Cx
Cx
ISC
Cx
Cx
Dx
Dx
SLF
SLF
Mw
Mw
I
-
CSCF
I
-
CSCF
S
-
CSCF
S
-
CSCF
Mw
Mw
Mi
Mi
Mi
Mi
SIP
BGCF
BGCF
Mw
Mw
H.248
Mr
Mj
Mr
Mj
Mg
Mg
DIAMETER
P
-
CSCF
P
-
CSCF
MGCF
MGCF
MRFC
MRFC
Gq
PDF
Mp
Mn
Mp
Mn
PSTN
MRFP
MRFP
MRFP
MGW
GGSN
UE
UE
IP Transport (Access and Core)
IP Transport (Access and Core)
15
IMS Vulnerabilities
HSS
Apps
Chrg
  • IMS SIP enable a rich feature set of Converged
    Services .. but also open up the network to IP
    based vulnerabilities

Call Server
SIP Server
MGCF MRFC BGCF SGF
P/S/I CSCF SLF/PDF/IBCF/IWF
IMS core

MGW MRFP T-MGF
ABGF IBGF
IP-IP GW
Media Gateway
  • IMS SIP vulnerabilities include
  • OS level vulnerabilities
  • IP Layer 3 vulnerabilities
  • IMS Framework related vulnerabilities
  • SIP/RTP/H.248/etc. protocol vulnerabilities
  • VoIP/Video/PoC/etc. Application vulnerabilities
  • VoIP SPAM

16
IMS Architecture Vulnerabilities Some Examples
  • Compromised mobile phones
  • Zombie hard/soft phones
  • Modified phone with malicious intent
  • Malicious/Malformed/Spoofed signaling attacks
  • Malicious/Malformed/Spoofed media attacks
  • Spoofed IMS Emergency session attacks
  • Presence update attacks
  • Initiating Conferencing to block the network
    resources
  • UE having direct access to the IMS core network
  • Charging fraud - Signaling directly to S-CSCF to
    avoid charging
  • Misconfigured/partially configured UEs and/or
    Network elements
  • Non-GPRS access such as WLAN or BB can be
    attacked directly from the internet without a
    subscription
  • SPAM

17
IMS Application Level Attacks
Human attackers
Spammer
Spoofed Packets
  • Attack Types
  • Flood Denial of Service
  • Signaling
  • Media
  • Distributed DoS
  • Stealth DoS
  • Target individual or group of users
  • Blended attacks
  • Recruit zombies and use them to launch an attack
  • SPAM
  • SPAM over Internet Telephony (SPIT)

HSS
Apps
Chrg
Zombie attackers
SIP Server
Call Server
MGCF MRFC BGCF SGF
P/S/I CSCF SLF/PDF/IBCF/IWF
MMD core

MGW MRFP T-MGF
ABGF IBGF
IP-IP GW
Media Gateway
Both Network Subscribers can be attacked
18
IMS Vulnerability Protection System Reference
Architecture
Human attackers
HSS
Apps
Chrg
IMS Vulnerability Protection System
Call Server
SIP Server
MGCF MRFC BGCF SGF
P/S/I CSCF SLF/PDF/IBCF/IWF
Spammer
IMS core

Zombie attackers
MGW MRFP T-MGF
ABGF IBGF
IP-IP GW
Media Gateway
IMS Vulnerability Protection System is distinct
from the IMS core infrastructure
19
Attack Summary
  • An IMS network built to 3GPP or TISPAN
    specifications compliance has numerous
    vulnerabilities
  • An attack on the network could cause network-wide
    outages including bringing down HSSs, App
    Servers, SIP servers, Call Servers, Media
    Gateways and IP-IP Gateways
  • Attacks towards specific targeted individual
    users could cause them extreme annoyance and
    disrupt their service in insidious ways
  • Sipera Systems research team has identified over
    90 distinct categories of attacks
  • These attacks require hackers with varying levels
    of sophistication, but many attacks are possible
    even by so called script kiddies
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "IMS Security and Protection" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!