Assessing the security risk of attacks DoS-routing functions of the signaling system SS7 in the GSM network

The article describes the development of the methodology for assessing the security risk level of attacks of DoS routing functions of CCS7 signaling system in the GSM network. Awareness of the risk level of information security threats allows making decisions which will improve the by means of information security during both communication network operation and its testing by means of increasing the protection against the threats, which risk level is the highest one. The problem is considered relevant because of the lack of necessary security mechanisms (firewalls) as well as the development of modern non-standardized mechanisms for protection against the attacks disturbing routing of CCS7 in the GSM network. It is shown that the signaling systems CCS7 and SIP have much in common in terms of this problem. For SIP system, there are some developed techniques for ranking the security threats, which seem to be the basis for the further development of the methodology of ranking DoS threats in CCS7. The authors propose some changes to be introduced into the previously developed methodology, which is used to assess the level of the security threats to SIP signaling system, being in service in the new generation VoIP multimedia network. Distinguishing features of the operating CCS7 are taken into account. It is also important to consider the lack of their testing with simulated threats. These changes relate to the calculation of the security levels of DoS attacks and possible damages during their implementation, which are the initial parameters for the calculation of the security risk level. It does not seem to be possible to compare these three proposed methods of ranging security of DoS attacks in CCS7 (based on the theory of fuzzy sets, the analytic hierarchy process, AHP, and analysis of AHP pairs) according to their result reliability due to using different algorithms with different characteristics of the subjective expert estimates.

References

[1] Matveev V.A., Morozov A.M., Bel’fer R.A. Assessing the Risk Level of Security Threat of Fraud in the Voip Network via SIP. Elektrosvyaz’ [Telecommunications], 2014, no. 6, pp. 35-38 (in Russ.).

[2] Matveev V.A., Morozov A.M., Bel’fer R.A. Methods of Ranging Fraud and DoS Threats in the SIP, Based on the Hierarchy Analytic Methods and Pair Analysis. Elektrosvyaz’ [Telecommunications], 2014, no. 8, pp. 25-27 (in Russ.).

[3] Matveev V.A., Bel’fer R.A., Kalyuzhnyy A.M., Morozov A.M. Analysis of Dependence of Risk Level of Safety of Communication Networks on Expert Data during Calculations with the Use of a Model of the Illegible Sets. Voprosy kiberbezopasnosti [Cybersecurity], 2014, no. 2, pp. 33-39 (in Russ.).

[4] Matveev V.A., Bel’fer R.A., Kalyuzhnyy D.A., Morozov A.M. Dependence Analysis of Threat Risk Level of Fraud Security Within NGN Using Experimantal Data During Calculation by Analytic Hierarchy Process and Set Pairs Analysis. Vestn. Mosk. Gos. Tekh. Univ. im. N.E. Baumana, Priborostr. [Herald of the Bauman Moscow State Tech. Univ., Instrum. Eng.], 2014, no. 6, pp. 84-95 (in Russ.).

[5] Antonyan A.B. The New Version of the General Scheme of Creation and Development of a Russian Federal Public Mobile Radio Telephone Communication GSM. Elektrosvyaz’ [Telecommunications], 2013, no. 1, pp. 17-21 (in Russ.).

[6] Marder N.S. Elektrosvyaz’ v Rossiyskoy Federatsii [Telecommunications in the Russian Federation]. Moscow, IRIAS Publ., 2004. 96 p.

[7] Dryburgh L. Hewett J. Signaling System No. 7 (SS7/C7): Protocol, Architecture, and Services. Front Cover. Cisco Press, 2005. Computers. 696 p.

[8] Roslyakov A.V. OKS No. 7. Arkhitektura, protokoly, primenenie [Architecture, Protocols, Applications]. Moscow, Eko-Trendz Publ., 2008. 320 p.

[9] Dannavi M.N. Metod povysheniya zashchishchennosti ot ugroz narusheniya marshrutizatsii v obshchekanal’noy signalizatsii seti svyazi obshchego pol’zovaniya. Diss. kand. tekhn. nauk [A Method for Increasing Protection against Threats to Disrupt Routing in Common Channel Signaling in Public-Service Communications Network. Cand. tech. sci. diss.]. Ufa State Aviation Technical University, 2012.

[10] Gorshkov Yu.G., Bel’fer R.A. GSM Network Information Security Risk Analysis during Performing the Functions of Privacy Protection. Elektrosvyaz’ [Telecommunications], 2012, no. 3, pp. 26-28 (in Russ.).

[11] Bel’fer R.A., Gorshkov Yu.G., Dannavi M.N. Consequences of Violation of Routing of Channel Common Signalization for Functioning of Networks of General-Purpose Communication. Vestn. Mosk. Gos. Tekh. Univ. im. N.E. Baumana, Priborostr. [Herald of the Bauman Moscow State Tech. Univ., Instrum. Eng.], 2009, no. 3, pp. 95-100 (in Russ.).

[12] Bel’fer R.A., Gorshkov Yu.G., Dannavi M.N. Estimation of Reducing Consequences of Threats of Routing Violation in Shared Channel Signaling of Public Telecommunications. Vestn. Mosk. Gos. Tekh. Univ. im. N.E. Baumana, Priborostr. [Herald of the Bauman Moscow State Tech. Univ., Instrum. Eng.], 2009, no. 4, pp. 75-80 (in Russ.).

[13] Sengar H., Wijesekera D., Jajodia S. Authentication and Integrity in telecommunication Signaling Network. Engineering of Computer-Based Systems, 12th IEEE International Conference and Workshops, pp. 163-170.

[14] Yucun Yang, Weiwei He, Suili Feng. Security Analysis and Amendment of 3G Core Network Based on MTPsec, IEEE Pacific-Asia Workshop on Computational Intelligence and Industrial Application, 2008, pp. 519-523.

[15] Sengar H., Wijesekera D., Jajodia S. "MTPSec: customizable secure MTP3 tunnels in the SS7 network". Parallel and Distributed Processing Symposium, 2005. Proceedings. 19th IEEE International.

[16] ITU-T Recommendation E.408. Telecommunication Network Security Requirement, 2004.

[17] Matveev V.A., Morozov A.M. Analyzing results of tests of the functioning new generation network for vulnerability to DoS attacks. Vestn. Mosk. Gos. Tekh. Univ. im. N.E. Baumana, Priborostr. [Herald of the Bauman Moscow State Tech. Univ., Instrum. Eng.], 2013, no. 3, pp. 43-57 (in Russ.).