Security for telecommunications networks

cover image

Where to find it

Information & Library Science Library

Call Number
TK5102.85 .T73 2008
Status
Available

Summary

This book responds to the growing need to secure critical infrastructure by creating a starting place for new researchers in secure telecommunications networks. It is the first book to discuss securing current and next generation telecommunications networks by the security community. The book not only discusses emerging threats and systems vulnerability, but also presents the open questions posed by network evolution and defense mechanisms. It is designed for professionals and researchers in telecommunications. The book is also recommended as a secondary text for graduate-level students in computer science and electrical engineering.

Contents

  • 1 Introduction p. 1
  • 1.1 Telecommunications Networks p. 2
  • 1.2 Network Convergence and Security p. 3
  • 1.3 Outline of this Book p. 4
  • 1.4 Audience p. 5
  • 1.5 Other Sources of Information p. 6
  • Part I Network Architecture
  • 2 Security p. 9
  • 2.1 Overview p. 9
  • 2.1.1 What is security? p. 9
  • 2.1.2 Basic Terminology p. 10
  • 2.1.3 Attacks p. 11
  • 2.1.4 Trust p. 11
  • 2.2 Services and Tools p. 12
  • 2.2.1 Cryptography p. 12
  • 2.2.2 Authentication and Authorization p. 15
  • 2.2.3 Certificates and PKI p. 16
  • 2.3 Network Security p. 16
  • 2.3.1 IPsec p. 16
  • 2.3.2 SSL/TLS p. 18
  • 2.3.3 Firewalls p. 19
  • 2.3.4 Intrusion and Anomaly Detection p. 20
  • 2.4 Summary p. 22
  • 3 Cellular Architecture p. 23
  • 3.1 History of Cellular Telephony p. 24
  • 3.2 Cellular Voice Networks p. 26
  • 3.2.1 Voice Network Elements p. 26
  • 3.2.2 Home Location Register p. 27
  • 3.2.3 Mobile Switching Center/Visiting Location Register p. 29
  • 3.2.4 Base Station Subsystem p. 29
  • 3.3 Cellular Data Networks p. 30
  • 3.3.1 Data Network Elements p. 30
  • 3.3.2 Gateway GPRS Support Node p. 31
  • 3.3.3 Serving GPRS Support Node p. 32
  • 3.4 Signaling Network and Protocols p. 33
  • 3.4.1 Common Channel Signaling Network p. 34
  • 3.4.2 Message Transfer Part p. 34
  • 3.4.3 Signaling Connection Control Part p. 35
  • 3.4.4 Transaction Capabilities Application Part p. 36
  • 3.4.5 Mobile Application Part p. 36
  • 3.4.6 ISDN User Part p. 36
  • 3.5 Wireless Network p. 36
  • 3.5.1 Wireless Access Techniques p. 37
  • 3.5.2 Frequency Issues p. 39
  • 3.5.3 Voice Encoding p. 43
  • 3.5.4 Summary of Procedures p. 45
  • 3.6 Registration and Call Setup Procedures p. 46
  • 3.7 Core Network Security p. 48
  • 3.8 Air Interface Security p. 49
  • 3.9 Summary p. 51
  • Part II Vulnerability Analysis
  • 4 Vulnerabilities in the Telephony p. 55
  • 4.1 Weak Cryptographic Algorithms p. 55
  • 4.2 Vulnerabilities in the Network Core p. 58
  • 4.3 Wireless Eavesdropping p. 60
  • 4.4 Jamming p. 61
  • 4.5 Use Tracking and Privacy p. 62
  • 4.6 Overload p. 62
  • 4.7 Malware p. 63
  • 5 Vulnerabilities in the Short Messaging Service (SMS) p. 65
  • 5.1 History and Description p. 66
  • 5.2 Delivering Messages p. 66
  • 5.2.1 Submitting a Message p. 66
  • 5.2.2 Routing a Message p. 67
  • 5.2.3 Wireless Delivery p. 68
  • 5.3 Identifying System Bottlenecks p. 69
  • 5.3.1 Queue Management p. 70
  • 5.3.2 Message Injection p. 71
  • 5.4 Efficient Device Targeting p. 72
  • 5.4.1 NPA/NXX p. 73
  • 5.4.2 Web Scraping p. 73
  • 5.4.3 Testing Phone "Liveness" p. 74
  • 5.4.4 Additional Collection Methods p. 75
  • 5.5 Modeling Denial of Service p. 76
  • 5.5.1 Attacking Individuals p. 76
  • 5.5.2 Metropolitan Area Service p. 77
  • 5.5.3 Regional Service p. 81
  • 5.6 Network Characterization p. 82
  • 5.7 Attack Characterization p. 85
  • 5.8 Current Solutions p. 87
  • 5.9 Queue Management p. 89
  • 5.9.1 Weighted Fair Queuing p. 89
  • 5.9.2 Weighted Random Early Detection p. 92
  • 5.9.3 Summary p. 96
  • 5.10 Resource Provisioning p. 96
  • 5.10.1 Strict Resource Provisioning p. 97
  • 5.10.2 Dynamic Resource Provisioning p. 100
  • 5.10.3 Direct Channel Allocation p. 102
  • 5.10.4 Summary p. 105
  • 5.11 Combining Mechanisms p. 105
  • 5.12 Summary p. 107
  • 6 Vulnerabilities in Cellular Data Networks p. 109
  • 6.1 History and Description p. 110
  • 6.2 Delivering Packets from the Internet p. 111
  • 6.2.1 Device Registration p. 111
  • 6.2.2 Submitting Packets p. 112
  • 6.2.3 Routing Packets p. 112
  • 6.2.4 Wireless Delivery p. 113
  • 6.3 Packet Multiplexing p. 115
  • 6.4 Exploiting Cellular Data Services p. 116
  • 6.4.1 Determining Network Settings p. 116
  • 6.4.2 Exploiting Teardown Mechanisms p. 117
  • 6.4.3 Exploiting Setup Mechanisms p. 121
  • 6.5 Conflicts in Network Design p. 124
  • 6.6 Efficient Mitigation of Data Network Vulnerabilities p. 129
  • 6.7 Summary p. 130
  • 7 Vulnerabilities in Voice over IP p. 133
  • 7.1 History and Description p. 134
  • 7.2 Session Initiation Protocol p. 135
  • 7.2.1 Architecture p. 135
  • 7.2.2 SIP Messages p. 136
  • 7.2.3 Making Phone Calls p. 139
  • 7.3 IP-Multimedia Subsystem Network p. 140
  • 7.3.1 IMS Architecture p. 140
  • 7.3.2 Making Phone Calls p. 141
  • 7.4 IMS Versus Pure Internet Telephony p. 141
  • 7.5 Wireless Issues p. 142
  • 7.6 Security Issues p. 144
  • 7.6.1 Current Solutions p. 145
  • 7.6.2 Analysis of Emerging Vulnerabilities p. 148
  • 7.7 Building Secure IP Telephony Networks p. 152
  • 7.8 Summary p. 153
  • Part III Future Analyses
  • 8 Future Directions and Challenges p. 157
  • 8.1 Denial of Service Attacks p. 157
  • 8.1.1 Logical vs Flooding Attacks p. 157
  • 8.1.2 Problems in "Controlled" Networks p. 158
  • 8.2 End-To-End Arguments and Security p. 159
  • 8.3 The Future of Rigid Systems p. 160
  • 8.4 Moving Forward p. 161
  • Glossary p. 163
  • References p. 167
  • Index p. 179

Other details