Mobile Subscriber Profile Data Privacy Breach via 4G Diameter Interconnection

The interconnection network (IPX) connects telecommunication networks with each other on the globe. The IPX network enables features like voice and data roaming with your mobile device while traveling. Designed as a closed network it is now opening and unauthorized entities now misuse the IPX networ...

Full description

Saved in:
Bibliographic Details
Published inJournal of ICT Standardization Vol. 6; no. 3; p. 245
Main Authors Holtmanns, Silke, Oliver, Ian, Miche, Yoan
Format Journal Article
LanguageEnglish
Published Tokyo River Publishers 01.01.2018
Subjects
Communication
Interfaces
Privacy
Protocol
Signalling systems
Social networks
Text messaging
Online AccessGet full text

Cover

More Information
Summary:The interconnection network (IPX) connects telecommunication networks with each other on the globe. The IPX network enables features like voice and data roaming with your mobile device while traveling. Designed as a closed network it is now opening and unauthorized entities now misuse the IPX network for their purposes. The majority of the IPX still runs the Signalling System No 7 (SS7) protocol stack, while the more technically advanced operators roll out and deploy Diameter based LTE roaming. SS7 is known to suffer from many attacks. The first attacks using the Diameter protocol appeared. We will show how an attacker can breach the subscriber’s privacy by deducting the subscriber profile from the Home Subscriber Service (HSS) and use the obtained information. The subscriber profile contains all key information related to the users’ subscription e.g. location, billing information, MSISDN etc. We will close with a recommendation how to prevent such an attack.
ISSN:2245-800X
2246-0853
DOI:10.13052/jicts2245-800X.634