Mobile network, as a key infrastructure used to perform communication in daily life, is based on the signaling system (SS7 Protocol stack) which dates back to the 1970s. During that time, SS7 was designed as a strong ‘walled garden’ to which unauthorized access was impossible.
After developing the SIGTRAN protocol as an extension of SS7 in the early 21st century, the vulnerabilities of SS7 remained in the new structure and it was a perfect opportunity for intruders to attack mobile networks.
As a result, just by pretending to be a telecom node and manipulating packets, and using especially malicious packets, attackers can delude core network nodes such as HLR and VLR to obtain subscribers’ information. This first simple step will be the preface of other hazardous attacks like call eavesdropping, blocking incoming calls and SMSs, manipulating subscribers’ billing, etc.
As the ‘garden walls’ are cracked by these kinds of attacks, mobile operators urgently need to equip themselves with powerful signaling firewalls. These solutions should be able to detect and block any malicious packet before entering the network. Also, they should be capable of recognizing fake nodes that are impersonating real nodes in the network.
Based on over 15-years-experience in deploying telecom managed services, PeykAsa enables operators to detect all these kinds of attacks and prevent their customers from being affected. PA-Signaling Firewall is a high-performance intelligent solution which topographically is a transparent node at the border of the network to handle any type of incoming signaling packets. PA-Signaling Firewall provides a reliable platform for operators to deliver their services with a high level of security to their users and gain more brand reputation among their competitors. Being designed based on the IR.82 GSMA guideline, it can analyze Signaling Connection Control Part (SCCP), Transaction Capabilities Application Part (TCAP), and Mobile Application Part (MAP) packets including MAP (category 1, category 2, and category 3) as well as CAP (category 2 and category 3) packets to detect malicious activities such as:
- Packet Flooding
- Premium Content Attacks
- Subscribers’ Call and Message Cessation
- Subscribers’ Call and Message Eavesdropping
- Grey Route
- Obtaining Subscribers’ IMSI (Home Routing)
- Disclosure Operator’s Local Point Code
- Updating the Subscribers’ Location
- Canceling the Subscribers’ Location
PA- Signaling Firewall guarantees:
- Revenue assurance optimization and reputation Protection
- Fast and easy deployment into the network
- Full scope control on the network traffic
- Scalable, flexible, and modular architecture with the capability of implementing new services
- Detection and prevention of critical attacks: Tracking, Interception, Denial of Service (DoS), Fraud, Spamming
- Intelligent policy management
- Full control per network/protocol
- Fine-grained filtering
- Detailed reporting and alerting of issues
- Plug-in based architecture which enables new modules to be quickly deployed in response to newly arising threats
- Protection of network/subscribers’ information
- Verifying subscriber’s location for outbound roamers
- High precision in recognizing impersonating nodes in other networks
- Blocking and logging various MAP messages based on predefined values
- Blocking unauthorized traffic received from other networks
- Hiding subscribers’ information from other networks
- Protecting the network against DoS attacks
- Applying advanced and customizable filters on traffic