LTE (4G) roaming operators are exchanging signalling information with each other in order for their subscribers to enable roaming services. The IPX ecosystem which contains out of LTE roaming operators and IPX providers serves that goal. The IPX network makes sure that those messages can be exchanged between LTE roaming operators. The protocol that is used in the LTE signalling exchange is the Diameter protocol, this protocol does not have any technical measures to guaranty integrity and authenticity. This gives attackers opportunities for spoofing, in particular because the Diameter response always follows exactly the same path as the request. Mitigation measures such as screening are mainly in the hands of the IPX providers, together they would be able to detect spoofing. However, as with many cyber security implementations, the assets are not with the entity providing the security measures and so do not suffer the loss in case of a cyber security problem, such as a authenticity issue.
Instead, LTE roaming operators should protect their assets themselves but due to the nature of the ecosystem end-to-end encryption which has authenticity and integrity embedded is not a realistic option: IPX providers provide a range of services to LTE roaming operators and need to inspect and sometimes manipulate Diameter traffic.
In this thesis we aim for a solution that can provide end-to-end integrity and authenticity between LTE roaming operators with the possibility of an IPX provider to do legitimate changes to the data while illegitimate changes can be detected.

 

Keywords: Diameter IPX LTE SS7 signalling

 

No pdf available.

 

 

  • A de minimis rule for personal data breach notifications...
    Master CS/Machiel Bolhuis
    >
  • A de minimis rule fo...
    Master CS/Machiel Bolhuis
    >
  • A de minimis rule for personal data breach notifications...
    Master CS/Machiel Bolhuis
    >
  • A generic approach for detecting security anomalies in I...
    Master CS/Jaap Mooij
    >
  • A generic approach f...
    Master CS/Jaap Mooij
    >
  • A generic approach for detecting security anomalies in I...
    Master CS/Jaap Mooij
    >
  • A Process Model for Phishing Prevention
    Master CS/Paulo Ribeiro do Nascimento
    >
  • A Process Model for...
    Master CS/Paulo Ribeiro do Nascimento
    >
  • A Process Model for Phishing Prevention
    Master CS/Paulo Ribeiro do Nascimento
    >
  • An improved key distribution and updating mechanism for...
    Master CS/Marcel van Leent
    >
  • An improved key dist...
    Master CS/Marcel van Leent
    >
  • An improved key distribution and updating mechanism for...
    Master CS/Marcel van Leent
    >
  • Caring for Security
    Master CS/David Willems
    >
  • Caring for Security
    Master CS/David Willems
    >
  • Caring for Security
    Master CS/David Willems
    >
  • Cyber Confidence-Building Measures
    Master CS/Kraesten Arnold
    >
  • Cyber Confidence-Bui...
    Master CS/Kraesten Arnold
    >
  • Cyber Confidence-Building Measures
    Master CS/Kraesten Arnold
    >
  • Cyber Threat Intelligence
    Master CS/Daan Planqué
    >
  • Cyber Threat Intelli...
    Master CS/Daan Planqué
    >
  • Cyber Threat Intelligence
    Master CS/Daan Planqué
    >
  • Essence of Encryption
    Master CS/Jeroen Veen
    >
  • Essence of Encryptio...
    Master CS/Jeroen Veen
    >
  • Essence of Encryption
    Master CS/Jeroen Veen
    >
  • Guaranteeing authenticity and integrity in signalling ex...
    Master CS/Ewout Pronk
    >
  • Guaranteeing authent...
    Master CS/Ewout Pronk
    >
  • Guaranteeing authenticity and integrity in signalling ex...
    Master CS/Ewout Pronk
    >
  • How to bring HTTPS to the masses?
    Master CS/Maarten Aertsen
    >
  • How to bring HTTPS t...
    Master CS/Maarten Aertsen
    >
  • How to bring HTTPS to the masses?
    Master CS/Maarten Aertsen
    >
  • Multi actor roadmap to improve cyber security of consume...
    Master CS/Herbert Leenstra
    >
  • Multi actor roadmap...
    Master CS/Herbert Leenstra
    >
  • Multi actor roadmap to improve cyber security of consume...
    Master CS/Herbert Leenstra
    >
  • Payment Services Directive 2
    Master CS/Stephan Hellmann
    >
  • Payment Services Dir...
    Master CS/Stephan Hellmann
    >
  • Payment Services Directive 2
    Master CS/Stephan Hellmann
    >
  • Policy strategies for VPN for consumers in the Netherlan...
    Master CS/Nelly Ghaoui
    >
  • Policy strategies fo...
    Master CS/Nelly Ghaoui
    >
  • Policy strategies for VPN for consumers in the Netherlan...
    Master CS/Nelly Ghaoui
    >
  • SDN South-bound Interface Attack Mitigation
    Master CS/Lucio Jankok
    >
  • SDN South-bound Inte...
    Master CS/Lucio Jankok
    >
  • SDN South-bound Interface Attack Mitigation
    Master CS/Lucio Jankok
    >
  • Targeted attacks and the human vulnerability
    Master CS/Derk-Jan van Mourik
    >
  • Targeted attacks and...
    Master CS/Derk-Jan van Mourik
    >
  • Targeted attacks and the human vulnerability
    Master CS/Derk-Jan van Mourik
    >
  • The implementation of the Dutch Cabinet’s policy on data...
    Master CS/Carlo Koch
    >
  • The implementation o...
    Master CS/Carlo Koch
    >
  • The implementation of the Dutch Cabinet’s policy on data...
    Master CS/Carlo Koch
    >
  • The influence of Dark Web on border control
    Master CS/Edwin Noordzij
    >
  • The influence of Dar...
    Master CS/Edwin Noordzij
    >
  • The influence of Dark Web on border control
    Master CS/Edwin Noordzij
    >

This website uses cookies to ensure you get the best experience on our website. By continuing to browse the site, you are agreeing to our use of cookies.. More info

 

I AGREE