Figure 1: GPRS Security Model
2.1 GPRS SECURITY THREATS
There are mainly few main categories for security threats such as: Availability, Authentication & Authorization and Integrity & Confidentiality.
2.1.1 Availability
The most common type of attack on availability is a denial of service (DoS) attack. Several types of DoS attacks that are possible on the Gp interface:
- Border Gateway bandwidth saturation: Malicious operation having the ability to generate a sufficient amount of network traffic directed at a Border Gateway such that legitimate traffic is starved for bandwidth in or out of the PLMN, thus denying roaming access to or from the network.
- DNS Flood: DNS servers on the network can be flooded with either correctly or malformed DNS queries or other traffic thereby denying subscribers the ability to locate proper GGSN to use as an external gateway
2.1.2 Authentication & Authorization
It may be possible for an imposter to appear to be a legitimate subscriber when they are not.
- Spoofed Create PDP Context Request: An attacker can use their own SGSN or a compromised SGSN to send an Update PDP Context Request to an SGSN which is handling an existing GTP session. The attacker can then insert their own SGSN into the GTP session and hijack the subscriber data connection.
2.1.3 Integrity & Confidentiality
- Should an attacker be in a position to access GTP or DNS traffic, they can potentially alter it mid-stream or discover confidential subscriber information.
References:
www.brookson.com/gsm/gprs.pdf
netscreen.com/solutions/literature/white_papers/200074.pdf
ijns.femto.com.tw/contents/ijns-v6.../ijns-2008-v6-n2-p158-169.pdf
www.tml.tkk.fi/Opinnot/Tik-110.501/2000/papers/peng.pdf
http://netscreen.com/solutions/literature/white_papers/200074.pdf
References:
www.brookson.com/gsm/gprs.pdf
netscreen.com/solutions/literature/white_papers/200074.pdf
ijns.femto.com.tw/contents/ijns-v6.../ijns-2008-v6-n2-p158-169.pdf
www.tml.tkk.fi/Opinnot/Tik-110.501/2000/papers/peng.pdf
http://netscreen.com/solutions/literature/white_papers/200074.pdf
Hey XL!
ReplyDeleteI think you missed out the solutions part?
Maybe you might wanna talk about GPRS standards providing algorithms to generate session-unique encryption keys?? Securing the physical locations of these network elements.. and also, you can talk about firewalls that can be implemented at the point of entry to the GPRS network from an external network so as to prevent those threats that you have pointed out in your blog(:
Hi sn0wpig, in your diagram you showed that there are different interfaces in a GPRS system. From my research, some of the different interfaces have a few threats and solutions so maybe you can research more on those topics.
ReplyDeleteHello XL, you might want to provide some security solutions? For example, one of the it would be ingress & egress packet filtering. You can also mention more about GPRS security features as you only talk about the threats :)
ReplyDeleteHi
ReplyDeletenice post :)
I suggest u to make sure that what is the real problem of GPRS security and what will be the solution. Your explanation is nice but i think it's too detailed :)
thanks
Hey. you have miss out some parts of the research such as threats and solution. you have very good content on security feature.
ReplyDeleteSee How