back

SS7map : mapping vulnerability of the international mobile roaming infrastructure

If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!

Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.

Video duration
01:00:55
Language
English
Abstract
SS7 has been shown repeatedly as an insecure protocol: spoofing, faking, crash through fuzzing, fraud. The main question of our study is to determine how this insecurity is mitigated by network operator’s action to prevent compromise on both network exposure of infrastructure and privacy compromise of subscribers. It's why we wanted to come out with SS7map.

SS7 has been shown repeatedly as an insecure protocol: spoofing, faking, crash through fuzzing, fraud. The main question of our study is to determine how this insecurity is mitigated by network operator’s action to prevent compromise on both network exposure of infrastructure and privacy compromise of subscribers.
The goal of SS7map is to provide a global overview by building the first SS7 signaling network world map revealing how vulnerable and exposed are telecom operators and their subscribers. We explain how it is possible for each mapped network to abuse legitimate signalling messages and call flows to discover and fingerprint equipment, intercept SMS messages, and perform massive location tracking of subscribers. More than pure analysis of vulnerability, this map rates and ranks the vulnerability of countries and operators showing discrepancies in the level and type of protection: SCCP screening, SS7 policing, MAP filtering, rate limiting, Network Element security configurations. We then conclude on the direction of signaling security and its current trend and development in the LTE world that shares many similar design insecurities with SS7.

SS7map website: http://ss7map.p1sec.com/

Talk ID
6531
Event:
31c3
Day
1
Room
Saal 6
Start
11 p.m.
Duration
01:00:00
Track
Security & Hacking
Type of
lecture
Speaker
Laurent Ghigonis
Alexandre De Oliveira
Talk Slug & media link
31c3_-_6531_-_en_-_saal_6_-_201412272300_-_ss7map_mapping_vulnerability_of_the_international_mobile_roaming_infrastructure_-_laurent_ghigonis_-_alexandre_de_oliveira
0.0% Checking done0.0%
0.0% Syncing done0.0%
100.0% Transcribing done100.0%
0.0% Nothing done yet0.0%
  

Work on this video on Amara!