General Packet Radio Service (GPRS) ARCHITECTURE A description of security features, threats and solution the threats offered by GPRS are as follows:
Integrity: Integrity is a security service that assures that data cannot be altered in an unauthorized or malicious manner.
Confidentiality: Confidentiality is the protection of data from disclosure to unauthorized third parties.
Authentication: Authentication provides assurance that a party in data communication is who or what they claim to be.
Authorization: Authorization is a security service that ensures that a party may only perform the actions that they’re allowed to perform
Availability: Availability means that data services are usable by the appropriate parties in the manner intended.
Threats
Denial of service(DOS) is the common threats in GPRS. There are many types of DOS. One of them is Domain Name Server (DNS) flood of which the DNS servers on the network can be flooded. DNS queries thereby deny users to properly locate GGSN to use as an external gateway. There is also DNS Cache poisoning whereby the attacker forge DNS queries and responses that causes the user’s APN to go to the wrong GGSN or none at all.Besides DOS, bandwidth saturation is also a threat. Attackers may be able to flood the link from the PDN to the mobile operator with network traffic which prohibiting legitimate traffic to pass.
Solution
Stateful packet inspection: it uses a security policy that only allows the MS to initiate connections to the public network and implement stateful packet filtering so that the MS never sees traffic that is initiated from the public network. Ingress and egress packet filtering whereby it helps to prevent the possibility of spoofed MS to MS data by blocking incoming traffic with the source addresses which are the same as those assigned to an MS for public network access
THE GPRS TRACKING (EXTRA INFO)
http://critis06.lcc.uma.es/files/Vulnerabilities%20and%20Possible%20Attacks%20against%20the%20GPRS%20Backbone%20Network.pdf
No comments:
Post a Comment