Unveiling confidentiality-related vulnerabilities in an IMS-based environment

Long Term Evolution (LTE) is spreading and becoming the dominant cellular networking technology. This revolution of telecommunication network implementation methodology from its circuit-switched pattern towards a packet-switched network that resembles the ordinary packet-based networks, like Internet. Moreover, cellular network operators have adopted a new mechanism, in order to handle voice calls over the LTE network, called Voice over LTE (VoLTE), which changes how these voice calls are handled, from both user equipment and infrastructure perspectives. As a result, the VoLTE setup is controlled and performed by the Application Server (AS), using Session Initiation Protocol (SIP) and Real-time Transport Protocol (RTP), unlike the traditional call setup in previous cellular network generations. This radical shift opens up a number of new vulnerabilities that could not be previously explored especially regarding confidentiality, which this paper presents a systematic security analysis, results and solution.

[1]  Andrew Moore,et al.  Security Architecture , 2005 .

[2]  Mark Handley,et al.  SIP: Session Initiation Protocol , 1999, RFC.

[3]  Rui L. Aguiar,et al.  Usability and evaluation of a deployed 4G network prototype , 2005, Journal of Communications and Networks.

[4]  Terry Boult,et al.  Critical security review and study of DDoS attacks on LTE mobile network , 2014, 2014 IEEE Asia Pacific Conference on Wireless and Mobile.

[5]  Gilles Bertrand,et al.  The IP Multimedia Subsystem in Next Generation Networks , 2007 .

[6]  Mounir Frikha,et al.  High availability in IMS virtualized network , 2009, 2009 First International Conference on Communications and Networking.

[7]  Pablo Vidales,et al.  The IMS service platform: a solution for next-generation network operators to be more than bit pipes , 2006, IEEE Communications Magazine.

[8]  R. Pandya,et al.  Emerging mobile and personal communication systems , 1995, IEEE Commun. Mag..

[9]  Kalyani Chalamalasetty,et al.  Architecture for IMS Security to Mobile:: Focusing on Artificial Immune System and Mobile Agents Integration , 2010 .

[10]  Xinbing Wang,et al.  Insecurity of Voice Solution VoLTE in LTE Mobile Networks , 2015, CCS.

[11]  T. Magedanz,et al.  An Open IMS Testbed for exploring Wireless Service Evolution and Network Architecture Evolution towards SAE and LTE , 2007, The 2nd International Conference on Wireless Broadband and Ultra Wideband Communications (AusWireless 2007).

[12]  Prajwol Kumar Nakarmi Evaluation of VoIP Security for Mobile Devices , 2011 .

[13]  Basavaraj Patil,et al.  IPv6 in 3rd Generation Partnership Project (3GPP) Evolved Packet System (EPS) , 2012, RFC.

[14]  Luo Hong JAVA Security Architecture , 2000 .

[15]  Songwu Lu,et al.  How voice call technology poses security threats in 4G LTE networks , 2015, 2015 IEEE Conference on Communications and Network Security (CNS).

[16]  Aboubaker Lasebae,et al.  Supporting LTE Networks in Heterogeneous Environment Using the Y-Comm Framework , 2013 .