Securing IMS against novel threats

  • Authors:

  • Stefan Wahl;Konrad Rieck;Pavel Laskov;Peter Domschitz;Klaus-Robert Müller

  • Affiliations:

  • Bell Labs Germany;Technical University, Berlin and Research associate, Fraunhofer Institute FIRST department of Intelligent Data Analysis (IDA), Berlin, Germany;Fraunhofer Institute FIRST department of Intelligent Data Analysis;Bell Labs Service Infrastructure Research Department, Stuttgart, Germany;Machine Learning department, Technical University Berlin

  • Venue:
  • Bell Labs Technical Journal - General Papers
  • Year:
  • 2009

Quantified Score

Hi-index 0.00

Visualization

Abstract

Fixed mobile convergence (FMC) based on the 3GPP IP Multimedia Subsystem (IMS) is considered one of the most important communication technologies of this decade. Yet this all-IP-based network technology brings about the growing danger of security vulnerabilities in communication and data services. Protecting IMS infrastructure servers against malicious exploits poses a major challenge due to the huge number of systems that may be affected. We approach this problem by proposing an architecture for an autonomous and self-sufficient monitoring and protection system for devices and infrastructure inspired by network intrusion detection techniques. The crucial feature of our system is a signature-less detection of abnormal events and zero-day attacks. These attacks may be hidden in a single message or spread across a sequence of messages. Anomalies identified at any of the network domain's ingresses can be further analyzed for discriminative patterns that can be immediately distributed to all edge nodes in the network domain. © 2009 Alcatel-Lucent.