Internet security meets the IP multimedia subsystem: an overview
Identifieur interne : 000438 ( Main/Exploration ); précédent : 000437; suivant : 000439Internet security meets the IP multimedia subsystem: an overview
Auteurs : Andreas Berger [Autriche] ; Ivan Gojmerac [Autriche] ; Oliver Jung [Autriche]Source :
- Security and Communication Networks [ 1939-0114 ] ; 2010-03.
English descriptors
- KwdEn :
- Teeft :
- 3gpp, Access network, Adequate protection, Algorithm, Anomaly, Anomaly detection, Anomaly detection systems, Anomaly detection techniques, Arbor networks, Attack systems, Attack tools, Authentication, Availability requirements, Basic idea, Basic problems, Botnet, Botnet clients, Business partners, Caller, Cisco, Comm, Communications security, Complex network, Comprehensive overview, Computer networks, Control server, Copyright, Core components, Core functionalities, Core infrastructure, Core network, Corporate networks, Countermeasure, Ddos, Ddos attacks, Deployment, Detection, Detection mechanisms, Detection rate, Devastating effects, Direct marketing association, Encryption, European telecommunications standards institute, False alarm rate, False alarms, Fragile nature, Functionality, Fundamental idea, General idea, Gojmerac, Hash functions, High availability, High number, Home network, Http, Human interaction, Human operator, Identity management, Idses, Ieee, Ieee computer society, Ieee symposium, Implementation attacks, Implementation weaknesses, Infrastructure, Injection attacks, Interface, International conference, International symposium, Internet, Internet protocol, Internet security, Internet services, Internet technology, Internet telephony, Internet world, Intrusion, Intrusion attempts, Intrusion detection, Intrusion detection systems, Ipsec connection, John wiley sons, Jung, Large number, Large variety, Last section, Last years, Maintenance efforts, Malformed messages, Malicious, Malicious behavior, Malicious software, Many alarms, Many ways, Mitm attacks, Mobile networks, Module, Multimedia, Multimedia spam, Multimedia subsystem, Name resolution, Network, Network infrastructure, Network layers, Network perimeter, Next generation, Next generation networks, Next section, Nids, Ooding, Ooding attack, Ooding attacks, Open internet, Osborne media, Other hand, Overview, Personal computers, Potential vulnerabilities, Presence spam, Prevention system, Processing power, Protocol, Protocol scrubbing, Provider, Pstn, Realtime performance, Recent advances, Recent report, Reputation systems, Research projects, Response rate, Same time, Scenario, Secret keys, Security architecture, Security aspects, Security challenges, Security comm, Security engineering, Security features, Security issues, Security mechanisms, Security monitoring, Security problems, Security solution, Security threats, Serious effects, Server, Service platform, Service provider, Service providers, Session description protocol, Session initiation protocol, Session mobility, Short development cycles, Short introduction, Sigcomm computer communication review, Sigcomm computer communications review, Signature detection, Single entity, Single services, Small number, Software, Spam, Spammer, Standardization, Standardization bodies, Standardization process, State information, Subsystem, Such attacks, Such systems, Support vector machines, Technical report, Telecommunication, Telecommunication core networks, Telecommunication network, Telecommunication networks, Telecommunication operators, Telephony, Third generation partnership project, Tispan, Transition phase, Turing test, Unsolicited, Unsolicited communication, Usenix association, Usenix security symposium, User, User authentication, User equipment, User identities, User information, User privacy, Voip, Voip defender, Voip security workshop, Wiley, York city.
Abstract
In this paper, we discuss the security threats of next‐generation telecommunication core networks induced by the adoption of Internet technology. The 3GPP IP multimedia subsystem (IMS) is based on the Internet protocol (IP) and hence inherits many security problems from the Internet world. We provide a review of the most prominent vulnerabilities, covering both fundamental functions like routing and name resolution as well as message tampering and implementation attacks, and we show their impact on the IMS. Further, we address the topics of denial of service (DoS) attacks and unsolicited communication (UC). Despite the large number of security threats, the IMS standardization foresees no security monitoring and fully relies on standard countermeasures as known from the Internet. This paper provides a survey of these threats and relates them to the available solutions. We motivate the need for a powerful and modular monitoring platform for the IMS and provide an overview of the existing work in this research field. Copyright © 2009 John Wiley & Sons, Ltd.
The IP Multimedia Subsystem is a powerful signalling and service platform for next‐generation networks. The entire system is based on the Internet protocol and consequently inherits many of its security problems. Therefore, trusted operation of such a platform requires a multifaceted evaluation of the induced security threats and the available countermeasures.
Url:
DOI: 10.1002/sec.142
Affiliations:
Links toward previous steps (curation, corpus...)
- to stream Istex, to step Corpus: 000D54
- to stream Istex, to step Curation: 000C88
- to stream Istex, to step Checkpoint: 000291
- to stream Main, to step Merge: 000438
- to stream Main, to step Curation: 000438
Le document en format XML
<record><TEI wicri:istexFullTextTei="biblStruct"><teiHeader><fileDesc><titleStmt><title xml:lang="en">Internet security meets the IP multimedia subsystem: an overview</title><author><name sortKey="Berger, Andreas" sort="Berger, Andreas" uniqKey="Berger A" first="Andreas" last="Berger">Andreas Berger</name></author><author><name sortKey="Gojmerac, Ivan" sort="Gojmerac, Ivan" uniqKey="Gojmerac I" first="Ivan" last="Gojmerac">Ivan Gojmerac</name></author><author><name sortKey="Jung, Oliver" sort="Jung, Oliver" uniqKey="Jung O" first="Oliver" last="Jung">Oliver Jung</name></author></titleStmt><publicationStmt><idno type="wicri:source">ISTEX</idno><idno type="RBID">ISTEX:8230B5765252080846F0FF6CD97E88D28AFF49F4</idno><date when="2010" year="2010">2010</date><idno type="doi">10.1002/sec.142</idno><idno type="url">https://api.istex.fr/document/8230B5765252080846F0FF6CD97E88D28AFF49F4/fulltext/pdf</idno><idno type="wicri:Area/Istex/Corpus">000D54</idno><idno type="wicri:explorRef" wicri:stream="Istex" wicri:step="Corpus" wicri:corpus="ISTEX">000D54</idno><idno type="wicri:Area/Istex/Curation">000C88</idno><idno type="wicri:Area/Istex/Checkpoint">000291</idno><idno type="wicri:explorRef" wicri:stream="Istex" wicri:step="Checkpoint">000291</idno><idno type="wicri:doubleKey">1939-0114:2010:Berger A:internet:security:meets</idno><idno type="wicri:Area/Main/Merge">000438</idno><idno type="wicri:Area/Main/Curation">000438</idno><idno type="wicri:Area/Main/Exploration">000438</idno></publicationStmt><sourceDesc><biblStruct><analytic><title level="a" type="main" xml:lang="en">Internet security meets the IP multimedia subsystem: an overview</title><author><name sortKey="Berger, Andreas" sort="Berger, Andreas" uniqKey="Berger A" first="Andreas" last="Berger">Andreas Berger</name><affiliation wicri:level="3"><country xml:lang="fr">Autriche</country><wicri:regionArea>Telecommunications Research Center Vienna (ftw.), Vienna</wicri:regionArea><placeName><settlement type="city">Vienne (Autriche)</settlement><region nuts="2" type="province">Vienne (Autriche)</region></placeName></affiliation><affiliation wicri:level="3"><country xml:lang="fr">Autriche</country><wicri:regionArea>Telecommunications Research Center Vienna (ftw.), Donau‐City‐Str. 1, 1220 Vienna</wicri:regionArea><placeName><region type="land" nuts="2">Vienne (Autriche)</region><settlement type="city">Vienne (Autriche)</settlement></placeName></affiliation></author><author><name sortKey="Gojmerac, Ivan" sort="Gojmerac, Ivan" uniqKey="Gojmerac I" first="Ivan" last="Gojmerac">Ivan Gojmerac</name><affiliation wicri:level="3"><country xml:lang="fr">Autriche</country><wicri:regionArea>Telecommunications Research Center Vienna (ftw.), Vienna</wicri:regionArea><placeName><settlement type="city">Vienne (Autriche)</settlement><region nuts="2" type="province">Vienne (Autriche)</region></placeName></affiliation></author><author><name sortKey="Jung, Oliver" sort="Jung, Oliver" uniqKey="Jung O" first="Oliver" last="Jung">Oliver Jung</name><affiliation wicri:level="3"><country xml:lang="fr">Autriche</country><wicri:regionArea>Telecommunications Research Center Vienna (ftw.), Vienna</wicri:regionArea><placeName><settlement type="city">Vienne (Autriche)</settlement><region nuts="2" type="province">Vienne (Autriche)</region></placeName></affiliation></author></analytic><monogr></monogr><series><title level="j">Security and Communication Networks</title><title level="j" type="abbrev">Security Comm. Networks</title><idno type="ISSN">1939-0114</idno><idno type="eISSN">1939-0122</idno><imprint><publisher>John Wiley & Sons, Ltd.</publisher><pubPlace>Chichester, UK</pubPlace><date type="published" when="2010-03">2010-03</date><biblScope unit="volume">3</biblScope><biblScope unit="issue">2‐3</biblScope><biblScope unit="page" from="185">185</biblScope><biblScope unit="page" to="206">206</biblScope></imprint><idno type="ISSN">1939-0114</idno></series><idno type="istex">8230B5765252080846F0FF6CD97E88D28AFF49F4</idno><idno type="DOI">10.1002/sec.142</idno><idno type="ArticleID">SEC142</idno></biblStruct></sourceDesc><seriesStmt><idno type="ISSN">1939-0114</idno></seriesStmt></fileDesc><profileDesc><textClass><keywords scheme="KwdEn" xml:lang="en"><term>DoS</term><term>IDS</term><term>IMS</term><term>NGN</term><term>QoS</term><term>SIP</term><term>SPIT/SPAM</term><term>Web 2.0</term><term>botnets</term><term>implementation attacks</term><term>penetration testing</term></keywords><keywords scheme="Teeft" xml:lang="en"><term>3gpp</term><term>Access network</term><term>Adequate protection</term><term>Algorithm</term><term>Anomaly</term><term>Anomaly detection</term><term>Anomaly detection systems</term><term>Anomaly detection techniques</term><term>Arbor networks</term><term>Attack systems</term><term>Attack tools</term><term>Authentication</term><term>Availability requirements</term><term>Basic idea</term><term>Basic problems</term><term>Botnet</term><term>Botnet clients</term><term>Business partners</term><term>Caller</term><term>Cisco</term><term>Comm</term><term>Communications security</term><term>Complex network</term><term>Comprehensive overview</term><term>Computer networks</term><term>Control server</term><term>Copyright</term><term>Core components</term><term>Core functionalities</term><term>Core infrastructure</term><term>Core network</term><term>Corporate networks</term><term>Countermeasure</term><term>Ddos</term><term>Ddos attacks</term><term>Deployment</term><term>Detection</term><term>Detection mechanisms</term><term>Detection rate</term><term>Devastating effects</term><term>Direct marketing association</term><term>Encryption</term><term>European telecommunications standards institute</term><term>False alarm rate</term><term>False alarms</term><term>Fragile nature</term><term>Functionality</term><term>Fundamental idea</term><term>General idea</term><term>Gojmerac</term><term>Hash functions</term><term>High availability</term><term>High number</term><term>Home network</term><term>Http</term><term>Human interaction</term><term>Human operator</term><term>Identity management</term><term>Idses</term><term>Ieee</term><term>Ieee computer society</term><term>Ieee symposium</term><term>Implementation attacks</term><term>Implementation weaknesses</term><term>Infrastructure</term><term>Injection attacks</term><term>Interface</term><term>International conference</term><term>International symposium</term><term>Internet</term><term>Internet protocol</term><term>Internet security</term><term>Internet services</term><term>Internet technology</term><term>Internet telephony</term><term>Internet world</term><term>Intrusion</term><term>Intrusion attempts</term><term>Intrusion detection</term><term>Intrusion detection systems</term><term>Ipsec connection</term><term>John wiley sons</term><term>Jung</term><term>Large number</term><term>Large variety</term><term>Last section</term><term>Last years</term><term>Maintenance efforts</term><term>Malformed messages</term><term>Malicious</term><term>Malicious behavior</term><term>Malicious software</term><term>Many alarms</term><term>Many ways</term><term>Mitm attacks</term><term>Mobile networks</term><term>Module</term><term>Multimedia</term><term>Multimedia spam</term><term>Multimedia subsystem</term><term>Name resolution</term><term>Network</term><term>Network infrastructure</term><term>Network layers</term><term>Network perimeter</term><term>Next generation</term><term>Next generation networks</term><term>Next section</term><term>Nids</term><term>Ooding</term><term>Ooding attack</term><term>Ooding attacks</term><term>Open internet</term><term>Osborne media</term><term>Other hand</term><term>Overview</term><term>Personal computers</term><term>Potential vulnerabilities</term><term>Presence spam</term><term>Prevention system</term><term>Processing power</term><term>Protocol</term><term>Protocol scrubbing</term><term>Provider</term><term>Pstn</term><term>Realtime performance</term><term>Recent advances</term><term>Recent report</term><term>Reputation systems</term><term>Research projects</term><term>Response rate</term><term>Same time</term><term>Scenario</term><term>Secret keys</term><term>Security architecture</term><term>Security aspects</term><term>Security challenges</term><term>Security comm</term><term>Security engineering</term><term>Security features</term><term>Security issues</term><term>Security mechanisms</term><term>Security monitoring</term><term>Security problems</term><term>Security solution</term><term>Security threats</term><term>Serious effects</term><term>Server</term><term>Service platform</term><term>Service provider</term><term>Service providers</term><term>Session description protocol</term><term>Session initiation protocol</term><term>Session mobility</term><term>Short development cycles</term><term>Short introduction</term><term>Sigcomm computer communication review</term><term>Sigcomm computer communications review</term><term>Signature detection</term><term>Single entity</term><term>Single services</term><term>Small number</term><term>Software</term><term>Spam</term><term>Spammer</term><term>Standardization</term><term>Standardization bodies</term><term>Standardization process</term><term>State information</term><term>Subsystem</term><term>Such attacks</term><term>Such systems</term><term>Support vector machines</term><term>Technical report</term><term>Telecommunication</term><term>Telecommunication core networks</term><term>Telecommunication network</term><term>Telecommunication networks</term><term>Telecommunication operators</term><term>Telephony</term><term>Third generation partnership project</term><term>Tispan</term><term>Transition phase</term><term>Turing test</term><term>Unsolicited</term><term>Unsolicited communication</term><term>Usenix association</term><term>Usenix security symposium</term><term>User</term><term>User authentication</term><term>User equipment</term><term>User identities</term><term>User information</term><term>User privacy</term><term>Voip</term><term>Voip defender</term><term>Voip security workshop</term><term>Wiley</term><term>York city</term></keywords></textClass><langUsage><language ident="en">en</language></langUsage></profileDesc></teiHeader><front><div type="abstract" xml:lang="en">In this paper, we discuss the security threats of next‐generation telecommunication core networks induced by the adoption of Internet technology. The 3GPP IP multimedia subsystem (IMS) is based on the Internet protocol (IP) and hence inherits many security problems from the Internet world. We provide a review of the most prominent vulnerabilities, covering both fundamental functions like routing and name resolution as well as message tampering and implementation attacks, and we show their impact on the IMS. Further, we address the topics of denial of service (DoS) attacks and unsolicited communication (UC). Despite the large number of security threats, the IMS standardization foresees no security monitoring and fully relies on standard countermeasures as known from the Internet. This paper provides a survey of these threats and relates them to the available solutions. We motivate the need for a powerful and modular monitoring platform for the IMS and provide an overview of the existing work in this research field. Copyright © 2009 John Wiley & Sons, Ltd.</div><div type="abstract" xml:lang="en">The IP Multimedia Subsystem is a powerful signalling and service platform for next‐generation networks. The entire system is based on the Internet protocol and consequently inherits many of its security problems. Therefore, trusted operation of such a platform requires a multifaceted evaluation of the induced security threats and the available countermeasures.</div></front></TEI><affiliations><list><country><li>Autriche</li></country><region><li>Vienne (Autriche)</li></region><settlement><li>Vienne (Autriche)</li></settlement></list><tree><country name="Autriche"><region name="Vienne (Autriche)"><name sortKey="Berger, Andreas" sort="Berger, Andreas" uniqKey="Berger A" first="Andreas" last="Berger">Andreas Berger</name></region><name sortKey="Berger, Andreas" sort="Berger, Andreas" uniqKey="Berger A" first="Andreas" last="Berger">Andreas Berger</name><name sortKey="Gojmerac, Ivan" sort="Gojmerac, Ivan" uniqKey="Gojmerac I" first="Ivan" last="Gojmerac">Ivan Gojmerac</name><name sortKey="Jung, Oliver" sort="Jung, Oliver" uniqKey="Jung O" first="Oliver" last="Jung">Oliver Jung</name></country></tree></affiliations></record>Pour manipuler ce document sous Unix (Dilib)
EXPLOR_STEP=$WICRI_ROOT/Wicri/Sarre/explor/MusicSarreV3/Data/Main/Exploration
HfdSelect -h $EXPLOR_STEP/biblio.hfd -nk 000438 | SxmlIndent | more
Ou
HfdSelect -h $EXPLOR_AREA/Data/Main/Exploration/biblio.hfd -nk 000438 | SxmlIndent | more
Pour mettre un lien sur cette page dans le réseau Wicri
{{Explor lien
|wiki= Wicri/Sarre
|area= MusicSarreV3
|flux= Main
|étape= Exploration
|type= RBID
|clé= ISTEX:8230B5765252080846F0FF6CD97E88D28AFF49F4
|texte= Internet security meets the IP multimedia subsystem: an overview
}}
| This area was generated with Dilib version V0.6.33. |  |