Diameter Introduction
In the future, 5G network will still need to support the connection of existing 4G/3G networks, so attacks on existing communication networks will spread to 5G networks. The existing mobile communication evolution and its existing threats are 2G/3G uses Signaling System Number 7 (SS7) as the signal for communication between operators in the core network. Because of the lack of authentication mechanism between the messages, attackers can attack the core network easily. Due to the increased requirements for authentication, authorization, and billing, 4G network replaced SS7 with the Diameter protocol and maintained compatibility. Because of Diameter extended the design spirit of SS7, the lack of a verification mechanism for message exchange between core networks poses an attack threat. Since the 5G network also uses Diameter and needs to support the traditional network interface, the attacks of the traditional core network can be applied to 5G. Therefore, the integration of 5G networks and existing networks will face the ensuing core network control signaling attacks.
Among them, the Diameter protocol has a greater chance to affect the operation of 5G including the NSA and SA core networks. O'Prueba Technology Inc. conducts in-depth research on the possible attack methods of the Diameter protocol, and integrated various types and methods of Diameter attacks to promote related attack protection and provide Diameter-related attack detection services.
| 攻擊分類 | 攻擊手法 |
|---|---|
|
獲取用戶隱私 |
Sh UDR |
|
S6a IDR |
|
|
S6a ULR |
|
|
S6a AIR |
|
|
S6c SRR |
|
|
獲取網路資訊 |
S6a AIR |
|
詐欺 |
S6d IDR |
|
中斷服務 |
S6a IDR |
|
S6a DSR |
|
|
S6a ULR |
|
|
S6a CLR |
|
|
S6a PUR |
|
|
S6a NOR |
Reference
- Wiki:
https://en.wikipedia.org/wiki/Diameter_(protocol) - GSMA Diameter Interconnect Security:
https://www.gsma.com/security/resources/fs-19-diameter-interconnect-security-v7-0/ - GSMA Diameter vulnerabilities exposure report:
https://www.gsma.com/membership/resources/diameter-vulnerabilities-exposure-report-2018/