Altering the message body could also result in hijacking of subscriber accounts and
services. By capturing an INVITE, for example, the headers providing routing information
could be captured to then reroute traffic to the perpetrator.
Session Teardown
Tearing down sessions is a disruptive attack that if launched to a wide range of subscribers
could have serious implications. For example, if this were carried out in concert
with a major catastrophic event, communications for thousands of people would suddenly
be compromised, as they would have been ???cut off??? and attempting to re-connect
would congest the network.
There are two reasons why an attacker would use this method. One would be to create
a Denial of Service (DoS) attack on a network or network segment. Disconnecting
all calls in progress followed by another form of physical attack would leave citizens in
a panic, creating just the type of reaction needed to instill chaos.
The other reason would be to simply congest the network to where service was degraded.
This is accomplished when everyone that was disconnected suddenly attempts
Security Procedures in the IMS 141
to reconnect, all at the same time. The network is usually unable to handle such large
demand and would begin denying service to many subscribers.
Denial-of-Service Attacks
Denial-of-service attacks take many forms and of course can also be very damaging.
Pages:
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293