Amplification
Amplification is similar to denial of service with much broader coverage. The same
request is sent to a redirect proxy, which then ???splits??? the request to many different
directions, ???amplifying??? the number of responses in the network. Instead of having a
response coming from one CSCF, the message is split and sent to many CSCFs, all
sending responses of 4xx.
All of these security threats can be addressed through IMS and should be taken
seriously by any IP-based service provider. It should be noted here that these attacks
are not unique to IP-based services, though. We see many similar forms of attacks and
security threats in the legacy telephone networks around the world today.
Denial-of-service attacks have already been played out in legacy networks, using call
generators and other forms of call generation, resulting in the complete blockage of all
services for an extended period of time (in some cases hours).
Impersonating service providers, ???message body tampering??? (in this case the message
body is the SS7 signaling message exchanged between two carriers), even session teardown
can be emulated in the existing telephone networks today and many cases have
already been documented to demonstrate these as issues.
142 Chapter 6
There are already numerous cases of network providers gaining access to other operators??™
networks and sending their traffic through these networks.
Pages:
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295