Top Left Top Right

AdaptiveMobile Adds SS7 Cat 3 Detection Capabilities to Mobile Threat Intelligence Platform

Security 5,356 views
Posted Wednesday, June 29, 2016 by RICHARD HARRIS, Executive Editor

AdaptiveMobile Adds SS7 Cat 3 Detection Capabilities to Mobile Threat Intelligence Platform
AdaptiveMobile has announced advanced SS7 “Cat 3” Signalling Protection detection capabilities to its Mobile Threat Intelligence Platform including Network Memory, Location Plausibility, and Remote Intercept. The Company’s advanced threat detection is based on continuous data and analysis with all rules validated with information from across five continents.  

AdaptiveMobile’s Signalling Protection Product secures the SS7 and LTE/Diameter networks using a combination of a carrier-grade signalling firewall, advanced analytics and intelligence from working with nine of the top 10 operator groups that protect 1/5th of the world’s mobile subscribers. The solution facilitates the platform’s ability to block current attacks on the network and to react to emerging threats that seek to bypass standard SS7 and Diameter firewall functionality. 

Key Features of the platform include:


Attack Analysis

- Identify source and target of attacks
- Initiate additional preventative measures as necessary
- Identification of GSMA Category 1, 2 and 3 attacks
- Enhanced detection beyond GSMA Categories based on continual real world data analysis and research
- Rules are validated with real world data from across 5 continents

Rules Engine

- Real time system for applying configured rules & filters
- Heuristics detection algorithms, node fingerprinting
- Stateful and behavioral analysis over lifetime of transaction
- Flexible powerful rule definitions across an exhaustive list of MAP/CAP/TCAP/SCCP/Sigtran/Diameter fields

Security Enforcement Point

- Signalling Access Point with an option to leverage SMS Firewall
- Inline Signalling (Active) and Offline Probe-based (Inactive) modes
- Support for MAP, CAMEL, TCAP, SCCP, SIGTRAN, Diameter Protocols

Security Management Console

- Rule and Filter definition
- Black- and White-List configuration
- Selection of MAP operations for monitoring

Advanced Threat Reporting

- Attack Dashboard
- Role-level authentication
- High level view of attacks with drill-down to original source packet
- Scheduled reports emailed to key stakeholders
- Built-in report suite with customized options

Architecture

- Support for geographically distributed signalling firewalls, centralized firewall management and reporting
- Trusted signalling architecture deployed at scale in Tier 1 operators
- Bare metal and virtualized today, future proofing for NFV
- Support for intelligence sharing with open APIs for external analytics platforms

Benefits of the platform include:

Monitor and block attacks without major network disruption

- Straightforward and low impact overlay approach enables rapid protection of a network
- Located at strategic network positions to ensure blocking of privacy and fraud attacks

Detects new types of attacks

- Prevents GSMA Category 1, 2 and 3 attacks
- Smart algorithms uncover suspicious activity
- Global Threat Intelligence Service leverages real world intelligence from customer sites on 5 continents

Threat reporting enabling fast and accurate risks assessment

- Dashboard delivers unique insights with drilldown to full details of original source packet

Multiple operating modes allowing a flexible and phased approach

- Passive monitoring, active routing & blocking, or combined mode 

Signalling Protection can secure the mobile network against the following types of signalling-based privacy and fraud attacks:

Subscriber Location

- Blocks unauthorized queries for subscriber location data
- Prevents both direct queries for location data and 2-stage queries involving 2 separate transactions

Call and Data Interception

- Blocks manipulation of network and subscriber data leading to ‘man in the middle’ attacks
- Secures encryption keys against attack

Fraud

- Early detection of protocol anomalies deters and stops fraudsters from exploiting subscriber and network data leading to direct revenue loss

Denial of Service

- Secures subscriber data against malicious attacks removing access to key services



READ MORE: https://www.adaptivemobile.com/...




Subscribe to App Developer Daily

Latest headlines delivered to you daily.