AdaptiveMobile Adds SS7 Cat 3 Detection Capabilities to Mobile Threat Intelligence Platform

Posted 6/29/2016 12:02:21 PM by RICHARD HARRIS, Executive Editor

AdaptiveMobile Adds SS7 Cat 3 Detection Capabilities to Mobile Threat Intelligence Platform
AdaptiveMobile has announced advanced SS7 “Cat 3” Signalling Protection detection capabilities to its Mobile Threat Intelligence Platform including Network Memory, Location Plausibility, and Remote Intercept. The Company’s advanced threat detection is based on continuous data and analysis with all rules validated with information from across five continents.  

AdaptiveMobile’s Signalling Protection Product secures the SS7 and LTE/Diameter networks using a combination of a carrier-grade signalling firewall, advanced analytics and intelligence from working with nine of the top 10 operator groups that protect 1/5th of the world’s mobile subscribers. The solution facilitates the platform’s ability to block current attacks on the network and to react to emerging threats that seek to bypass standard SS7 and Diameter firewall functionality. 

Key Features of the platform include:

Attack Analysis

- Identify source and target of attacks
- Initiate additional preventative measures as necessary
- Identification of GSMA Category 1, 2 and 3 attacks
- Enhanced detection beyond GSMA Categories based on continual real world data analysis and research
- Rules are validated with real world data from across 5 continents

Rules Engine

- Real time system for applying configured rules & filters
- Heuristics detection algorithms, node fingerprinting
- Stateful and behavioral analysis over lifetime of transaction
- Flexible powerful rule definitions across an exhaustive list of MAP/CAP/TCAP/SCCP/Sigtran/Diameter fields

Security Enforcement Point

- Signalling Access Point with an option to leverage SMS Firewall
- Inline Signalling (Active) and Offline Probe-based (Inactive) modes
- Support for MAP, CAMEL, TCAP, SCCP, SIGTRAN, Diameter Protocols

Security Management Console

- Rule and Filter definition
- Black- and White-List configuration
- Selection of MAP operations for monitoring

Advanced Threat Reporting

- Attack Dashboard
- Role-level authentication
- High level view of attacks with drill-down to original source packet
- Scheduled reports emailed to key stakeholders
- Built-in report suite with customized options


- Support for geographically distributed signalling firewalls, centralized firewall management and reporting
- Trusted signalling architecture deployed at scale in Tier 1 operators
- Bare metal and virtualized today, future proofing for NFV
- Support for intelligence sharing with open APIs for external analytics platforms

Benefits of the platform include:

Monitor and block attacks without major network disruption

- Straightforward and low impact overlay approach enables rapid protection of a network
- Located at strategic network positions to ensure blocking of privacy and fraud attacks

Detects new types of attacks

- Prevents GSMA Category 1, 2 and 3 attacks
- Smart algorithms uncover suspicious activity
- Global Threat Intelligence Service leverages real world intelligence from customer sites on 5 continents

Threat reporting enabling fast and accurate risks assessment

- Dashboard delivers unique insights with drilldown to full details of original source packet

Multiple operating modes allowing a flexible and phased approach

- Passive monitoring, active routing & blocking, or combined mode 

Signalling Protection can secure the mobile network against the following types of signalling-based privacy and fraud attacks:

Subscriber Location

- Blocks unauthorized queries for subscriber location data
- Prevents both direct queries for location data and 2-stage queries involving 2 separate transactions

Call and Data Interception

- Blocks manipulation of network and subscriber data leading to ‘man in the middle’ attacks
- Secures encryption keys against attack


- Early detection of protocol anomalies deters and stops fraudsters from exploiting subscriber and network data leading to direct revenue loss

Denial of Service

- Secures subscriber data against malicious attacks removing access to key services

Read More


About the author: RICHARD HARRIS, Executive Editor

As the Publisher and Editor for App Developer Magazine, Richard has several industry recognitions and endorsements from tech companies such as Microsoft, Apple and Google for accomplishments in the mobile market. He was part of the early Google AFMA program, and also involved in the foundation of Google TV. He has been developing for mobile since 2003 and serves as CEO of Moonbeam Development, a mobile app company with 200 published titles in various markets throughout the world. Richard is also the founder of LunarAds, a mobile cross-promotion and self-serv mediation network for developers. He has been a featured presenter at trade-shows and conferences, and stays active with new projects relating to mobile development.

Subscribe to App Developer Daily

Latest headlines delivered to you daily.