SS7 over IP: signaling interworking vulnerabilities

Public telephony - the preferred choice for two-way voice communication over a long time - has enjoyed remarkable popularity for providing acceptable voice quality with negligible connection delays, perhaps due to its circuit-switched heritage. Recently, IP telephony, a packet-based telephone service that runs as an application over the IP protocol, has been gaining popularity. To provide seamless interconnectivity between these two competing services, the Internet Engineering Task Force (IETF) has designed a signaling interface commonly referred to as SIGTRAN. This seamless intersignaling provided by SIGTRAN facilitates any subscriber in one network to reach any other subscriber in the other network, passing through any heterogeneous maze of networks consisting of either of these. Unfortunately, the same intersignaling potentially can be exploited from either side to disrupt the services provided on the other side. We show how this can be done and propose a solution based on access control, signal screening, and detecting anomalous signaling. We argue that to be effective, the latter two should consider syntactic correctness, semantic validity of the signal content, and the appropriateness of a particular signal in the context of earlier exchanged messages.