Glossary
End Points
• L1 – L3
• Data Store
• Client Space
• Device Management
Visiting
• Local Data Caching
• Access Aware Policy
Access
• L1 – L3
• QoS
• Aggregation Point
Sipera Systems
Home
• Data Store
• Applications Interface
• Service Control Environment
• Foreign Network Peering Points
3
Femto-Cell Business Drivers
Operator business case issues:
! Handset Subsidies
! Backhaul
Femto-Cell business case drivers:
! Better indoor coverage
! Subsidized backhaul (Leverage broadband)
Connection
Layer Security
Application
Layer Security
Sipera Systems
Enablement
Features
4
Real-time IP services
requires special attention to security
IMS Offers a large suite of services that can be accessed through Cellular Network as well as via Internet.
Offering IMS services creates possibilities of zombies attack and hacker attacks ….
Attacks are possible despite subscription authentication & IPSec/TLS encryption.
PDSN/PDG provides authentication and encryption but
does not protect against zombie and hacker attacks.
Call
Server
PDG
IMS core
PDSN
DOrA
CSCF
Media
Gateway
Femto
GW
Internet
Mobile
Access
Broadband
~ 1/2 Billion
users
Protocol fuzzing
Flood attacks
Distributed attacks
Zombies
Stealth attacks
Bad guys could be
IMS SPAM
customers …
Unique SIP Application Layer Attacks
Signaling attacks
on infrastructure
SIP
Signaling attacks
on end users
SIP
Media attacks
RTP/
RTCP
Fuzzing
>20000
Misuse/Spoofing
19
Fuzzing
10
Reconnaissance
8
Session Anomalies
4
Floods
4
Flood
>60
Stealth
7
Misuse/Spoofing
7
Distributed Flood
>40
Spam
6
Total
21
Total
>20108
Total
36
• In 2 years, Sipera VIPER lab has discovered thousands of
attacks for SIP/UMA/IMS networks
• Proactive approach to finding threats and attacks
– Also create vaccines for previously unidentified threats
• Expertise behind Sipera IPCS products and Sipera LAVA
tools
Sipera Systems
3. Authenticate
incoming user
Internal
Firewall
+NAT
External
Firewall
+NAT
Wireless Core
Sipera
IPCS
3. Media RTP
4. Signaling
over TCP/UDP
1.
Static Firewall Channel:
to enable secure channel
between two IPCS
5060 always open
2. TLS Setup
Internet
4. Signaling over TLS
5. SRTP/ERTP Media
100 - 1000 media ports
4. Fingerprint Verification
DoS/DDoS and Fuzzing Prevention
Anomaly Detection and Prevention
Behavior Learning
Voice SPAM Prevention
5. Media Anomaly Detection and Prevention
Sipera Systems
11
Sipera Overview
•
Company
–
–
–
–
–
Founded in November 2003
HQ in Richardson, Texas
Current Headcount: 76
Experienced management team
Tier 1 VC Funded
Pure Security for VoIP, Mobile, Multimedia
Sipera™ Systems provides comprehensive, application-layer security to enable
pervasive, real-time unified communications (VoIP)