Securing IMS against novel threats

Stefan Wahl, Konrad Rieck, Pavel Laskov, Peter Domschitz, Klaus Muller

Research output: Contribution to journalArticle

8 Citations (Scopus)

Abstract

Fixed mobile convergence (FMC) based on the 3GPP IP Multimedia Subsystem (IMS) is considered one of the most important communication technologies of this decade. Yet this all-IP-based network technology brings about the growing danger of security vulnerabilities in communication and data services. Protecting IMS infrastructure servers against malicious exploits poses a major challenge due to the huge number of systems that may be affected. We approach this problem by proposing an architecture for an autonomous and self-sufficient monitoring and protection system for devices and infrastructure inspired by network intrusion detection techniques. The crucial feature of our system is a signature-less detection of abnormal events and zero-day attacks. These attacks may be hidden in a single message or spread across a sequence of messages. Anomalies identified at any of the network domain's ingresses can be further analyzed for discriminative patterns that can be immediately distributed to all edge nodes in the network domain.

Original languageEnglish
Pages (from-to)243-258
Number of pages16
JournalBell Labs Technical Journal
Volume14
Issue number1
DOIs
Publication statusPublished - 2009 Mar 1
Externally publishedYes

ASJC Scopus subject areas

  • Electrical and Electronic Engineering

Fingerprint Dive into the research topics of 'Securing IMS against novel threats'. Together they form a unique fingerprint.

  • Cite this

    Wahl, S., Rieck, K., Laskov, P., Domschitz, P., & Muller, K. (2009). Securing IMS against novel threats. Bell Labs Technical Journal, 14(1), 243-258. https://doi.org/10.1002/bltj.20365