Tecnologia Blockchain para Auditoria em Redes Móveis
Resumo
O Sistema de Sinalização № 7 (SS7) define uma pilha de protocolos usados principalmente na troca de sinalização das redes de provedores de serviço móveis. Originalmente, tais protocolos foram baseados em relações de confiança mútua entre as partes, sem preocupação com segurança de rede. Com o sucesso da Internet e o crescimento do número de operadoras, as redes móveis ficaram expostas a ataques em SS7 que podem levar a problemas de privacidade e até indisponibilidade de serviços.
Este trabalho propõe o uso da tecnologia blockchain como forma de introduzir auditabilidade e rastreabilidade das operações de rede, servindo como complemento às contramedidas já existentes (p.ex., firewalls). Torna-se possível, portanto, identificar ameaças e determinar o impacto das próprias na rede. A viabilidade da proposta é avaliada através de medições do consumo de recursos computacionais, vazão e latência das transações da blockchain. Os experimentos realizados no Hyperledger Fabric mostram que é possível implantar a tecnologia proposta sem causar grandes impactos a infraestrutura existente na rede da operadora.
Palavras-chave:
Redes Móveis, Telefonia Celular, Blockchain, Ataques, Segurança, SS7
Referências
Androulaki, E., Barger, A., Bortnikov, V., Cachin, C., Christidis, K., De Caro, A., Enyeart, D., Ferris, C., Laventman, G., Manevich, Y., et al. (2018). Hyperledger fabric: a distributed operating system for permissioned blockchains. In Proceedings of the Thirteenth EuroSys Conference, page 30. ACM.
Association, G. (2016). Ss7 security network implementation guidelines. Version 5.0.
Babu, A., Davis, B., Bruwer, T., Sallaba, M., and René, M. (2018). How blockchain can impact the telecommunications industry. Technical report, Delloite.
Bautista, J. E. V., Sawhney, S., Shukair, M., Singh, I., Govindaraju, V. K., and Sarkar, S. (2013). Performance of cs fallback from lte to umts. IEEE Communications Magazine, 51(9):136–143.
Dabrowski, A., Pianta, N., Klepp, T., Mulazzani, M., and Weippl, E. (2014). Imsi-catch me if you can: Imsi-catcher-catchers. In Proceedings of the 30th annual computer security applications Conference, pages 246–255. ACM.
De Angelis, S., Aniello, L., Baldoni, R., Lombardi, F., Margheri, A., and Sassone, V. (2018). Pbft vs proof-of-authority: applying the cap theorem to permissioned blockchain. In Italian Conference on Cybersecurity.
Dryburgh, L. and Hewett, J. (2004). Signaling System No. 7 (SS7/C7): Protocol, Architecture, and Services (Networking Technology). Cisco Press.
Gorenflo, C., Lee, S., Golab, L., and Keshav, S. (2019). Fastfabric: Scaling hyperledger fabric to 20,000 transactions per second. arXiv preprint arXiv:1901.00910.
Intelligence, G. (2019). The mobile economy 2019.
Jensen, K., Van Do, T., Nguyen, H. T., and Arnes, A. (2016). Better protection of ss7 networks with machine learning. In IT Convergence and Security (ICITCS), 2016 6th International Conference on, pages 1–7. IEEE.
Kambourakis, G., Rouskas, A., and Gritzalis, S. (2004). Performance evaluation of public key-based authentication in future mobile communication systems. EURASIP Journal on wireless Communications e Networking, 2004(1):184–197.
Li, C., Li, P., Zhou, D., Xu, W., Long, F., and Yao, A. (2018). Scaling nakamoto consensus to thousands of transactions per second. arXiv preprint arXiv:1805.03870.
Li, Z., Wang, W., Wilson, C., Chen, J., Qian, C., Jung, T., Zhang, L., Liu, K., Li, X., and Liu, Y. (2017). FBS-Radar: Uncovering fake base stations at scale in the wild. In Network and Distributed System Security Symposium (NDSS), pages 1–15.
Mafakheri, B., Subramanya, T., Goratti, L., and Riggio, R. (2018). Blockchain-based Infrastructure Sharing in 5G Small Cell Networks. In 14th International Conference on Network e Service Management (CNSM), pages 313–317.
Nasir, Q., Qasse, I. A., Abu Talib, M., and Nassif, A. B. (2018). Performance analysis of hyperledger fabric platforms. Security and Communication Networks, 2018.
Rao, S. P., Kotte, B. T., and Holtmanns, S. (2016). Privacy in lte networks. In 9th EAI International Conference on Mobile Multimedia Communications, pages 176– 183. ACM.
Roth, J. D., Tummala, M., McEachen, J. C., and Scrofani, J. W. (2017). On location privacy in lte networks. IEEE Transactions on Information Forensics and Security, 12(6):1358–1368.
Rupprecht, D., Dabrowski, A., Thorsten, H., Weippl, E., and Pöpper, C. (2018). On security research towards future mobile network generations. arXiv.
Sukhwani, H., Wang, N., Trivedi, K. S., and Rindos, A. (2018). Performance modeling of hyperledger fabric (permissioned blockchain network). In 2018 IEEE 17th International Symposium on Network Computing and Applications (NCA), pages 1–8. IEEE.
Technologies, P. (2018). Telecom Attack Discovery, SS7 and Diameter protection, SS7 signaling firewall, threat prevention for telecom networks.
Tu, G.-H., Li, C.-Y., Peng, C., and Lu, S. (2015). How voice call technology poses security threats in 4g lte networks. In 2015 IEEE Conference on Communications and Network Security (CNS), pages 442–450. IEEE.
Vukolić, M. (2015). The quest for scalable blockchain fabric: Proof-of-work vs. BFT replication. In International Workshop on Open Problems in Network Security (iNetSec), pages 112–125.
Association, G. (2016). Ss7 security network implementation guidelines. Version 5.0.
Babu, A., Davis, B., Bruwer, T., Sallaba, M., and René, M. (2018). How blockchain can impact the telecommunications industry. Technical report, Delloite.
Bautista, J. E. V., Sawhney, S., Shukair, M., Singh, I., Govindaraju, V. K., and Sarkar, S. (2013). Performance of cs fallback from lte to umts. IEEE Communications Magazine, 51(9):136–143.
Dabrowski, A., Pianta, N., Klepp, T., Mulazzani, M., and Weippl, E. (2014). Imsi-catch me if you can: Imsi-catcher-catchers. In Proceedings of the 30th annual computer security applications Conference, pages 246–255. ACM.
De Angelis, S., Aniello, L., Baldoni, R., Lombardi, F., Margheri, A., and Sassone, V. (2018). Pbft vs proof-of-authority: applying the cap theorem to permissioned blockchain. In Italian Conference on Cybersecurity.
Dryburgh, L. and Hewett, J. (2004). Signaling System No. 7 (SS7/C7): Protocol, Architecture, and Services (Networking Technology). Cisco Press.
Gorenflo, C., Lee, S., Golab, L., and Keshav, S. (2019). Fastfabric: Scaling hyperledger fabric to 20,000 transactions per second. arXiv preprint arXiv:1901.00910.
Intelligence, G. (2019). The mobile economy 2019.
Jensen, K., Van Do, T., Nguyen, H. T., and Arnes, A. (2016). Better protection of ss7 networks with machine learning. In IT Convergence and Security (ICITCS), 2016 6th International Conference on, pages 1–7. IEEE.
Kambourakis, G., Rouskas, A., and Gritzalis, S. (2004). Performance evaluation of public key-based authentication in future mobile communication systems. EURASIP Journal on wireless Communications e Networking, 2004(1):184–197.
Li, C., Li, P., Zhou, D., Xu, W., Long, F., and Yao, A. (2018). Scaling nakamoto consensus to thousands of transactions per second. arXiv preprint arXiv:1805.03870.
Li, Z., Wang, W., Wilson, C., Chen, J., Qian, C., Jung, T., Zhang, L., Liu, K., Li, X., and Liu, Y. (2017). FBS-Radar: Uncovering fake base stations at scale in the wild. In Network and Distributed System Security Symposium (NDSS), pages 1–15.
Mafakheri, B., Subramanya, T., Goratti, L., and Riggio, R. (2018). Blockchain-based Infrastructure Sharing in 5G Small Cell Networks. In 14th International Conference on Network e Service Management (CNSM), pages 313–317.
Nasir, Q., Qasse, I. A., Abu Talib, M., and Nassif, A. B. (2018). Performance analysis of hyperledger fabric platforms. Security and Communication Networks, 2018.
Rao, S. P., Kotte, B. T., and Holtmanns, S. (2016). Privacy in lte networks. In 9th EAI International Conference on Mobile Multimedia Communications, pages 176– 183. ACM.
Roth, J. D., Tummala, M., McEachen, J. C., and Scrofani, J. W. (2017). On location privacy in lte networks. IEEE Transactions on Information Forensics and Security, 12(6):1358–1368.
Rupprecht, D., Dabrowski, A., Thorsten, H., Weippl, E., and Pöpper, C. (2018). On security research towards future mobile network generations. arXiv.
Sukhwani, H., Wang, N., Trivedi, K. S., and Rindos, A. (2018). Performance modeling of hyperledger fabric (permissioned blockchain network). In 2018 IEEE 17th International Symposium on Network Computing and Applications (NCA), pages 1–8. IEEE.
Technologies, P. (2018). Telecom Attack Discovery, SS7 and Diameter protection, SS7 signaling firewall, threat prevention for telecom networks.
Tu, G.-H., Li, C.-Y., Peng, C., and Lu, S. (2015). How voice call technology poses security threats in 4g lte networks. In 2015 IEEE Conference on Communications and Network Security (CNS), pages 442–450. IEEE.
Vukolić, M. (2015). The quest for scalable blockchain fabric: Proof-of-work vs. BFT replication. In International Workshop on Open Problems in Network Security (iNetSec), pages 112–125.
Publicado
07/12/2020
Como Citar
MACEDO, Luiza Odete Herback de Carvalho; CAMPISTA, Miguel Elias Mitre.
Tecnologia Blockchain para Auditoria em Redes Móveis. In: SIMPÓSIO BRASILEIRO DE REDES DE COMPUTADORES E SISTEMAS DISTRIBUÍDOS (SBRC), 38. , 2020, Rio de Janeiro.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2020
.
p. 798-811.
ISSN 2177-9384.
DOI: https://doi.org/10.5753/sbrc.2020.12326.
