Study on Spoofed Call Detection and Prevention in 3GPP China Mobile

advertisement
ITU Workshop on “Caller ID Spoofing”
(Geneva, Switzerland, 2 June 2014)
Study on Spoofed Call Detection and
Prevention in 3GPP
China Mobile
Geneva, Switzerland, 2 June 2014
Contents
Background
3GPP progress
Conclusions and recommendations
Geneva, Switzerland, 2 June 2014
2
3GPP Progress
Backgroud
A variety of methods and technologies
that can be used to make spoofed calls
which can cause substantial loss to
users and operators.
The origin of problems is wider than just
3GPP networks(TS 23.081) and relates
to ISUP(TS 29.163), also used in fixed
PSTN.
Geneva, Switzerland, 2 June 2014
3
3GPP Progress
Security Study on Spoofed Call
Detection and Prevention
The project was set up in 3GPP since 2012.
Spec number: TR 33.831
Rapporteur: LI, Xiangjun,China Mobile
Contributor:NSN,Ericsson,HuaWei,NEC
Latest TR: Draft S3-131201
http://www.3gpp.org/DynaReport/33831.ht
m
Geneva, Switzerland, 2 June 2014
4
3GPP Progress
Objective
Outline valid threat scenarios for caller id
spoofing coming to 2G and 3G CS
domains.
Analyze and evaluate if any tools in 3GPP
can be used to counteract this problem.
Study possible required technology
mechanism to detect and prevent.
Geneva, Switzerland, 2 June 2014
5
3GPP Progress
Spoofed call Scenarios
Spoofed call using the VoIP
Spoofed call using the PRI/PBX
Spoofing id from an IP-PBX towards IMS
Spoofing of caller ID
Spoofing of caller location
……
Geneva, Switzerland, 2 June 2014
6
3GPP Progress
Security Requirements
the caller ID received should be authorized.
The unauthorized caller ID should be alerted.
The unauthorized caller ID should be logged.
If the spoofed call is detected, the network
should be able to tear down the call and/or
save in blacklists.
……
Geneva, Switzerland, 2 June 2014
7
3GPP Progress
Candidate solutions for detection
IBCF checking incoming requests from
untrusted networks
Present only trusted Calling Line
Identifiers
Out of Band Methods closed to user group
Geneva, Switzerland, 2 June 2014
8
3GPP Progress
IBCF checking incoming requests from
untrusted networks
The solution ‘CS domain protected by an IMS network’ shows some
restrictions : the call is originated in an untrusted network while the caller ID
of the incoming session belongs to a trusted network.
Geneva, Switzerland, 2 June 2014
9
3GPP Progress
Present only trusted Calling Line Identifiers
untrusted
network
X
untrusted
network
Y
Network
Operator
A
Federation
of Trust
Network
Operator
B
Network
Operator
C
untrusted
network
Z
This solution proposes to present Calling Line Identifiers to the terminating
user only if they can be regarded as ‘trusted’. A federation (originating, transit
and terminating network(s)) of trust is formed by bilateral or multilateral
agreements .
Geneva, Switzerland, 2 June 2014
10
3GPP Progress
Out of Band Methods closed to user
group
Verifying Through “Middle” 3rd Party
Using Time-based One Time Password
(TOTP) to Verify Caller
Verifying Caller through Shared
Confidential Data
This solution is appropriate for an individual service provider,and not
appropriate as a general purpose protection mechanisms for spoofed calls in
general. This is mainly because they require a third party that is trusted by
both caller A and caller B, which seems infeasible to set up for any given
parties A and B.
Geneva, Switzerland, 2 June 2014
11
Conclusions and recommendations
3GPP SA3:
This technical report analyses solutions for
the spoofed caller ID problem. It seems
practically infeasible to provide a solution
that requires modifications to the signaling
system 7.
SA3 has finalized the present TR. If a
more effective solution requiring
standardisation is found, a new WID can
be created.
Geneva, Switzerland, 2 June 2014
12
Conclusions and recommendations
From CMCC perspective:
The solutions in the present TR have not
fully meet China Mobile’s requirements, and
more requirements are needed to be
implemented into specifications.
We recommend ITU to joint with other
SDOs such as 3GPP to continue cooperation
on Caller ID spoofing, which can reach a
further common understanding.
Geneva, Switzerland, 2 June 2014
13
Thanks!
Geneva, Switzerland, 2 June 2014
Download