Vulnerabilities in Heterogeneous Signaling Networks
Voice over IP (VoIP) telephony is emerging as an alternative to traditional public switched telephone systems (PSTN) all over the world. Currently VoIP and PSTN interoperate with each other, where a signal that begins in one may go overa series of VoIP or PSTN network and end up in a destination situated in either one of them. Conversely, liberalization of PSTN networks and growing acceptance of SIGTRAN protocol suite have introduced new and yet to be trusted signaling entities. Thus security threats emerging from one network not only affects itself but other network also. We show how any signaling node from either side can exploit the protocol behavior and inject fabricated/spoofed message signal units (MSUs) or signaling network management (SNM) messages towards its peer with the aim of disrupting telephony services. As a solution, we propose an integrated security framework that not only enforces authentication and integrity of the messages but also detects any protocol misbehavior.