This document provides an overview of SS7 and SIGTRAN and how to handle SS7 messages on the edge of the network. It includes an SS7 and SIGTRAN security analysis and provides a set of countermeasures that can be deployed e.g. filtering rules and other security approaches.
Audience: Technical security practitioner
Resource technology specifics: Core network
Resource type: Guideline
Resource enforcement: Voluntary
Resource certification type: Self-assessment
- Provides an analysis of the security of each SS7 and SIGTRAN stack layer.
- Identifies and analyses security threats and vulnerabilities for SS7 and SIGTRAN.
- Proposes a taxonomy of the open source projects that are available
- Describes possible attacks which can be launched against mobile networks and includes an evaluation of the risks associated with them
- Proposes best practice countermeasures, with guidelines for implementing a screening policy for MAP messages.
- Suggests SS7/SIGTRAN network incident report template
- IMS and LTE networks are out of scope
- GSMA member confidential