Detection of signaling system 7 attack in network function virtualization using machine learning

The mass popularization of telecommunication services has led to a heavily loaded Signaling System No. 7 (SS7) network. SS7 was originally well protected because the communication networks were controlled by trusted state-owned telecom operators. Switching to the IP technology and deregulation has made it fairly easy for third parties to gain access to the once protected SS7 network. For many vendors, Signaling Transfer Points (STPs) have already evolved from TDM (Time Division Multiplexing) proprietary hardware to an IP proprietary hardware solution. So the next step is moving to a virtualized solution such as Network Function Virtualization (NFV). The intersection of SS7 and NFV has also introduced several new security challenges. In this work, we present the vulnerabilities of SS7 messages to cyber-attacks in a virtualized environment. A network simulation model under SS7 attack is developed. In order to mitigate these attacks machine learning techniques are applied to the gathered network traffic.