A CNN-Based Semi-supervised Learning Approach for the Detection of SS7 Attacks

Auteurs

Ermis O., Feltus C., Tang Q., Trang H., De Oliveira A., Nguyen C.D., Hirtzig A.

Référence

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 13620 LNCS, pp. 345-363, 2022

Description

Over the years many standards were defined to solve the security vulnerabilities of the Signalling Systems No:7 (SS7) protocol. Yet, it still suffers from many security issues that make it vulnerable to attacks such as the disclosure of subscribers’ location, fraud, interception of calls or SMS messages. Several security measures employ rule-based solutions for the detection of attacks in telecom core networks. However, they become ineffective when an attacker deploys sophisticated attacks that are not easily detected by filtering mechanisms. One particular solution to overcome those attacks is to use supervised machine learning solutions since they have demonstrated their ability to achieve promising results to detect anomalies in various applications. Nonetheless, they generally need to be trained with a large set of labeled data that cannot be obtained from the telecom operators due to the excessive resource allocation and cost of labeling the network traffic. Therefore, in this work, we propose an innovative approach based on semi-supervised learning, which combines the use of labeled and unlabelled data to train a particular model for the detection of SS7 attacks in telecom core networks. Our approach adapts the Convolutional Neural Network (CNN)-based semi-supervised learning scheme in [26] and an improved version of the feature engineering in [10] together with the hyperparameter optimization. Experiment results show that the proposed approach achieves up to 100% accuracy on both the real world and simulated datasets, respectively.

Lien

doi:10.1007/978-3-031-21280-2_19