A master thesis from Aalborg University
Detecting SS7 Attacks in the Telecommunication Infrastructure Using SIEM
Author(s)
Term
4. semester
Education
Publication year
2025
Submitted on
2025-06-03
Pages
45 pages
Abstract
Every year multiple attacks are carried out over the global network infrastructure without being detected due to the trust based nature of the SS7 protocol suite. This thesis aims to develop an automated identification mechanism using a SIEM system to detect two location tracking attacks carried out using SS7 protocols. Network simulations of different operators interacting with each other have been used to generate network logs consisting of isolated attacks, but also a realistic scenario in which regular traffic was also being exchanged. Based on the attack patterns that have been identified, a search for each attack was first defined, then tested on the isolated scenario, and finally on the realistic simulation to determine their accuracy. The execution of such searches has then been configured to periodically run each day and notify the appropriate roles in case of a detection.
Documents
Colophon: This page is part of the AAU Student Projects portal, which is run by Aalborg University. Here, you can find and download publicly available bachelor's theses and master's projects from across the university dating from 2008 onwards. Student projects from before 2008 are available in printed form at Aalborg University Library.
If you have any questions about AAU Student Projects or the research registration, dissemination and analysis at Aalborg University, please feel free to contact the VBN team. You can also find more information in the AAU Student Projects FAQs.