Intrusion Detection and Prevention in IP Based Mobile Networks
Independent thesis Advanced level (professional degree), 20 credits / 30 HE creditsStudent thesis
Ericsson’s Packet Radio Access Network (PRAN) is a network solution for packet transport in mobile networks, which utilizes the Internet Protocol (IP). The IP protocol offers benefits in responsiveness and performance adaptation to data bursts when compared to Asynchronous Transfer Mode (ATM), which is still often used. There are many manufacturers / operators providing IP services, which reduce costs. The IP’s use on the Internet brings greater end-user knowledge, wider user community and more programs designed for use in IP environments. Because of this, the spectrum of possible attacks against PRAN broadens. This thesis provides information on what protection an Intrusion Prevention System (IPS) can add to the current PRAN solution.
A risk analysis is performed to identify assets in and threats against PRAN, and to discover attacks that can be mitigated by the use of an IPS. Information regarding placement of an IPS in the PRAN network is given and tests of a candidate system are performed. IPS features in hardware currently used by Ericsson as well as missing features are pinpointed . Finally, requirements for an IPS intended for use in PRAN are concluded.
Place, publisher, year, edition, pages
Institutionen för systemteknik , 2008. , 61 p.
Computer security, Computer networks, Network attacks, Intrusion detection, Intrusion prevention
IdentifiersURN: urn:nbn:se:liu:diva-12015ISRN: LiTH-ISY-EX--08/4164--SEOAI: oai:DiVA.org:liu-12015DiVA: diva2:18378
2008-06-02, Algoritmen, B-huset, 13:00 (English)