Paolo De Lutiis

An innovative way to analyze large ISP data for IMS security and monitoring

The security of Voice over IP (VoIP) and other session based services is a cornerstone for the success of the emerging NGN (Next Generation Network) and IMS (IP Multimedia Subsystem). Actually, the NGN architectures and IMS services significantly increase the risk for security attacks, frauds and other issues related to the transition from the old and (usually considered) secure PSTN/ISDN. The aim of this article is to describe an innovative monitoring tool, developed within the Telecom Italia R&D, in order to satisfy the functional requirements of large Service Providers or Operators, and able to provide the needed security features for the emerging IMS services.

Managing Home Networks security challenges security issues and countermeasures

A Home Network, or Customer Premises Network (CPN), is a special case of a local area network. It is used for communication between a small number of devices deployed within a home or a small office: computers and printers, Set-Top Boxes, IP-phones and other connectivity gears (e.g. wireless access points). The key element of the CPN is its interconnection, through a (ultra) broadband provider, to an external Next Generation Network (NGN) or public networks such as the Internet. Many Standard Development Organizations (SDO) have addressed the security of the NGN and IMS, whereas the security of the CPN and its interconnection with the NGN is still in its infancy. This paper is aimed to describe the security issues that Service Providers and Operators have to face interconnecting “secure” core NGN to the customers home networks or CPN and to present the main countermeasures defined by ETSI Tispan.

Clustering NGN user behavior for anomaly detection

In the vision of both researchers and standardization committees, networks and services will evolve in the direction of increasing pervasiveness, convergence, and quality of service management capability. Consequently, users will gain an increasing dependency on the presence and availability of network connectivity and the huge plethora of provided services. Yet fostering the development of our society, such dependency on a relatively young technology poses serious threats, especially from the trustworthiness, security and privacy point of view. In this paper, we will describe and critically evaluate user behavior clustering aimed at monitoring and assuring the security of NGN-based applications. Different models of user behavior, developed within both ISP and academic research projects will be described, and several techniques for manipulating and exploiting such model for the anomaly detection purpose will be described and evaluated.

Policy management for ENUM system enabling privacy and security

ENUM (telephone number mapping) is a key enabler in the convergence between IP-based networks and the traditional PSTNs that may result in additional complexity in commercial relationships and regulation of the telecommunications sector. In particular, the current ENUM may significantly increase the risk of unscrupulous use of the information managed (e.g., public user identifiers and user/service reachability). The aim of this article is to describe a new functional reference model for ENUM, and provide some new requirements that enable user privacy and security.