IMS Brings VoIP into Mobile Telephony - and with It All the Security Risks

Updated: January 07, 2011

OULU, Finland & CUPERTINO, Calif.--(BUSINESS WIRE)--Codenomicon, a leading vendor of security testing solutions, announced today that Ari Takanen, CTO of Codenomicon, will give a presentation on threat assessment and proactive defense against VoIP vulnerabilities at the 3GPP ETSI Release 8 IMS Implementation Workshop. The event will take place 24-25 November 2010, at the Sophia Antipolis technology park, in southern France.

Ari Takanen will give his presentation "Recommendations for VoIP and IMS Security" on Thursday, November 25th. He will talk about Voice over IP (VoIP) security threats, focusing on the attack surface analysis and threat assessment of IMS Release 8 architecture. The presentation is based on research and numerous audits on live IMS deployments across Europe performed during early 2010. Presentation also reviews results of selected security tests using test automation technique called fuzzing, which finds and identifies both known and unknown vulnerabilities in communication technologies. The presentation is partially based on the Securing VoIP Networks book Ari Takanen wrote together with Peter Thermos.

"Modern telecommunication networks are not bug free, but as the legacy mobile networks were mostly closed, nobody could access the vulnerabilities," says Ari Takanen.

"With the introduction of IMS and VoIP, these networks are suddenly connected to the Internet and exposed to all the same threats that the open Internet is known for, and all those hacking tools that are widely available there."

Involvement with standards bodies is critical for Codenomicon, who works with 200+ communication technologies across industries. The ETSI 3GPP conference gathers leading software testing experts, and both vendor and operator executives together to share experiences and best practices around IMS implementations and deployments. The purpose for Codenomicon is to share its insight for future needs for IMS network testing, and to demonstrate the strength of its model-based testing and security validation techniques.

About Codenomicon Ltd

Codenomicon develops security and quality testing software, which allows users to quickly find and identify both known and previously unknown flaws before business-critical products or services are deployed. Their unique, targeted approach to the fuzz testing of networked and mobile applications exposes more flaws and weaknesses than any other testing platform or methodology. Companies rely on Codenomicon's solutions to mitigate threats, like Denial of Service (DoS) situations and Zero Day Attacks, which could increase liability, damage business reputation and cripple sales. Codenomicon is a member of the SDL Pro Network. For more information, visit www.codenomicon.com.

Featured Research
  • 7 Ways the Wrong Phone System Can Haunt Your Business

    The wrong phone system could be haunting your business - and we’re talking about problems more serious than ghosts and ghouls. From increased costs to issues with scaling, we’ve identified seven important ways that a less than ideal phone system could be holding you back. You’ll be surprised at how much of a difference this can make to your bottom line too. more

  • Ditch Your Fax Servers

    An in-house fax server gives an IT department centralized management and monitoring over the entire enterprise's faxing. This can help your company track usage and better maintain records for auditing and record keeping. However, there are serious drawbacks that come with utilizing an in-house fax server solution and these range from security to cost-prohibitive pricing. more

  • The IT Manager's Survival Guide

    As an IT manager, maintaining physical fax servers and infrastructure is not a high priority. However, fax capability remains a business need simply because chances are your industry is dependent on its security. What if there was a way to reduce the amount of time spent handling fax complaints and maintaining physical servers? And this way took into account security, cost savings, and freed up your IT resources. Would you be interested? more

  • VoIP: Your New Secret Weapon for a Strong Year End

    As the end of 2017 nears, you may be feeling pressure to make sure you close the year out strong.If you’ve been sitting on the fence regarding VoIP, this may be the perfect time to switch. VoIP options had never been better or more full-featured than they are now, and it may be just the thing your business needs to see a productivity and profitability boost. more

  • Is Your Phone System Stealing Profits?

    Having the wrong phone system can dramatically cut into your profits. Despite this, many businesses just sign up for a plan or platform that seems ‘good enough’. If you haven’t carefully considered your options and the included features, there’s a very good chance that you are leaving money on the table in some way. more

Related Articles