An Overview of GTP Protocol
Introduction
Over the last couple of years due to the elimination of the international roaming price barrier Mobile traffic using the GTP Protocol has exploded. The roaming traffic, voice, and data globally are expected to grow 32X by 2022 and reach over 1.5 Mb per subscriber annually. The impact of 5G s expected to bring a big change in the mobile roaming ecosystem and that will automatically include business models, subscriber usage, and network requirement.
What is GTP?
A protocol that carries within GSM, UMTS, and LTE with an IP-based communication, control, and data plane is called GPRS Tunneling Protocol (GTP). GTP is used to carry general packet radio service (GPRS) within GSM, UMTS (3G), and LTE (4G) networks as specified by 3GPP in various interface points. It includes GTP-C called the control plane component. GTP is used to establish a GTP tunnel or channel between the user equipment and mobile network nodes (serving gateways and packet gateways) to exchange user and control data. It is used to encapsulate user data when passing through the core network and carries bearer-specific signaling traffic between various core network entities.
Why is GTP used in LTE?
1. It provides mobility. Since tunneling is provided between PGW and eNB via SGW, the packets are still provided with the same IP address.
2. To obtain different network QoS multiple tunnels can be used by the same UE
3. Main IP remains hidden, so it provides security as well
4. Creation, deletion, and modification of tunnels in case of GTP-C
The biggest facilitation of GTP is the easy transmission of mobile data traffic although, GTP was designed when mobile networks were considered unbreachable. Let’s go through other vulnerabilities of GTP:-
1. GTP depends upon the security provided through authentication or authorization.
2. GTP was never designed with security in mind
3. GTP has no inherent security mechanisms
4. GTP does not facilitate validating message integrity
5. GTP does not facilitate sender authenticity.
6. Most operators face common GTP attacks.
7. Attackers exploit vulnerabilities by abusing GTP interfaces exposed to the network. These malicious people can be cyber criminals that usually try hand to control the roaming links.
8. GTP s do not secure confidential data disclosures
9. GTP leads to denial of service
10. It does not subtract network overloads
11. Not secure in the range of fraud activities.
Roaming Network Requirements
The key function with which the roaming network specifications were created was to facilitate subscribers and operators. The thought was to give subscribers the liberty to move seamlessly between networks and to provide operators a mechanism to recoup costs through non-subscribers.
A new function, the Security Protection Proxy (SEPP), using the http/2 protocol will be used to connect home roaming partners for the control plane. As far as the user plane is concerned it will still use GTP. The additional protection facility achieved through SEPP shall secure inter-exchange/roaming vulnerabilities that exist in SS7 and DIAMETER protocols. For secure steering of roaming (SoR), 5G will use native support and 5G SOR shall enable the home network operator to steer its customers while roaming to its preferred visited partner networks.
Growth in Networks and Subscribers in upcoming years
Over the next five years, it is expected that mobile subscriptions will increase a modest 2 percent annually. 5G shall carry with it a great volume and magnanimous diversity of traffic with seamless interconnection everywhere.
Roaming Business Model
Roaming Business Model includes a contractual arrangement between operators who agree to carry traffic for each other’s subscribers through bilateral peering agreements or through agreements with GRX/IPX providers.
Roaming Security
To avoid any malicious practices, the roaming agreement was considered adequate by many operators. Often GTP protocol is expected to carry with it some known vulnerabilities still the authentication mechanism has often convinced operators not to deploy 4G implementation. And due to this, there has been a vast change in the mobile roaming landscape with n number of threats which are expected to increase even more through the introduction of 5G.
Conclusion
As operators are widely moving towards 5G leaving the 4G trend behind they are becoming more and more risk inherent. Roaming traffic, with its high complexity and many interconnect partners and hubs, can be an especially vulnerable and attractive target for malicious actors.
Comments