{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,18]],"date-time":"2026-05-18T22:51:38Z","timestamp":1779144698466,"version":"3.51.4"},"reference-count":133,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"2","license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"DOI":"10.13039\/501100004681","name":"Higher Education Commission (HEC), Pakistan, through its initiative of National Center for Cyber Security for the affiliated lab National Cyber Security Auditing and Evaluation Lab","doi-asserted-by":"publisher","award":["2(1078)\/HEC\/M&E\/2018\/707"],"award-info":[{"award-number":["2(1078)\/HEC\/M&E\/2018\/707"]}],"id":[{"id":"10.13039\/501100004681","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Commun. Surv. Tutorials"],"published-print":{"date-parts":[[2020]]},"DOI":"10.1109\/comst.2020.2971757","type":"journal-article","created":{"date-parts":[[2020,2,5]],"date-time":"2020-02-05T18:33:02Z","timestamp":1580927582000},"page":"1337-1371","source":"Crossref","is-referenced-by-count":181,"title":["SS7 Vulnerabilities\u2014A Survey and Implementation of Machine Learning vs Rule Based Filtering for Detection of SS7 Network Attacks"],"prefix":"10.1109","volume":"22","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-6117-1477","authenticated-orcid":false,"given":"Kaleem","family":"Ullah","sequence":"first","affiliation":[{"name":"Information Security Department, National University of Sciences and Technology, Islamabad"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Imran","family":"Rashid","sequence":"additional","affiliation":[{"name":"Department of Electrical Engineering, Military College of Signals, National University of Sciences and Technology, Rawalpindi, Pakistan"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9583-5585","authenticated-orcid":false,"given":"Hammad","family":"Afzal","sequence":"additional","affiliation":[{"name":"Computer Science, National University of Sciences and Technology, Islamabad, Pakistan"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3616-2621","authenticated-orcid":false,"given":"Mian Muhammad Waseem","family":"Iqbal","sequence":"additional","affiliation":[{"name":"Information Security Department, National University of Sciences and Technology, Islamabad"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6013-062X","authenticated-orcid":false,"given":"Yawar Abbas","family":"Bangash","sequence":"additional","affiliation":[{"name":"Computer Science, National University of Sciences and Technology, Islamabad, Pakistan"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Haider","family":"Abbas","sequence":"additional","affiliation":[{"name":"Information Security Department, National University of Sciences and Technology, Islamabad"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref39","first-page":"711","article-title":"A defense method based on improved MTP3 message discrimination in SS7 network","author":"xinyuan","year":"2011","journal-title":"Proc IEEE 7th Int Conf Nat Comput (ICNC)"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1109\/IFITA.2009.120"},{"key":"ref33","article-title":"SCTPscan-finding entry points to SS7 networks & telecommunication backbones","author":"langlois","year":"2007","journal-title":"Proc BlackHat Convention (BH)"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1145\/1541880.1541882"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1109\/MNET.2006.273119"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1109\/VOIPMS.2006.1638116"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1007\/s11276-008-0101-x"},{"key":"ref36","article-title":"Assessing security of mobile telecommunication networks","author":"kotapati","year":"2008"},{"key":"ref35","first-page":"25","article-title":"Locating mobile phones using signaling system#7","author":"engel","year":"2008","journal-title":"25th Chaos Commun Congr"},{"key":"ref34","year":"2018","journal-title":"Black Hat"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1007\/978-0-387-35587-0_11"},{"key":"ref27","year":"2014","journal-title":"SS7map SS7 Networks Exposure"},{"key":"ref29","first-page":"585","article-title":"Security architecture standardization and services in UMTS","author":"xenakis","year":"2002","journal-title":"Proc Mobile Venue"},{"key":"ref20","author":"gibbs","year":"2016","journal-title":"U S Congressman Calls for Investigation Into Vulnerability That Lets Hackers Spy on Every Phone"},{"key":"ref22","author":"mcdaid","year":"2015","journal-title":"Can They Hear You Now? Hacking Team & SS7—AdaptiveMobile"},{"key":"ref21","author":"gellman","year":"2013","journal-title":"New Documents Show How the NSA Infers Relationships Based on Mobile Location Data"},{"key":"ref24","author":"goodwin","year":"2015","journal-title":"Security Flaw Exposes Billions of Mobile Phone Users to Eavesdropping"},{"key":"ref23","year":"2018","journal-title":"Positive Technologies—Vulnerability Assessment Compliance Management and Threat Analysis Solutions"},{"key":"ref101","doi-asserted-by":"publisher","DOI":"10.1109\/Trustcom.2015.500"},{"key":"ref26","author":"clark","year":"2016","journal-title":"Watch Hackers Hijack WhatsApp and Telegram Accounts Using Known Telecom Flaw"},{"key":"ref100","year":"2018","journal-title":"Unwired Labs"},{"key":"ref25","author":"timberg","year":"2014","journal-title":"German Researchers Discover a Flaw That Could Let Anyone Listen to Your Cell Calls"},{"key":"ref50","year":"2018","journal-title":"SS7 Attack Simulator Based on RestComm’s JSS7"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1109\/IFIPNetworking.2016.7497239"},{"key":"ref59","first-page":"505","article-title":"A data confidentiality approach to SMS on Android","author":"aung","year":"2018","journal-title":"Proc Int Conf Intell Comput Optim"},{"key":"ref58","doi-asserted-by":"publisher","DOI":"10.1109\/IBCAST.2018.8312268"},{"key":"ref57","doi-asserted-by":"publisher","DOI":"10.1109\/ICUFN.2018.8436820"},{"key":"ref56","doi-asserted-by":"publisher","DOI":"10.1007\/s11432-017-9428-6"},{"key":"ref55","first-page":"79","article-title":"Can I get your digits? Illegal acquisition of wireless phone numbers for SIM-SWAP attacks and wireless provider liability","volume":"79","author":"andrews","year":"2018","journal-title":"Northwestern Journal of Technology and Intellectual Property"},{"key":"ref54","doi-asserted-by":"publisher","DOI":"10.13052\/jicts2245-800X.512"},{"key":"ref53","first-page":"912","article-title":"SS7 network and its vulnerabilities: An elementary review","volume":"3","author":"savadatti","year":"2017","journal-title":"Imperial J Interdiscipl Res"},{"key":"ref52","doi-asserted-by":"publisher","DOI":"10.1109\/35.762865"},{"key":"ref40","first-page":"65","article-title":"Computational security analysis of the UMTS and LTE authentication and key agreement protocols","author":"mj\u00f8lsnes","year":"2012","journal-title":"Proc 6th Int Conf Math Methods Models Archit Comput Netw Security (MMM-ACNS)"},{"key":"ref4","author":"kurbatov","year":"2015","journal-title":"Hacking Mobile Network Via SS7 Interception Shadowing and More"},{"key":"ref3","year":"2017"},{"key":"ref6","author":"isomaki","year":"1999","journal-title":"Security in the Traditional Telecommunications Networks and in the Internet"},{"key":"ref5","first-page":"273","article-title":"Securing SS7 telecommunications networks","author":"lorenz","year":"2001","journal-title":"Proc IEEE Workshop Inf Assurance Security"},{"key":"ref8","author":"mourad","year":"0","journal-title":"The Fall of SS7 How Can the Critical Security Controls Help?"},{"key":"ref49","doi-asserted-by":"publisher","DOI":"10.1007\/s10586-017-0811-x"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1016\/S1353-4858(17)30008-9"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1007\/978-94-011-1592-6_4"},{"key":"ref46","article-title":"Analysis and mitigation of recent attacks on mobile communication backend","author":"rao","year":"2015"},{"key":"ref45","article-title":"SS7: Locate. Track. Manipulate","author":"engel","year":"2014","journal-title":"Proc 31st Chaos Commun Congr"},{"key":"ref48","first-page":"7","article-title":"Better protection of SS7 using machine learning techniques","author":"jensen","year":"2016","journal-title":"Proc Int Conf IT Converg Secur (ICITCS)"},{"key":"ref47","article-title":"Improving SS7 security using machine learning techniques","author":"jensen","year":"2016"},{"key":"ref42","year":"2018","journal-title":"Hackito Ergo Sum 2014—Hacker Community for Free Security Research"},{"key":"ref41","author":"de oliveira","year":"2014","journal-title":"Worldwide Attacks on SS7 Network’ Hackito Ergo Summit"},{"key":"ref44","year":"2018","journal-title":"Chaos Computer Club"},{"key":"ref43","article-title":"Mobile self-defense","author":"nohl","year":"2014","journal-title":"Proc 31st Chaos Commun Congr"},{"key":"ref127","year":"2018","journal-title":"Euclidean distance"},{"key":"ref126","author":"trevino","year":"2018","journal-title":"Introduction to k-means clustering"},{"key":"ref125","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-28349-8_2"},{"key":"ref124","doi-asserted-by":"publisher","DOI":"10.1145\/1163593.1163596"},{"key":"ref73","year":"2001"},{"key":"ref72","year":"2015"},{"key":"ref129","doi-asserted-by":"publisher","DOI":"10.1016\/S0167-7012(00)00201-3"},{"key":"ref71","year":"2009"},{"key":"ref128","year":"2018","journal-title":"Corvasto\/Simple-k-Means-Clustering-Python"},{"key":"ref70","doi-asserted-by":"publisher","DOI":"10.1109\/5.135382"},{"key":"ref76","year":"2018","journal-title":"GSM Core Network Overview"},{"key":"ref130","doi-asserted-by":"publisher","DOI":"10.1109\/2.485891"},{"key":"ref77","doi-asserted-by":"publisher","DOI":"10.1109\/ICUPC.1994.383141"},{"key":"ref74","year":"2002"},{"key":"ref75","year":"2015"},{"key":"ref133","author":"vacca","year":"2012","journal-title":"Computer and Information Security Handbook"},{"key":"ref131","year":"2015","journal-title":"jss7 GitHub Repository"},{"key":"ref78","year":"1999"},{"key":"ref132","author":"jensen","year":"2016","journal-title":"SS7 Preproessing GitHub Repository"},{"key":"ref79","article-title":"Interface protocols for the connection of short message service centers (SMSCs) to short message entities (SMEs)","year":"1999"},{"key":"ref60","author":"kulubi","year":"0","journal-title":"Glossary of Terms & Standards Used in Telecommunication Systems"},{"key":"ref62","author":"van bosse","year":"2007","journal-title":"Signaling in Telecommunication Networks"},{"key":"ref61","article-title":"SS7 OPNET simulation signaling system no. 7, (SS7) network interfaces","author":"chung","year":"2000"},{"key":"ref63","first-page":"157","author":"van bosse","year":"2007","journal-title":"Signaling in Telecommunication Networks"},{"key":"ref64","year":"2018","journal-title":"Tutorials on Signaling Sytem 7 (SS7)"},{"key":"ref65","doi-asserted-by":"publisher","DOI":"10.1109\/ISCC.1997.615980"},{"key":"ref66","year":"2002"},{"key":"ref67","year":"2018","journal-title":"GSMA Intelligence White Paper Mobile Network Technology Lifecycle The Future of 2G Networks"},{"key":"ref68","doi-asserted-by":"publisher","DOI":"10.1109\/65.67857"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1109\/IPDPS.2005.297"},{"key":"ref69","year":"2018","journal-title":"Dialogic DSI SS7 Stack—EiconWorks com"},{"key":"ref1","year":"2016","journal-title":"Primary Security Threats for SS7 Cellular Networks"},{"key":"ref109","author":"chung","year":"2007","journal-title":"Prototyping and evaluation of TCAPsec"},{"key":"ref95","author":"pudney","year":"2002","journal-title":"Liaison Statement on Restoration of R’96 Any Time Interrogation Functionality"},{"key":"ref108","doi-asserted-by":"publisher","DOI":"10.17487\/rfc3332"},{"key":"ref94","year":"2013"},{"key":"ref107","doi-asserted-by":"publisher","DOI":"10.17487\/rfc3525"},{"key":"ref93","doi-asserted-by":"publisher","DOI":"10.1109\/98.847919"},{"key":"ref106","article-title":"CCS 7 networks dependability studies: Phase 2 deliverable 2","author":"oneglia","year":"1998"},{"key":"ref92","doi-asserted-by":"publisher","DOI":"10.1109\/TVT.2007.901060"},{"key":"ref105","article-title":"Study into routing of MT-SMs via the HPLMN release 7","year":"2007"},{"key":"ref91","author":"chandra","year":"2005","journal-title":"Bullet Proof Wireless Security GSM UMTS 802 11 and Adhoc Security"},{"key":"ref104","article-title":"Understanding IMSI privacy","author":"udar","year":"2014","journal-title":"Proc Vortrag Auf Der Konferenz Blackhat USA"},{"key":"ref90","year":"2003"},{"key":"ref103","year":"0","journal-title":"Snoopsnitch"},{"key":"ref102","article-title":"Bell communications research specification of signaling system number 7, T1.111.4","year":"1998"},{"key":"ref111","author":"murphy","year":"2018","journal-title":"Major Security Flaw in SS7-How SMS Home Routing Can Plug the Gap"},{"key":"ref112","doi-asserted-by":"publisher","DOI":"10.1145\/1386853.1378356"},{"key":"ref110","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2018.2820728"},{"key":"ref98","year":"2009","journal-title":"serving mobile location centre (SMLC) radio resource LCS protocol (RRLP)"},{"key":"ref99","year":"2018","journal-title":"SHODAN—Computer Search Engine"},{"key":"ref96","year":"2003"},{"key":"ref97","article-title":"LCS capable GSM network","author":"oza","year":"2015"},{"key":"ref10","first-page":"561","article-title":"Closer look at telecom deregulation: The European advantage","volume":"12","author":"mayer-schonberger","year":"1998","journal-title":"Harvard J Law Technol"},{"key":"ref11","year":"1996","journal-title":"Telecommunications Act of 1996"},{"key":"ref12","article-title":"The new German telecommunications act","volume":"4","author":"spies","year":"1997","journal-title":"Mich Telecomm Tech L Rev"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1109\/CYCON.2016.7529440"},{"key":"ref14","year":"2014","journal-title":"Signaling System 7 (SS7) Security Report"},{"key":"ref15","author":"mouly","year":"1992","journal-title":"The GSM System for Mobile Communications"},{"key":"ref118","doi-asserted-by":"publisher","DOI":"10.1109\/SURV.2008.080406"},{"key":"ref16","author":"kaaranen","year":"2001","journal-title":"UMTS Networks Architecture Mobility and Services"},{"key":"ref82","author":"langlois","year":"2010","journal-title":"Getting in the SS7 Kingdom Hard Technology and Disturbingly Easy Hacks to Get Entry Points in the Walled Garden"},{"key":"ref117","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2015.2494502"},{"key":"ref17","year":"2011"},{"key":"ref81","year":"2012"},{"key":"ref18","year":"2018","journal-title":"Verint Skylock Product Brochure"},{"key":"ref84","doi-asserted-by":"publisher","DOI":"10.1109\/MCOM.2008.4623708"},{"key":"ref119","doi-asserted-by":"publisher","DOI":"10.1145\/1007730.1007735"},{"key":"ref19","year":"2018","journal-title":"Defentek Infiltrator Product Brochure"},{"key":"ref83","doi-asserted-by":"publisher","DOI":"10.17487\/rfc4960"},{"key":"ref114","doi-asserted-by":"publisher","DOI":"10.1023\/B:PNET.0000026887.35638.ce"},{"key":"ref113","doi-asserted-by":"publisher","DOI":"10.1002\/047148296X.tie149"},{"key":"ref116","doi-asserted-by":"publisher","DOI":"10.1109\/ICSNC.2008.44"},{"key":"ref80","year":"2012"},{"key":"ref115","doi-asserted-by":"publisher","DOI":"10.17487\/rfc6489"},{"key":"ref120","doi-asserted-by":"publisher","DOI":"10.1023\/A:1007617005950"},{"key":"ref89","author":"biondi","year":"2015","journal-title":"Project Home Page"},{"key":"ref121","doi-asserted-by":"publisher","DOI":"10.1016\/B978-1-55860-377-6.50032-3"},{"key":"ref122","first-page":"3","article-title":"Supervised machine learning: A review of classification techniques","volume":"160","author":"kotsiantis","year":"2007","journal-title":"Proc Emerg Artif Intell Appl Comput Eng"},{"key":"ref123","doi-asserted-by":"publisher","DOI":"10.1016\/j.istr.2009.03.003"},{"key":"ref85","doi-asserted-by":"publisher","DOI":"10.1109\/MWSCAS.2002.1187082"},{"key":"ref86","article-title":"Proposal and implementation of an IDS for potential SMS spam signaling messages on SS7","author":"yeboah","year":"2016"},{"key":"ref87","doi-asserted-by":"publisher","DOI":"10.17487\/rfc2719"},{"key":"ref88","year":"2018","journal-title":"SCTPscan SCTP Network and Port Scanner P1Security"}],"container-title":["IEEE Communications Surveys & Tutorials"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/9739\/9102343\/08984216.pdf?arnumber=8984216","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,1,27]],"date-time":"2026-01-27T06:10:49Z","timestamp":1769494249000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/8984216\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"references-count":133,"journal-issue":{"issue":"2"},"URL":"https:\/\/doi.org\/10.1109\/comst.2020.2971757","relation":{},"ISSN":["1553-877X","2373-745X"],"issn-type":[{"value":"1553-877X","type":"electronic"},{"value":"2373-745X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020]]}}}