ABSTRACT
The IP Exchange (IPX) connects telecommunication networks with each other. It enables features like roaming and data access while traveling. Designed as a closed network it is now opening up and unauthorized entities now misuse the IPX network for their purposes. The interconnection networks suffer from many Signaling System No 7 (SS7) protocol attacks. Advanced operators now use Diameter based LTE roaming. We will illustrate how under certain network configurations an attacker can collect sufficient amount of insider information and then modify the subscriber profile to change the access point configuration in different core network nodes and by that place himself in the middle of the data traffic path for the user. We will close with recommendations on how to prevent such an attack.
