Feature Description

The UPF supports spoofing detection and mitigation using header enrichment. The anti-spoofing functionality allows the operators and their subscribers from spoofing threats posed by malicious UE devices. This feature detects the fraudulent activities when an external portal is used for subscriber or content authorization.

The anti-spoofing functionality is supported only for HTTP Requests. This functionality allows deletion and modification of the existing X-header fields in the HTTP header of the URL request.

If the user-generated header name is similar to the header name used in x-header format, you can search, delete, and modify the X-header fields. The X-header field names are case-insensitive. For example, if x-MSISDN and x-msisdn fields are present in an incoming HTTP request, both fields are processed.

If the user HTTP header already has the fields to be inserted, the corresponding values for those fields are replaced with the modified values from the gateway at the end of the header. In case of multiple entries for one field, which is already present in the header, a single instance of the field is selected along with the value inserted from the gateway.

In case of multiple HTTP GET requests, the packet header replaced with X-header fields for all GET requests. If encryption is enabled, it is performed after inserting the X-header.