Signaling oriented denial of service on LTE networks

Journal of ICT Standardization

Mobile communication systems are ubiquitous nowadays. The main requirements of these networks are privacy and security of the subscriber as well as a high performance. To provide these properties the 3GPP (Third Generation Partnership Project) developed the LTE (Long Term Evolution) mobile communication network which is deployed worldwide. In this paper, we give a brief overview of the LTE Network Architecture as well as a look on the security mechanism as defined by 3GPP. We describe the security architecture and discuss possible threats and attacks on the core and on the access network. Due to these possible attacks we developed a program which is able to extract certain security relevant information out of the message flow in real time and to detect a possible attach flood attack. Finally, we validate the function of the program with three test cases and discuss the impact of such flood attacks on the LTE network and other future work to extend it to other protocol exchanges.

IEEE Transactions on Dependable and Secure Computing, 2014

One of the fundamental security elements in cellular networks is the authentication procedure performed by means of the Subscriber Identity Module that is required to grant access to network services and hence protect the network from unauthorized usage. Nonetheless, in this work we present a new kind of denial of service attack based on properly crafted SIM-less devices that, without any kind of authentication and by exploiting some specific features and performance bottlenecks of the UMTS network attachment process, are potentially capable of introducing significant service degradation up to disrupting large sections of the cellular network coverage. The knowledge of this attack can be exploited by several applications both in security and in network equipment manufacturing sectors.

Achievements and Trends, 2014

The increase of the number of smart devices using mobile networks' services is followed by the increase of the number of security threats for mobile devices, generating new challenges for mobile network operators. Signaling attacks and storms represent an emerging type of distributed denial of service (DDoS) attacks and happen because of special malware installed on smart devices. These attacks are performed in the control plane of the network, rather than the data plane, and their goal is to overload the signaling servers which leads to service degradation and even network failures. This paper proposes a detection and mitigation mechanism of such attacks which is based on counting repetitive bandwidth allocations by mobile terminals and blocking the misbehaving ones. The mechanism is implemented in our simulation environment for security in mobile networks SECSIM. The detector is evaluated calculating the probabilities of false positive and false negative detection and is characterised by very low negative impact on un-attacked terminals. Simulation results using joint work of both detector and mitigator, are shown for: the number of allowed attacking bandwidth allocations, end-to-end delay for normal users, wasted bandwidth and load on the signaling server. Results suggest that for some particular settings of the mechanism, the impact of the attack is successfully lowered, keeping the network in stable condition and protecting the normal users from service degradations.

International Journal of Advanced Computer Science and Applications, 2021

With the advent of 5th generation (5G) technology, the mobile paradigm witnesses a tremendous evolution involving the development of a plethora of new applications and services. This enormous technological growth is accompanied with an huge signaling overhead among 5G network elements, especially with emergence of massive devices connectivity. This heavy signaling load will certainly be associated with an important security threats landscape, including denial of service (DoS) attacks against the 5G control plane. In this paper, we analyse the performance of a defense mechanism based randomization technique designed to mitigate the impact of DoS signaling attack in 5G system. Based on massive machine-type communications (mMTC) traffic pattern, the simulation results show that the proposed randomization mechanism decreases significantly the signaling data volume raised from the new 5G Radio Resource Control (RRC) model under normal and malicious operating conditions, which up to 70% while avoiding the unnecessary resource consumption.

Computer Communications, 2010

Third-generation cellular networks are exposed to novel forms of denial-of-service attacks that only recently have started to be recognized and documented by the scientific community. In this contribution, we review some recently published attack models specific for cellular networks. We review them collectively in order to identify the main system-design aspects that are ultimately responsible for the exposure to the attack. The goal of this contribution is to build awareness about the intrinsic weaknesses of 3G networks from a system-design perspective. In doing that we hope to inform the design practice of future generation networks, motivating the adoption of randomization, adaptation and prioritization as central ingredients of robust system design.

Zeki sistemler teori ve uygulamaları dergisi, 2023

In today's digital landscape, Distributed Denial of Service (DDoS) attacks stand out as a formidable threat to organisations all over the world. As known technology gradually advances and the proliferation of mobile devices, cellular network operators face pressure to fortify their infrastructure against these risks. DDoS incursions into Cellular Long-Term Evolution (LTE) networks can wreak havoc, elevate packet loss, and suboptimal network performance. Managing the surges in traffic that afflict LTE networks is of paramount importance. Queue management algorithms emerge as a viable solution to wrest control over congestion at the Radio Link Control (RLC) layer within LTE networks. These algorithms work proactively, anticipating, and mitigating congestion by curtailing data transfer rates and fortifying defences against potential DDoS onslaughts. In the paper, we delve into a range of queue management methods Drop-Tail, Random Early Detection (RED), Controlled Delay (CoDel), Proportional Integral Controller Enhanced (PIE), and Packet Limited First In, First Out queue (pFIFO). Our rigorous evaluation of these queue management algorithms hinges on a multifaceted assessment that encompasses vital performance parameters. We gauge the LTE network's resilience against DDoS incursions, measuring performance based on end-to-end delay, throughput, packet delivery rate (PDF), and fairness index values. The crucible for this evaluation is none other than the NS3 simulator, a trusted platform for testing and analysis. The outcomes of our simulations provide illuminating insights. CoDel, RED, PIE, pFIFO, and Drop-Tail algorithms emerge as top performers in succession. These findings underscore the critical role of advanced queue management algorithms in fortifying LTE networks against DDoS attacks, offering robust defences and resilient network performance.

2006

Abstract Recently voice over IP (VoIP) is experiencing a phenomenal growth. Being a real-time service, VoIP is more susceptible to denial-of-service (DoS) attacks than regular Internet services. Moreover, VoIP uses multiple protocols for call control and data delivery, making it vulnerable to various DoS attacks at different protocol layers. An attacker can easily disrupt VoIP services by flooding TCP SYN packets, UDP-based RTP packets, or SIP-based INVITE messages, which pose a critical threat to IP telephony.

Mobile telephony based on UMTS uses finite-state control schemes for wireless channels and for signaling across the network. These schemes are used systematically in various phases of the communication and are vulnerable to attacks that can bring down the network through unjustified bandwidth allocation and excessive signaling across the control plane. In this paper we identify those system parameters which are critical to the success of such attacks, and propose changes that can limit the effect of the attack. The approach is based on establishing a mathematical model of a UMTS system that is undergoing attacks, and on showing how parameters can be optimally modified to minimise the effect of the attack as experienced by the mobile device and the network.

In this paper we consider security of internet access over the Third Generation (3G) telecommunication systems. We Consider Universal Mobile Telecommunications System (UMTS) is selected as the most popular system among 3G systems. Here we detecting and removing DDos attack in UMTS network. The study then focuses on network access security mechanism of UMTS denial of service, identity catching, and redirection as the most significant attacks against authentication mechanism. Furthermore, we provide some solutions and methods to improve and prevent these attacks in UMTS system. The Universal Mobile Telecommunication System, more commonly known as UMTS, is now the world's leading mobile telecommunication system serving over 4 billion subscribers worldwide. UMTS has got much popularity as the earlier GSM system failed to cope up with higher data rate demands and faced some major security flaws. Although the UMTS system is able to mitigate most of those security flaws, yet it is not invincible to the new threats emerging with new and more sophisticated technologies. Many different kinds of security breaches are possible against UMTS networks. In this short technical essay, we will focus only on the Denial of Service (DoS) attacks on the UMTS access network, we replace GSM network with UMTS network because of security flaws. Distributed Denial of Service (DDoS) attacks exhaust victim's bandwidth or services. In this paper, different types and techniques of DDoS attacks and their countermeasures are reviewed. We also discuss some traditional methods of defence such as trace back and packet filtering techniques so that readers can identify major differences between traditional and current techniques of defence against DDoS attacks. Before the discussion on countermeasures, we mention different attack types under DDoS with traditional and advanced schemes while some information on DDoS trends in the year 2012 Quarter-1 is also provided. We identify that application layer DDoS attacks possess the ability to produce greater impact on the victim as they are driven by legitimate-like traffic making it quite difficult to identify and distinguish from legitimate requests. The need of improved defence against such attacks is therefore more demanding in research. The study conducted in this paper can be helpful for readers and researchers to recognize better techniques of defence in current times against DDoS attacks and contribute with more research on the topic in the light of future challenges identified in this paper.

IEEE Access, 2018

The long-term evolution (LTE)/LTE-advanced (LTE-A) network provides advanced services for billions of users with its higher bandwidths, better spectrum efficiency, and lower latency than legacy cellular networks. But it still suffers from new security threats due to its all IP-based heterogeneous architecture. Therefore, there is a critical need to perform a rapid and accurate network security measurement in the LTE/LTE-A network. To achieve LTE/LTE-A network security measurement, security-relevant data (in short security data) collection and data analysis for attack detection are required as prerequisites. However, most of the existing work only focuses on data collection and analysis for a certain type of LTE/LTE-A attacks. Little work has been done to comprehensively perform data collection and analysis for detecting various attacks on the LTE/LTE-A network. Different from previous work, in this paper, we review the security data collection and data analysis methods in terms of various attacks in order to provide the basis of security measurement in the LTE/LTE-A network. We first present a comprehensive taxonomy of attacks according to the LTE/LTE-A network structure. Then, we propose a number of criteria for evaluating the performance of data collection and analysis methods. And we lay our emphasis on the survey of data collection and analysis methods for significant active attack detection in the LTE/LTE-A network. All the reviewed methods are analyzed and discussed based on the proposed evaluation criteria. Furthermore, current open issues and future research challenges are presented with a view to stimulating future research. Finally, an adaptive data collection and data analysis model for security measurement in the LTE/LTE-A network is proposed.

The advent of mobile smart phones has led to a surge in numerous applications with a lot of network traffic. This in turn leads to signal storm attacks from malicious users, who disrupt the system by creating signaling storms. Malware attacks are quickly becoming a major security concern due to the advent of smart mobile devices and the increasing capacity and use of mobile networks for Internet access. The increasing number of host mobile malware adds to the problem. The infected devices cause a cascading effect creating signaling and network disruptions both deliberately and also due to malicious attacks. A signaling storm is one where the users are denied service by making huge attacks on the resources of the system either directly or indirectly taking control of other nodes in the network and sending huge amounts of request signals. This causes flooding, identity problems, injection attacks etc. The purpose is to detect such signaling storms in the first place. Next using the proposed hybrid Radio Resource protocol such attacks should be blocked and the malicious node should be removed from the network. The revocation will show sufficient congestion relief in the network traffic.

Voice over IP (VoIP) is more susceptible to Denial of Service attacks than traditional data traffic, due to the former's low tolerance to delay and jitter. We describe the design of our VoIP Vulnerability Assessment Tool (VVAT) with which we demonstrate vulnerabilities to DoS attacks inherent in many of the popular VoIP applications available today. In our threat model we assume an adversary who is not a network administrator, nor has direct control of the channel and key VoIP elements. His aim is to degrade his victim's QoS without giving away his presence by making his attack look like a normal network degradation. Even black-boxed, applications like Skype that use proprietary protocols show poor performance under specially crafted DoS attacks to its media stream. Finally we show how securing Skype relays not only preserves many of its useful features such as seamless traversal of firewalls but also protects its users from DoS attacks such as recording of conversations and disruption of voice quality. We also present our experiences using virtualization to protect VoIP applications from 'insider attacks'.

2018

Please check the manuscript for details of any other licences that may have been applied and it is a condition of accessing publications that users recognise and abide by the legal requirements associated with these rights. You may not engage in further distribution of the material for any profitmaking activities or any commercial gain. You may freely distribute both the url (http://uhra.herts.ac.uk/) and the content of this paper for research or private study, educational, or not-for-profit purposes without prior permission or charge. Take down policy If you believe that this document breaches copyright please contact us providing details, any such items will be temporarily removed from the repository pending investigation.