Abstract
As mobile communications increase their presence in our life, service availability becomes a crucial player for the next generation of cellular networks. However, both 4G and 5G systems lack of full protection against Denial-of-Service (DoS) attacks, due to the need of designing radio-access protocols focused on providing seamless connectivity. This paper presents a new method to detect a DoS attack over the Radio Resource Control (RRC) layer, offering three original metrics to identify such attack in a live Intrusion Detection System (IDS). The proposed metrics evaluate the connection release rate, the average session establishment and the session success rate to identify the attack. The presented results provide an average detection rate above 96%, with an average false positive rate below 3.8%.
Keywords
This work has been supported by the Gulf Science, Innovation and Knowledge Economy Programme of the UK Government under UK-Gulf Institutional Link grant IL 279339985.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Vintila, C., Patriciu, V.: Security analysis of LTE access network. In: Proceedings 10th International Conference Networks (ICN 2011), pp. 29–34 (2011)
Yu, D., Wen, W.: Non-access-stratum request attack in E-UTRAN. In: Computing, Communications and Applications, pp. 48–53 (2012)
Bilogrevic, I., Jadliwala, M., Hubaux, J.: Security issues in next generation mobile networks: LTE and femtocells. In: 2nd International Femtocell Workshop, pp. 1–3, Luton, UK (2010)
Purkhiabani, M., Salahi, A.: Enhanced authentication and key agreement procedure of next generation evolved mobile networks. In: 2011 IEEE 3rd International Conference on Communication Software and Networks, May 2011, pp. 557–563 (2011)
3GPP TS 33.401: Technical Specification Group Services and System Aspects; 3GPP System Architecture Evolution (SAE); Security Architecture, vol. 1, no. v.15.6.0 - Release 15, pp. 1–79 (2018)
Vintilă, C.-E., Patriciu, V.-V., Bica, I.: An analysis of secure interoperation of EPC and mobile equipments. In: 6th International Conference on Digital Telecommunications, pp. 1–6 (2011)
3GPP TS 33.501: Technical Specification Group Services and System Aspects; Security architecture and procedures for 5G system, vol. 1, no. v.15.3.1 - Release 15, pp. 1–181 (2018)
3GPP TS 38.300: Technical Specification Group Radio Access Network; NR; NR and NG-RAN Overall Description; Stage 2. vol. 0, no. v.15.4.0 - Release 15, pp. 1–97 (2018)
Shafer, G.: A Mathematical Theory of Evidence. Princeton University Press, Princeton (1976)
Bassil, R., Chehab, A., Elhajj, I., Kayssi, A.: Signaling oriented denial of service on LTE networks. In: Proceedings of the 10th ACM International Symposium on Mobility Management and Wireless Access, Ser. MobiWac 2012, pp. 153–158. ACM, New York (2012)
Jover, R.P., Lackey, J., Raghavan, A.: Enhancing the security of LTE networks against jamming attacks. EURASIP J. Inf. Secur. 1–14 (2014)
Li, X., Wang, Y.: Security enhanced authentication and key agreement protocol for LTE/SAE network. In: 2011 7th International Conference on Wireless Communications, Networking and Mobile Computing, September 2011, pp. 1–4 (2011)
Køien, G.M.: Mutual entity authentication for LTE. In: 2011 7th International Wireless Communications and Mobile Computing Conference, July 2011, pp. 689–694 (2011)
Zheng, Y., He, D., Yu, W., Tang, X.: Trusted computing-based security architecture for 4G mobile networks. In: Sixth International Conference on Parallel and Distributed Computing Applications and Technologies (PDCAT 2005), pp. 251–255 (2005)
Zheng, Y., He, D., Tang, X., Wang, H.: AKA and authorization scheme for 4G mobile networks based on trusted mobile platform. In: 2005 5th International Conference on Information Communications Signal Processing, December 2005, pp. 976–980 (2005)
3GPP TS 22.278: Technical Specification Group Services and System Aspects; Service requirements for the Evolved Packet System (EPS), Network, vol. 0, no. v.16.1.0 - Release 16, pp. 1–50 (2018)
3GPP TS 36.331: Technical Specification Group Radio Access Network; Evolved Universal Terrestrial Radio Access (E-UTRA); Radio Resource Control (RRC); Protocol specification, no. v.15.4.0 - Release 15 (2018)
Wetteroth, D.: OSI Reference Model for Telecommunications. McGraw-Hill Professional, New York (2001)
Cao, J., Ma, M., Li, H., Zhang, Y., Luo, Z.: A Survey on security aspects for LTE and LTE-A networks. IEEE Commun. Surv. Tutor. 16(1), 283–302 (2014)
Lichtman, M., Reed, J.H., Clancy, T.C., Norton, M.: Vulnerability of LTE to hostile interference. In: 2013 IEEE Global Conference on Signal and Information Processing, December 2013, pp. 285–288 (2013)
Cho, J.-S., Kang, D., Kim, S., Oh, J., Im, C.: Secure UMTS/EPS authentication and key agreement. In: Park, J., Leung, V., Wang, C.L., Shon, T. (eds.) Future Information Technology. Application, and Service, pp. 75–82. Springer, Dordrecht (2012). https://doi.org/10.1007/978-94-007-5064-7_11
3GPP TS 36.300: Technical Specification Group Radio Access Network; Evolved Universal Terrestrial Radio Access (E-UTRA) and Evolved Universal Terrestrial Radio Access Network (E-UTRAN); Overall description; Stage 2, no. v.14.0.2 - Release 14, 2017
Khan, M., Ahmed, A., Cheema, A.R.: Vulnerabilities of UMTS access domain security architecture. In: Ninth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing, 2008, SNPD 2008, pp. 350–355 IEEE (2008)
Reineking, T.: Belief functions: theory and algorithms. Ph.D. dissertation, Mathematics and Informatics, University of Bremen (2014)
Escudero-Andreu, G.: Protection of Mobile and Wireless Networks Against Service Availability Attacks. Ph.D. dissertation, Loughborough University (2018)
Kyriakopoulos, K.G., Aparicio-Navarro, F.J., Parish, D.J.: Manual and automatic assigned thresholds in multi-layer data fusion intrusion detection system for 802.11 attacks. IET Inf. Secur. 8(1), 42–50 (2014)
Olson, D.L., Delen, D.: Advanced Data Mining Techniques, 1st edn. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-76917-0
Elhamahmy, M.E., Elmahdy, H.N., Saroit, I.A.: A new approach for evaluating intrusion detection system. Artif. Intell. Syst. Mach. Learn. 2(11), 290–298 (2010)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Escudero-Andreu, G., Kyriakopoulos, K., Flint, J.A., Lambotharan, S. (2019). Detecting Signalling DoS Attacks on LTE Networks. In: Duong, T., Vo, NS., Nguyen, L., Vien, QT., Nguyen, VD. (eds) Industrial Networks and Intelligent Systems. INISCOM 2019. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 293. Springer, Cham. https://doi.org/10.1007/978-3-030-30149-1_23
Download citation
DOI: https://doi.org/10.1007/978-3-030-30149-1_23
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-30148-4
Online ISBN: 978-3-030-30149-1
eBook Packages: Computer ScienceComputer Science (R0)