Signaling-Oriented DoS Attacks in UMTS Networks

  • Georgios Kambourakis
  • Constantinos Kolias
  • Stefanos Gritzalis
  • Jong Hyuk-Park
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5576)


The Universal Mobile Telecommunication Standard (UMTS) is the Third Generation (3G) mobile technology with the widest public acceptance. Although, enhanced in matters of security, comparing to its predecessor i.e., the GSM, it still has vulnerabilities that can lead to security breach. In this paper we investigate the vulnerabilities of the UMTS architecture that can be exploited by a malicious entity to launch Denial of Service (DoS) attacks. We examine the methodologies that an attacker would possibly follow, as well as the possible outcome of such class of attacks. We also give some suggestions that would provide greater tolerance to the system against DoS attacks.


UMTS Denial of Service Signaling Security 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    3GPP Organization, (accessed, 13/01/2008)
  2. 2.
    3rd Generation Partnership Project 2, 3GPP2,
  3. 3.
    Kazumi Algorithm Specification, ETSI TS 135 202 V7.0.0, (accessed, 13/01/2008)
  4. 4.
    Tang, C., Wu, D.O.: Mobile Privacy in Wireless Networks-Revisited. IEEE transactions on the wireless communications 7(3), 1035–1042 (2008)CrossRefGoogle Scholar
  5. 5.
    Meyer, U., Wetzel, S.: A Man-in-the-Middle Attack on UMTS. In: WiSe 2004, Philadelphia, Pennsylvania, USA, October 1 (2004)Google Scholar
  6. 6.
    Lin, Y.-B., Chang, M.-F., Hsu, M.-T., Wu, L.-Y.: One-Pass GPRS and IMS Authentication Procedure for UMTS. IEEE Journal on selected areas in communications 23(6) (June 2005)Google Scholar
  7. 7.
    Gibson, S.: DRDoS Distributed Reflection Denial of Service (2002),
  8. 8.
    ETSI TS 133 102 Security architecture (December 2006)Google Scholar
  9. 9.
    ISO/IEC 9798-4. Information Technology; Security Techniques; Entity Authentication Part 4: Mechanisms using a cryptographic check function (1999)Google Scholar
  10. 10.
    Khan, M., Ahmed, A., Cheema, A.R.: Vulnerabilities of UMTS Access Domain Security Architecture. In: 9th ACIS International Conference on Software Engineering, Networking, and Parallel/Distributed Computing, Phuket, Thailand (August 2008)Google Scholar
  11. 11.
    3GPP TR 33.900 (1.2.0), A Guide to 3G Security (January 2000)Google Scholar
  12. 12.
    Feng, W., Kaiser, E., Feng, W., Luu, A.: The design and implementation of network puzzles. In: Proc. INFOCOM (2005)Google Scholar
  13. 13.
    Gligor, V.: Guaranteeing access in spite of service-flooding attacks. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols 2003. LNCS, vol. 3364, pp. 80–96. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  14. 14.
    Wang, X., Reiter, M.: Defending against denial-of-service attacks with puzzle auctions. In: Proc. IEEE Security and Privacy, pp. 78–92 (2003)Google Scholar
  15. 15.
    Waters, B., Juels, A., Halderman, J., Felten, E.: New client puzzle outsourcing techniques for DoS resistance. In: Proc. Computer and Communications Security, pp. 246–256 (2004)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Georgios Kambourakis
    • 1
  • Constantinos Kolias
    • 1
  • Stefanos Gritzalis
    • 1
  • Jong Hyuk-Park
    • 2
  1. 1.Laboratory of Information and Communication Systems Security Department of Information and Communication Systems EngineeringUniversity of the AegeanSamosGreece
  2. 2.Department of Computer Science and EngineeringKyungnam UniversityKorea

Personalised recommendations