Abstract
Mobile Network Operators (MNOs) deploy a vital part of today’s Critical Information Infrastructures (CII). Protection of these CIIs shall ensure operational continuity despite of the potential loss of system integrity and malware attacks. Sharing information about security related incidents allows MNOs to better react to attacks and anomalies, and to mitigate the impact of the observed phenomena. The fear to risk its reputation may hinder an MNO to share information that could help other MNOs to improve their protection and assure operational continuity. The contributions of this paper are technical solutions for collaboration between competing MNOs, which prevent loss of reputation and thus improve the acceptance to share information.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
3GPP: Security of Home Node B (HNB) / Home evolved Node B (HeNB)
3GPP: System Architecture Evolution (SAE); Security architecture
Apvrille, A., Yang, K.: Defeating mTANs for Profit - part one. Technical report, Virus Bulletin (March 2011)
Bennett, K., Grothoff, C.: gap – Practical Anonymous Networking. In: Dingledine, R. (ed.) PET 2003. LNCS, vol. 2760, pp. 141–160. Springer, Heidelberg (2003)
Brunner, M., Hofinger, H., Roblee, C., Schoo, P., Todt, S.: Anonymity and Privacy in Distributed Early Warning Systems. In: Xenakis, C., Wolthusen, S. (eds.) CRITIS 2010. LNCS, vol. 6712, pp. 81–92. Springer, Heidelberg (2011)
Bu, Z., Dirro, T., Greve, P., Lin, Y., Marcus, D., Paget, F., Schmugar, C., Shah, J., Sommer, D., Szor, P., Wostowsky, A.: McAfee Threats Report: First Quarter 2012. Technical report, McAfee Labs (2012)
Burkhart, M., Strasser, M., Many, D., Dimitropoulos, X.A.: SEPIA: Privacy-Preserving Aggregation of Multi-Domain Network Events and Statistics. In: USENIX Security Symposium, pp. 223–240 (2010)
Danyliw, R., Meijer, J., Demchenko, Y.: The Incident Object Description Exchange Format (IODEF). RFC 5070 (Proposed Standard) (December 2007)
Egners, A., Rey, E., Schmidt, H., Schneider, P., Wessel, S.: Threat and Risk Analysis for Mobile Communication Networks and Mobile Terminals. Deliverable D5.1 (II), ASMONIA Projekt (March 2012)
Egners, A., Schäfer, M., Wessel, S.: Evaluating Methods to assure System Integrity and Requirements for Future Protection Concepts. Deliverable D2.1, ASMONIA Projekt (April 2011)
Egners, A., Schäfer, M., Wessel, S.: Protection Methods for Target Systems - 4G Network Elements and Smart Phones. Deliverable D2.2, ASMONIA Projekt (July 2012)
Kossakowski, K., Sander, J., Grobauer, B., Mehlau, J.I.: A German Early Warning Information System - Challenges and Approaches. Presentation at 18th Annual FIRST Conference (June 2006)
Kursawe, K., Schellekens, D., Preneel, B.: Analyzing trusted platform communication. In: ECRYPT Workshop, CRASH - CRyptographic Advances in Secure Hardware (2005)
Locasto, M., Parekh, J., Misra, V., Stolfo, S.: Collaborative Distributed Intrusion Detection. Technical report, Columbia University (2004)
Park, S., Park, H., Won, Y., Lee, J., Kent, S.: Traceable Anonymous Certificate. RFC 5636 (Experimental) (August 2009)
Pinkerton, S.: A Federated Model For Cyber Security. In: Cyberspace Research Workshop, Shreveport, LA (November 2007)
Schäfer, M., Moeller, W.D.: Tailored Concepts for Software Integrity Protection in Mobile Networks. International Journal On Advances in Security (numbers 1 and 2), 54 – 66 (September 2011)
Stratonovich, R.: Conditional Markov Processes. Theory of Probability and its Applications 5(2), 156–178 (1960)
TCG: TPM Main Specifications, Parts 1-3, Specification Version 1.2, Level 2, Revisions 103. Technical report, TCG (July 2007)
Traynor, P., Lin, M., Ongtang, M., Rao, V., Jaeger, T., McDaniel, P., La Porta, T.: On Cellular Botnets: Measuring the Impact of Malicious Devices on a Cellular Network Core. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS 2009, pp. 223–234. ACM, New York (2009)
Wessel, S., Stumpf, F.: Page-based Runtime Integrity Protection of User and Kernel Code. In: Proceedings of 5th European Workshop on System Security, EuroSec 2012. ACM Press (April 2012)
Winter, J., Dietrich, K.: A Hijacker’s Guide to the LPC Bus. In: Petkova-Nikova, S., Pashalidis, A., Pernul, G. (eds.) EuroPKI 2011. LNCS, vol. 7163, pp. 176–193. Springer, Heidelberg (2012)
Yegneswaran, V., Barford, P., Jha, S.: Global Intrusion Detection in the DOMINO Overlay System. In: NDSS (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Schoo, P. et al. (2013). Collaboration between Competing Mobile Network Operators to Improve CIIP. In: Hämmerli, B.M., Kalstad Svendsen, N., Lopez, J. (eds) Critical Information Infrastructures Security. Lecture Notes in Computer Science, vol 7722. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-41485-5_19
Download citation
DOI: https://doi.org/10.1007/978-3-642-41485-5_19
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-41484-8
Online ISBN: 978-3-642-41485-5
eBook Packages: Computer ScienceComputer Science (R0)