Abstract
Mobile networks are vulnerable to signaling attacks and storms that are caused by traffic patterns that overload the control plane, and differ from distributed denial of service attacks in the Internet since they directly affect the control plane, and also reserve wireless bandwidth and network resources without actually using them. Such storms can result from malware and mobile botnets, as well as from poorly designed applications, and can cause service outages in 3G and 4G networks, which have been experienced by mobile operators. Since the radio resource control (RRC) protocol in the 3G and 4G networks is particularly susceptible to such storms, we analyze their effect with a mathematical model that helps to predict the congestion that is caused by a storm. A detailed simulation model of a mobile network is used to better understand the temporal dynamics of user behavior and signaling in the network and to show how RRC-based signaling attacks and storms cause significant problems in both the control and user planes of the network. Our analysis also serves to identify how storms can be detected, and to propose how system parameters can be chosen to mitigate their effect.
Highlights
Smart devices have not gone unnoticed by cyber-criminals, who have started to target mobile platforms [1], [2], and mobile subscribers and mobile network operators (MNOs) face new security challenges [3], including the identification and mitigation of signalling attacks and storms, which overload the control plane through traffic that causes excessive signalling in the network
WORK In this paper, we investigated the effect of signalling attacks and storms in mobile networks, focusing on signalling anomalies that exploit the radio resource control (RRC) protocol in UMTS networks
The analytical model provides an accurate representation of the RRC signalling behaviour and allows us to reach quick analytical results, but its parameters need to be carefully selected using user traffic models built based on either real-life data or on simulation results
Summary
Smart devices have not gone unnoticed by cyber-criminals, who have started to target mobile platforms [1], [2], and mobile subscribers and mobile network operators (MNOs) face new security challenges [3], including the identification and mitigation of signalling attacks and storms, which overload the control plane through traffic that causes excessive signalling in the network. While malware and network attacks are common in the Internet, they have not been prevalent in mobile networks until recent times They are quickly becoming a major security concern due to the advent of smart mobile devices and the increasing capacity and use of mobile networks for Internet access [15], [16]. Smart mobile devices are increasingly used in emergency management systems, especially in urban environments [17]–[19] They are likely to be targeted in conjunction with other physical or cyber attacks in order to further compromise the safety and confidentiality of civilians and emergency responders [20], [21]
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
