Mitigating attacks on open functionality in SMS-capable cellular networks

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Mitigating attacks on open functionality in SMS-capable cellular networks

Full text

Pdf (346 KB)

Source

International Conference on Mobile Computing and Networking archive
Proceedings of the 12th annual international conference on Mobile computing and networking table of contents

Los Angeles, CA, USA

SESSION: Cellular networks table of contents

Pages: 182 - 193

Year of Publication: 2006

ISBN:1-59593-286-0

Authors

Patrick Traynor	The Pennsylvania State University
William Enck	The Pennsylvania State University
Patrick McDaniel	The Pennsylvania State University
Thomas La Porta	The Pennsylvania State University

Sponsors

SIGMOBILE: ACM Special Interest Group on Mobility of Systems, Users, Data and Computing
ACM: Association for Computing Machinery

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 15, Downloads (12 Months): 211, Citation Count: 3

Additional Information:

abstract references cited by index terms collaborative colleagues

Tools and Actions:	Review this Article Save this Article to a Binder Display Formats: BibTex EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1161089.1161111 What is a DOI?

ABSTRACT

The transformation of telecommunications networks from homogeneous closed systems providing only voice services to Internet-connected open networks that provide voice and data services presents significant security challenges. For example, recent research illustrated that a carefully crafted DoS attack via text messaging could incapacitate all voice communications in a metropolitan area with little more than a cable modem. This attack highlights a growing threat to these systems; namely, cellular networks are increasingly exposed to adversaries both in and outside the network. In this paper, we use a combination of modeling and simulation to demonstrate the feasibility of targeted text messaging attacks. Under realistic network conditions, we show that adversaries can achieve blocking rates of more than 70% with only limited resources. We then develop and characterize five techniques from within two broad classes of countermeasures - queue management and resource provisioning. Our analysis demonstrates that these techniques can eliminate or extensively mitigate even the most intense targeted text messaging attacks. We conclude by considering the tradeoffs inherent to the application of these techniques in current and next generation telecommunications networks.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	The National Strategy to Secure Cyberspace. http://www.us-cert.gov/reading room/cyberspace strategy.pdf, February 2003.
	2	Young prefer texting to calls'. http://news.bbc.co.uk/2/hi/business/2985072.stm, June 2003.
	3	3rd Generation Partnership Project. Physical layer on the radio path; General description. Technical Report 3GPP TS 04.18 v8.26.0.
	4	3rd Generation Partnership Project. Physical layer on the radio path; General description. Technical Report 3GPP TS 05.01 v8.9.0.
	5	A. Acampora and M. Naghshineh. Control and Quality-of-Service Provisioning in High- Speed Microcellular Networks. IEEE Personal Communications, 1(2):36--43, 1994.
	6	S. Berinato. Online Extortion - How a Bookmaker and a Whiz Kid Took On an Extortionist and Won. CSO Online, May 2005.
	7	B. Braden , D. Clark , J. Crowcroft , B. Davie , S. Deering , D. Estrin , S. Floyd , V. Jacobson , G. Minshall , C. Partridge , L. Peterson , K. Ramakrishnan , S. Shenker , J. Wroclawski , L. Zhang, Recommendations on Queue Management and Congestion Avoidance in the Internet, RFC Editor, 1998
	8	Simon Byers , Aviel D. Rubin , David Kormann, Defending against an Internet-based attack on the physical world, ACM Transactions on Internet Technology (TOIT), v.4 n.3, p.239-254, August 2004 [doi>10.1145/1013202.1013203]
	9	A. Demers , S. Keshav , S. Shenker, Analysis and simulation of a fair queueing algorithm, Symposium proceedings on Communications architectures & protocols, p.1-12, September 25-27, 1989, Austin, Texas, United States
	10	L. Dryburgh and J. Hewett. Signaling System No. 7: The Role of SS7. http://www.ciscopress.com/articles/article.asp?p= 330805&rl=1, 2004.
	11	C. M. Ellison and B. Schneier. Ten Risks of PKI: What You're Not Being Told About Public-Key Infrastructure. Computer Security Journal, 16(1):1--7, 1999.
	12	William Enck , Patrick Traynor , Patrick McDaniel , Thomas La Porta, Exploiting open functionality in SMS-capable cellular networks, Proceedings of the 12th ACM conference on Computer and communications security, November 07-11, 2005, Alexandria, VA, USA [doi>10.1145/1102120.1102171]
	13	Sally Floyd , Van Jacobson, Random early detection gateways for congestion avoidance, IEEE/ACM Transactions on Networking (TON), v.1 n.4, p.397-413, Aug. 1993 [doi>10.1109/90.251892]
	14	C. Haney. NAI is latest DoS victim. http://security.itworld.com/4339/NWW116617 02-05-2001/page 1.html, February 5 2001.
	15	J. Hedden. Math::Random::MT::Auto - Auto-seeded Mersenne Twister PRNGs. http://search.cpan.org/.jdhedden/Math-Random-MT-Auto-5.01/lib/Math/Random/MT/Auto.pm. Version 5.01.
	16	J. Ioannidis and S. Bellovin. Implementing Pushback: Router-Based Defense Against DDoS Attacks. In Proceedings of Network and Distributed System Security Symposium (NDSS), February 2002.
	17	R. Jain. Myths about congestion management in high speed networks. Internetworking: Research and Experience, 3:101--113, 1992.
	18	G. Kunene. Perimeter Security Ain't What It Used to Be, Experts Say. DevX.com, 2004.
	19	Lucent Technologies. 5ESS(R) 2000 - Switch Mobile Switching Centre (MSC) for Service Providers. http://www.lucent.com/products/solution/0,,CTID+2019-STID+10048-SOID+824-LOCL+1,00.html, 2006.
	20	C. Luders and R. Haferbeck. The Performance of the GSM Random Access Procedure. In Vehicular Technology Conference, pages 1165--1169, June 1994.
	21	K. Maney. Surge in text messaging makes cell operators :-). July 27 2005.
	22	Mike Grenville. Operators: Celebration Messages Overload SMS Network. http://www.160characters.org/news.php?action=view&nid=819, November 2003.
	23	Jelena Mirkovic , Peter Reiher, A taxonomy of DDoS attack and DDoS defense mechanisms, ACM SIGCOMM Computer Communication Review, v.34 n.2, April 2004 [doi>10.1145/997150.997156]
	24	David Moore , Vern Paxson , Stefan Savage , Colleen Shannon , Stuart Staniford , Nicholas Weaver, Inside the Slammer Worm, IEEE Security and Privacy, v.1 n.4, p.33-39, July 2003 [doi>10.1109/MSECP.2003.1219056]
	25	Motorola Corporation. Motorola GSM Solutions. www.motorola.com/networkoperators/pdfs/GSM-Solutions.pdf, 2006.
	26	J. B. Nagle. On Packet Switches with Infinite Storage. IEEE Transactions on Communications, COM-35(4), April 1987.
	27	National Communications System. SMS over SS7. Technical Report Technical Information Bulletin 03-2 (NCS TIB 03-2), December 2003.
	28	Nyquetek, Inc. Wireless Priority Service for National Security. http://wireless.fcc.gov/releases/da051650PublicUse.pdf, 2002.
	29	R. Ramjee, R. Nagarajan, and D. F. Towsley. On optimal call admission control in cellular networks. In Proceedings of the IEEE Conference on Computer Communications (INFOCOM), pages 43--50, 1996.
	30	R. F. Rey, editor. Engineering and Operations in the Bell System.Bell Telephone Laboratories, INC, second edition, 1984.
	31	M. Richtel. Yahoo Attributes a Lengthy Service Failure to an Attack. The New York Times, February 8 2000.
	32	Roam Secure. 17 Counties & Cities in Washington, DC Region deploy Roam Secure Alert Network. http://www.roamsecure.net/story.php?news id=52, September 2005.
	33	P. Roberts. Al-Jazeera Sites Hit With Denial-of-Service Attacks. PCWorld Magazine, March 26 2003.
	34	Stefan Savage , David Wetherall , Anna Karlin , Tom Anderson, Practical network support for IP traceback, Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication, p.295-306, August 28-September 01, 2000, Stockholm, Sweden
	35	Mischa Schwartz, Telecommunication networks: protocols, modeling and analysis, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1986
	36	Tamara Neale. VDOT LAUNCHES NEW 511 EMAIL ALERT SERVICE. http://www.virginiadot.org/infoservice/news/newsrelease.asp?D=CO-511-06, February 2006.
	37	Brent Waters , Ari Juels , J. Alex Halderman , Edward W. Felten, New client puzzle outsourcing techniques for DoS resistance, Proceedings of the 11th ACM conference on Computer and communications security, October 25-29, 2004, Washington DC, USA [doi>10.1145/1030083.1030117]

CITED BY 3

	Hui Zang , Jean C. Bolot, Mining call and mobility data to improve paging efficiency in cellular networks, Proceedings of the 13th annual ACM international conference on Mobile computing and networking, September 09-14, 2007, Montréal, Québec, Canada
	Jerry Cheng , Starsky H.Y. Wong , Hao Yang , Songwu Lu, SmartSiren: virus detection and alert for smartphones, Proceedings of the 5th international conference on Mobile systems, applications and services, June 11-13, 2007, San Juan, Puerto Rico
	Patrick Traynor , Patrick McDaniel , Thomas La Porta, On attack causality in internet-connected cellular networks, Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, p.1-16, August 06-10, 2007, Boston, MA