DoS attacks exploiting signaling in UMTS and IMS

Computer Communications

Volumn 34, Issue 3, 2011, Pages 226-235

  Kambourakis, Georgios ^a   Kolias, Constantinos ^a   Gritzalis, Stefanos ^a   Park, Jong Hyuk ^b  

^a UNIVERSITY OF THE AEGEAN   (Greece)

^b Seoul National University of Science and Technology   (South Korea)

Author keywords

Denial of service; EAP AKA; IMS; Security; UMTS

Indexed keywords

DENIAL OF SERVICE; EAP-AKA; IMS; SECURITY; UMTS;

COMPUTER CRIME; INTERNET PROTOCOLS; MOBILE TELECOMMUNICATION SYSTEMS; QUALITY OF SERVICE; SIGNALING; TELECOMMUNICATION EQUIPMENT; TELECOMMUNICATION TRAFFIC; TRANSMISSION CONTROL PROTOCOL;

SECURITY OF DATA;

EID: 78751649037     PISSN: 01403664     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.comcom.2010.02.010     Document Type: Article

References (35)

1. G. Kambourakis, C. Kolias, S. Gritzalis, J.H. Park, Signaling-oriented DoS attacks in UMTS Networks, in: Proceedings of the ISA 2009 Third International Conference on Information Security and Assurance, Seoul, Korea, LNCS, vol. 5576, Springer, Berlin, 2009, pp. 280-289.
2. Kazumi Algorithm Specification, ETSI TS 135 202 V7.0.0. < http://www.etsi.org/website/document/algorithms/ts-135202v070000p.pdf > (accessed 13.01.08).
3. C. Tang, and D.O. Wu Mobile privacy in wireless networks-revisited IEEE Transactions on the Wireless Communications 7 3 2008 1035 1042
4. U. Meyer, S. Wetzel, A man-in-the-middle attack on UMTS, in: Proceedings of the WiSe'04, Philadelphia, PA, USA, October 2004, pp. 90-97.
5. Yi-Bing Lin, Ming-Feng Chang, Meng-Ta Hsu, and Lin-Yi Wu One-pass GPRS and IMS authentication procedure for UMTS IEEE Journal on Selected Areas in Communications 23 6 2005
6. 3GPP Technical Specification, 3GPP, 3G Security; Security Architecture (Release 8), TS 33.102 V8.3.0, June 2009.
7. ISO/IEC 9798-4 (1999). Information Technology; Security Techniques; Entity Authentication. Part 4: Mechanisms Using a Cryptographic Check Function, 1999.
8. M. Khan, A. Ahmed, A.R. Cheema, Vulnerabilities of UMTS access domain security architecture, in: Proceedings of the Ninth ACIS International Conference on Software Engineering, Networking, and Parallel/Distributed Computing, Phuket, Thailand, August 2008, pp. 350-355.
9. 3GPP TR 33.900 (1.2.0), A Guide to 3G Security, January 2000.
10. J. Arkko, H. Haverinen, Extensible Authentication Protocol Method for Third Generation Authentication and Key Agreement (EAP-AKA), IETF RFC 4187, January 2006.
11. B. Aboba, L. Blunk, J. Vollbrecht, J. Carlson, H. Levkowetz (Eds.), Extensible Authentication Protocol (EAP), RFC 3748, June 2004.
12. Y. Zhao, S. Vemuri, J. Chen, Y. Chen, H. Zhou, Z. (Judy) Fu, Exception triggered DoS attacks on wireless networks, in: Proceedings of International Conference on Dependable Systems and Networks (DSN-2009), Portugal, IEEE Press, New York.
13. W. Xu, W. Trappe, Y. Zhang, T. Wood, The feasibility of launching and detecting jamming attacks in wireless networks, in: Proceedings of the Sixth ACM MobiHoc, ACM, New York, 2005, pp. 46-57.
14. W. Xu, K. Ma, W. Trappe, Y. Zhang, Jamming sensor networks: attack and defense strategies, IEEE Network, vol. 20(3), IEEE Press, New York, May-June 2006, pp. 41-47.
15. D.C. Nash, T.L. Martin, D.S. Ha, M.S. Hsiao, Towards an intrusion detection system for battery exhaustion attacks on mobile computing devices, in: Proceedings of the third IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOMW'05), 2005, pp. 141-145.
16. Y. Zhou, D. Wu, S. Nettles, Analyzing and preventing MAC-layer denial of service attacks for stock 802.11 systems, in: Workshop on Broadband Wireless Services and Applications (BROADNETS), October 2004.
17. S. Ramaswamy, H. Fu, M. Sreekantaradhya, J. Dixon, K. Nygard, Prevention of cooperative black hole attack in wireless ad hoc networks, in: Proceedings of the 2003 International Conference on Wireless Networks (ICWN'03), Las Vegas, Nevada, USA, 2003, pp. 570-575.
18. M. Al-Shurman, S.M. Yoo, S. Park, Black hole attack in mobile ad hoc networks, in: Proceedings of the 42nd ACM Annual Southeast Regional Conference, ACM, New York, 2004, pp. 96-97.
19. A.D. Wood, J.A. Stankovic, Denial of service in sensor networks, IEEE Computer, vol. 35(10), IEEE Press, New York, October 2002, pp. 54-62.
20. H. Wang, D. Zhang, K.G. Shin, Detecting SYN flooding attacks, in: Proceedings of the Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM), vol 3, IEEE, New York, 2002, pp. 1530-1539.
21. P.P.C. Lee, T. Bu, and T. Woo On the detection of signaling DoS attacks on 3G/WiMax wireless networks Computer Networks: The International Journal of Computer and Telecommunications Networking 53 15 2009 2601 2616
22. Y. Lei, S. Pierre, A. Quintero, Client puzzles based on quasi-partial collisions against DoS attacks in UMTS, in: Proceedings of the 64th IEEE Vehicular Technology Conference, IEEE, New York, 2006, pp. 1-5.
23. X. Wang, M. Reiter, Defending against denial-of-service attacks with puzzle auctions, in: Proceedings of the IEEE Security and Privacy, 2003, pp. 78-92.
24. H. Qu, Q. Cheng, E. Yaprak, and L.Y. Wang Towards actively defending from DoS arracks in UMTS-WLAN Ubiquitous Computing and Communication Journal 3 3 2008 1 6
25. J. Rosenberg, H. Schulzrinne, G. Camarillo, A. Johnston, J. Peterson, R. Sparks, M. Handley, E. Schooler, SIP: Session Initiation Protocol, RFC 3261, June 2002.
26. M. Sher, T. Magedanz, Protecting IP Multimedia Subsystem (IMS) service delivery platform from time independent attacks, in: Proceedings of the Third International Symposium on Information Assurance and Security (IAS 2007), IEEE Press, New York, pp. 171-176.
27. M. Sher, S. Wu, T. Magedanz, Security threats and solutions for application server of IP Multimedia Subsystem (IMS-AS), in: IEEE/IST MonAM2006 - Workshop on Monitoring, Attack Detection and Mitigation, Tuebingen, Germany, 2006.
28. S. Wahl, K. Rieck, P. Laskov, P. Domschitz, and K.-R. Müller Securing IMS against novel threats Bell Labs Technical Journal 14 1 2009 243 258
29. D. Geneiatakis, A. Dagiouklas, G. Kambourakis, C. Lambrinoudakis, S. Gritzalis, S. Ehlert, D. Sisalem, Survey of security vulnerabilities in session initiation protocol, IEEE Communications Surveys and Tutorials, vol. 8(3), IEEE Press, New York, 2006, pp. 68-81.
30. D. Sisalem, J. Kuthan, S. Ehlert, Denial of service attacks targeting a SIP VoIP infrastructure: attack scenarios and prevention mechanisms, IEEE Network, IEEE Press, New York, September/October 2006, pp. 26-31.
31. 3GPP, Generic Bootstrapping Architecture (GBA) (Rel. 7), TS 33.220 V7, 2005.
32. 3GPP, Generic Authentication Architecture (GAA); Access to Network Application Functions using Hypertext Transfer Protocol over Transport Layer Security (HTTPS) (Rel.7), TS 33.222 V7, 2005.
33. B. Waters, A. Juels, J. Halderman, E. Felten, New client puzzle outsourcing techniques for DoS resistance, in: Proceedings of the Computer and Communications Security, 2004, pp. 246-256.
34. W. Feng, E. Kaiser, W. Feng, A. Luu, The design and implementation of network puzzles, in: Proceedings of the INFOCOM, IEEE Press, New York, 2005, pp. 2372-2382.
35. V. Gligor, Guaranteeing access in spite of service-flooding attacks, in: Proceedings of the 11th Security Protocols Workshop, 2003.