Mitigating attacks on open functionality in SMS-capable cellular networks

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Mitigating attacks on open functionality in SMS-capable cellular networks

Full text

Pdf (775 KB)

Source

IEEE/ACM Transactions on Networking (TON) archive
Volume 17 , Issue 1 (February 2009) table of contents

Pages 40-53

Year of Publication: 2009

ISSN:1063-6692

Authors

Patrick Traynor	College of Computing, Georgia Institute of Technology, Atlanta, GA and Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA
William Enck	Systems and Internet Infrastructure Security Laboratory, Networking and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA
Patrick McDaniel	Systems and Internet Infrastructure Security Laboratory, Networking and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA
Thomas La Porta	Systems and Internet Infrastructure Security Laboratory, Networking and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA

Publisher

IEEE Press Piscataway, NJ, USA

Bibliometrics

Downloads (6 Weeks): 27, Downloads (12 Months): 186, Citation Count: 0

Additional Information:

abstract references index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	10.1109/TNET.2008.925939

ABSTRACT

The transformation of telecommunications networks from homogeneous closed systems providing only voice services to Internet-connected open networks that provide voice and data services presents significant security challenges. For example, recent research illustrated that a carefully crafted DoS attack via text messaging could incapacitate all voice communications in a metropolitan area with little more than a cable modem. This attack highlights a growing threat to these systems; namely, cellular networks are increasingly exposed to adversaries both in and outside the network. In this paper, we use a combination of modeling and simulation to demonstrate the feasibility of targeted text messaging attacks. Under realistic network conditions, we show that adversaries can achieve blocking rates of more than 70% with only limited resources. We then develop and characterize five techniques from within two broad classes of countermeasures--queue management and resource provisioning. Our analysis demonstrates that these techniques can eliminate or extensively mitigate even the most intense targeted text messaging attacks. We conclude by considering the tradeoffs inherent to the application of these techniques in current and next generation telecommunications networks.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	K. Maney, "Surge in text messaging makes cell operators :-)," USA Today, Jul. 27, 2005 [Online]. Available: http://www.usatoday.com/money/2005-07-27-text-messaging\_x.htm
	2	"Young "Prefer Texting to Calls"," BBC News, U.K., Jun. 2003 [Online]. Available: http://news.bbc.co.uk/2/hi/business/2985072.stm
	3	Patrick Traynor , William Enck , Patrick Mcdaniel , Thomas La Porta, Exploiting open functionality in SMS-capable cellular networks, Journal of Computer Security, v.16 n.6, p.713-742, December 2008
	4	The National Strategy to Secure Cyberspace U.S. Computer Emergency Readiness Team, Washington, DC, Feb. 2003 [Online]. Available: http://www.us-cert.gov/reading_room/cyberspace_strategy.pdf
	5	David Moore , Vern Paxson , Stefan Savage , Colleen Shannon , Stuart Staniford , Nicholas Weaver, Inside the Slammer Worm, IEEE Security and Privacy, v.1 n.4, p.33-39, July 2003 [doi>10.1109/MSECP.2003.1219056]
	6	Simon Byers , Aviel D. Rubin , David Kormann, Defending against an Internet-based attack on the physical world, ACM Transactions on Internet Technology (TOIT), v.4 n.3, p.239-254, August 2004 [doi>10.1145/1013202.1013203]
	7	M. Richtel, "Yahoo attributes a lengthy service failure to an attack," The New York Times, Feb. 8, 2000.
	8	C. Haney, "NAI is latest DoS victim," Network World, Feb. 5, 2001 [Online]. Available: http://security.itworld.com/4339/ NWW116617_02-05-2001/page_1.html
	9	P. Roberts, "Al-Jazeera sites hit with denial-of-service attacks," PC-World Mag., Mar. 26, 2003 [Online]. Available: http://www.pcworld. com/article/id,110005/article.html
	10	S. Berinato, "Online extortion--How a bookmaker and a whiz kid took on an extortionist and won," CSO Magazine Online, May 2005.
	11	Jelena Mirkovic , Peter Reiher, A taxonomy of DDoS attack and DDoS defense mechanisms, ACM SIGCOMM Computer Communication Review, v.34 n.2, April 2004 [doi>10.1145/997150.997156]
	12	A. Juels and J. G. Brainard, "Client puzzles: A cryptographic countermeasure against connection depletion attacks," in Proc. Network and Distributed System Security Symp. (NDSS), San Diego, CA, 1999, 15 pp.
	13	Stefan Savage , David Wetherall , Anna Karlin , Tom Anderson, Practical network support for IP traceback, Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication, p.295-306, August 28-September 01, 2000, Stockholm, Sweden
	14	J. Ioannidis and S. Bellovin, "Implementing pushback: Router-based defense against DDoS attacks," in Proc. Network and Distributed System Security Symp. (NDSS), San Diego, CA, Feb. 2002.
	15	Angelos D. Keromytis , Vishal Misra , Dan Rubenstein, SOS: secure overlay services, Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications, August 19-23, 2002, Pittsburgh, Pennsylvania, USA
	16	Brent Waters , Ari Juels , J. Alex Halderman , Edward W. Felten, New client puzzle outsourcing techniques for DoS resistance, Proceedings of the 11th ACM conference on Computer and communications security, October 25-29, 2004, Washington DC, USA [doi>10.1145/1030083.1030117]
	17	National Communications System, "SMS Over SS7," Tech. Rep., Technical Information Bulletin 03-2 (NCS TIB 03-2), Dec. 2003 [Online]. Available: http://www.ncs.gov/library/tech_bul-letins/2003/tib_03-2.pdf
	18	M. Grenville, "Operators: Celebration messages overload SMS network," Nov. 2003 [Online]. Available: http://www.160characters.org/ news.php?action=view&nid=819
	19	Nyquetek, Inc., "Wireless priority service for national security," 2002 [Online]. Available: http://wireless.fcc.gov/releases/da051650Publi-cUse.pdf
	20	Patrick Traynor , William Enck , Patrick McDaniel , Thomas La Porta, Mitigating attacks on open functionality in SMS-capable cellular networks, Proceedings of the 12th annual international conference on Mobile computing and networking, September 23-29, 2006, Los Angeles, CA, USA [doi>10.1145/1161089.1161111]
	21	Lucent Technologies, "5ESS(R) 2000--Switch Mobile Switching Centre (MSC) for Service Providers," Lucent Technologies, 2006 [Online]. Available: http://www.lucent.com/products/solution/0,CTID+2019-STID+10048-SOID+824-LOCL+1,00.html
	22	Motorola Corp., "Motorola GSM Solutions," 2006 [Online]. Available: www.motorola.com/networkoperators/pdfs/GSM-Solutions.pdf
	23	R. Isukapalli, T. Alexiou, and K. Murakami, "Global roaming and personal mobility with COPS architecture in SuperDHLR," Bell Labs Tech. J., vol. 7, no. 2, pp. 3-18, 2002.
	24	M. Whitehead, GOCAP -- one standardised overload control for next generation networks, BT Technology Journal, v.23 n.1, p.147-153, January 2005 [doi>10.1007/s10550-005-0115-1]
	25	The Internet Engineering Task Force, "Congestion and Pre-Congestion Notification (PCN)," 2007 [Online]. Available: http://www.ietf. org/html.charters/pcn-charter.html
	26	G. Kunene, "Perimeter security ain't what it used to be, experts say," DevX.com, 2004.
	27	Patrick Traynor , Patrick McDaniel , Thomas La Porta, On attack causality in internet-connected cellular networks, Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, p.1-16, August 06-10, 2007, Boston, MA
	28	J. B. Nagle, "On packet switches with infinite storage," IEEE Trans. Commun., vol. COM-35, no. 4, pp. 435-438, Apr. 1987.
	29	A. Demers , S. Keshav , S. Shenker, Analysis and simulation of a fair queueing algorithm, Symposium proceedings on Communications architectures & protocols, p.1-12, September 25-27, 1989, Austin, Texas, United States
	30	Mischa Schwartz, Telecommunication networks: protocols, modeling and analysis, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1986
	31	Sally Floyd , Van Jacobson, Random early detection gateways for congestion avoidance, IEEE/ACM Transactions on Networking (TON), v.1 n.4, p.397-413, Aug. 1993 [doi>10.1109/90.251892]
	32	B. Braden , D. Clark , J. Crowcroft , B. Davie , S. Deering , D. Estrin , S. Floyd , V. Jacobson , G. Minshall , C. Partridge , L. Peterson , K. Ramakrishnan , S. Shenker , J. Wroclawski , L. Zhang, Recommendations on Queue Management and Congestion Avoidance in the Internet, RFC Editor, 1998
	33	Roam Secure, "17 Counties & Cities in Washington, DC Region Deploy Roam Secure Alert Network," Sep. 2005 [Online]. Available: http://www.roamsecure.net/story.php?news_id=52
	34	T. Neale, "VDOT Launches New 511 Email Alert Service," Virginia Dept. Transportation, Feb. 2006 [Online]. Available: http://www.virginiadot.org/infoservice/news/newsrelease.asp?ID=CO-511-06
	35	C. Luders and R. Haferbeck, "The performance of the GSM random access procedure," in Proc. IEEE Vehicular Technology Conf., Jun. 1994, pp. 1165-1169.
	36	R. Jain, "Myths about congestion management in high speed networks," Internetworking: Research and Experience, vol. 3, pp. 101-113, 1992.
	37	C. M. Ellison and B. Schneier, "Ten risks of PKI: What you're not being told about public-key infrastructure," Comput. Security J., vol. 16, no. 1, pp. 1-7, 1999.