Due to widespread adoption of mobile communications devices and increasingly high throughput capacity of cellular networks, Third-Generation (3G) and Long Term Evolution (LTE) are becoming ever more popular. Millions of smart phones with 3G capabilities are sold every year and used for mostly browsing the Internet. Hence, mobile operators have been heavily investing in their packet switched networks to meet customer demand and stay ahead in the market. The widespread use of broadband mobile Internet bring along also some IP based threats such as the Denial of Service (DoS) attacks, botnets and malwares. In this paper, we performed DoS and flooding attacks on 3G mobile networks and measured their effect on the most critical elements of a network such as the Radio Network Controller (RNC) and the Serving GPRS Support Node (SGSN) devices. We carried out our experiments on a real mobile network, not just a simulation environment, and hence our findings depict a realistic picture of the vulnerabilities existent in 3G mobile networks. We propose alternative solutions to avoid these vulnerabilities and mitigate the issues raised.
CBS Interactive Web Page. Japan First Country Where Data Revenues Exceed Voice. Available online: http://www.zdnet.com/japan-first-country-where-data-revenues-exceed-voice-7000011817 (accessed on 28 July 2013).
Technology Marketing Corporation Web Page. Mobile Revenue will Double by 2016, but Traffic will Increase Tenfold. Available online: http://www.tmcnet.com/topics/articles/2012/05/16/290655-mobile-revenue-will-double-2016-but-traffic-will.htm (accessed on 28 July 2013).
Itwire Web Page. Asia Pacific Mobile Data Revenues Tipped to Exceed Voice in 2016. Available online: http://www.itwire.com/your-it-news/mobility/49878-asia-pacific-mobile-data-revenues-tipped-to-exceed-voice-in-2016 (accessed on 28 July 2013).
Nagy, M.; Kotosová, M. An IP Based Security Threat in Mobile Networks. In Proceedings of the 35th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), Opatija, Croatia, 21–25 May 2012.
Serror, J.; Zang, H.; Bolot, J.C. Impact of Paging Channel Overloads or Attacks on a Cellular Network. In Proceedings of the ACM Workshop on Wireless Security (WiSe 06), Los Angeles, CA, USA, 29 September 2006.
Wu, Z.; Zhou, X.; Yang, F. Defending against DoS Attacks on 3G Cellular Networks via Randomization Method. In Proceedings of the 2010 International Conference on Educational and Information Technology (ICEIT 2010), Chongqing, China, 17–19 September 2010.
Lee, P.P.C.; Bu, T.; Woo, T. On the Detection of Signaling DoS Attacks on 3G Wireless Networks. In Proceedings of the 26th IEEE International Conference on Computer Communications (INFOCOM 2007), Anchorage, AK, USA, 6–12 May 2007.
Zhao, B.; Chi, C.; Gao, W.; Zhu, S.; Cao, G. A Chain Reaction DoS Attack on 3G Networks: Analysis and Defenses. In Proceedings of the 28th IEEE International Conference on Computer Communications (INFOCOM 2009), Rio de Janeiro, Brazil, 19–25 April 2009.
The European Telecommunications Standards Institute (ETSI). Technical Specification: 3GPP TS 25.331. version 8.1.0; ETSI: Valbonne, France, 2008. Available online: http://www.etsi.org/deliver/etsi_ts/125300_125399/125331/08.01.00_60/ts_125331v080100p.pdf (accessed on 28 July 2013).
Eng, K.Y.; Ali, A.M.; Baradello, C.; Turner, J.; Vlack, D.; Walters, S.M. Packet Switching vs. Circuit Switching in Future Integrated Services Digital Networks. In Proceedings of the 7th IEEE International Conference on Computer Communications; New Orleans, LA, USA: 27–31 March 1988.
Ozugur, T. Multiobjective Hierarchical Location and Routing Area Optimization in GPRS and UMTS Networks. In Proceedings of the 2002 IEEE International Conference on Communications (ICC 2002), New York, NY, USA, 28 April–2 May 2002.
Becher, M.; Freiling, F.C.; Hoffmann, J.; Holz, T. Mobile Security Catching Up? Revealing the Nuts and Bolts of the Security of Mobile Devices. In Proceedings of the 2011 IEEE Symposium on Security and Privacy, Berkeley, CA, USA, 22–25 May 2011.
Ferguson, P.; Senie, D. Network Ingress Filtering: Defeating Denial of Service Attacks which Employ IP Source Address Spoofing. BCP 38 and RFC 2827; Internet Engineering Task Force (IETF): Fremont, CA, USA, 2000.
The European Telecommunications Standards Institute (ETSI). Technical Specification; 3GPP TS 29.060 V9.3.0 (2010-06); ETSI: Valbonne, France. Available online: http://www.etsi.org/deliver/etsi_ts/129000_129099/129060/09.03.00_60/ts_129060v090300p.pdf (accessed on 28 July 2013).