Security Study and Monitoring of LTE Networks
DOI:
https://doi.org/10.13052/jicts2245-800X.713Keywords:
LTE, LTE Security, BlockmonAbstract
Mobile communication systems are ubiquitous nowadays. The main requirements of these networks are privacy and security of the subscriber as well as a high performance. To provide these properties the 3GPP (Third Generation Partnership Project) developed the LTE (Long Term Evolution) mobile communication network which is deployed worldwide.
In this paper, we give a brief overview of the LTE Network Architecture as well as a look on the security mechanism as defined by 3GPP. We describe the security architecture and discuss possible threats and attacks on the core and on the access network. Due to these possible attacks we developed a program which is able to extract certain security relevant information out of the message flow in real time and to detect a possible attach flood attack. Finally, we validate the function of the program with three test cases and discuss the impact of such flood attacks on the LTE network and other future work to extend it to other protocol exchanges.
Downloads
References
Murat Oğul et al.: “Practical Attacks on Mobile Cellular Networks and Possible Countermeasures”, Future Internet 2013, 5, pp. 474–489.
Ulrike Meyer et al.: “A Man-in-the-Middle Attack on UMTS”, Proceedings of the 3rd ACM workshop on Wireless security, October 2004, pp. 90–97.
3rd Generation Partnership Project; Technical Specification Group Radio Access Network; Evolved Universal Terrestrial Radio Access (E-UTRA) and Evolved Universal Terrestrial Radio Access Network (E-UTRAN); Overall description; Stage 2 (Release 13) 3GPP TS 36.300 V13.1.0 (2015-09).
3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Network architecture (Release 13) 3GPP TS 23.002 V13.4.0 (2015-12).
3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3GPP System Architecture Evolution (SAE); Security architecture (Release 13) 3GPP TS 33.401 V13.1.0 (2015-12).
Jin Cao et al.: “A Survey on Security Aspects for LTE and LTE-A Networks”, IEEE Communications Surveys & Tutorials, Vol. 16, No. 1, First Quarter 2014, pp. 283–302.
Dong W. Kang et al.: “A Practical Attack on Mobile Data Network Using IP Spoofing”; Appl. Math. Inf. Sci. 7, No. 6; (2013); pp. 2345–2353.
Younghwan Go et al.: “Gaining Control of Cellular Traffic Accounting by Spuriouse TCP Retransmission”; Conference: NDSS ‘14, 23–26. Februray 2014.
Altaf Shaik et al.: “Practical attacks against privacy and availability in 4G/LTE mobile communication systems”; arXiv:1510.07563v1; 26 Oct 2015.
Roger Piqueras Jover; “Security Attacks Against the Availability of LTE Mobility Networks: Overview and Research Directions”; WPMC 24–27 June 2013; pp. 1–9.
Blockmon source code; https://github.com/blockmon/blockmon
Maurizio Dusi et al.: “Blockmon: Flexible and High-Performance Big Data Stream Analytics Platform and its Use Cases”, Nec Technical Journal Vol. 7 No. 2/2012, pp. 102–106.
The Internet Engineering Task Force (IETF); The Intrusion Detection Message Exchange Format (IDMEF); RFC 4765; March 2007.
SCTP; lksctp-tools; https://github.com/sctp/lksctp-tools
Wireshark Foundation; https://wireshark.org/docs/man-pages/tshark.html
Wireshark Foundation; https://www.wireshark.org/docs/man-pages/text2 pcap.html
3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Non-Access-Stratum (NAS) protocol for Evolved Packet System (EPS); Stage 3 (Release 13) 3GPP TS 24.301 V13.4.0 (2015-12).
K. Jijo George et al.: “End-to-End Mobile Communication Security Testbed Using Open Source Applications in Virtual Environment”, Journal of ICT Standardization, Vol. 3 Issue 1, July 2015, Article No. 4, pp. 67–90.