A Denial of Service Attack to UMTS Networks Using SIM-Less Devices

One of the fundamental security elements in cellular networks is the authentication procedure performed by means of the Subscriber Identity Module that is required to grant access to network services and hence protect the network from unauthorized usage. Nonetheless, in this work we present a new kind of denial of service attack based on properly crafted SIM-less devices that, without any kind of authentication and by exploiting some specific features and performance bottlenecks of the UMTS network attachment process, are potentially capable of introducing significant service degradation up to disrupting large sections of the cellular network coverage. The knowledge of this attack can be exploited by several applications both in security and in network equipment manufacturing sectors.

[1]  Alfredo Cuzzocrea,et al.  Security Engineering and Intelligence Informatics , 2013, Lecture Notes in Computer Science.

[2]  Srdjan Capkun,et al.  Integrity Codes: Message Integrity Protection and Authentication over Insecure Channels , 2006, IEEE Transactions on Dependable and Secure Computing.

[3]  Bruno Blanchet,et al.  A Computationally Sound Mechanized Prover for Security Protocols , 2008, IEEE Transactions on Dependable and Secure Computing.

[4]  Thomas F. La Porta,et al.  On cellular botnets: measuring the impact of malicious devices on a cellular network core , 2009, CCS.

[5]  Fang-Yie Leu,et al.  A Secure Communication over Wireless Environments by Using a Data Connection Core , 2012, 2012 Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing.

[6]  Antti Toskala,et al.  Wcdma for Umts , 2002 .

[7]  K.W. Derr,et al.  Nightmares with Mobile Devices are Just around the Corner! , 2007, 2007 IEEE International Conference on Portable Information Devices.

[8]  Geoffrey M. Voelker,et al.  Can you infect me now?: malware propagation in mobile phone networks , 2007, WORM '07.

[9]  Muzammil Khan,et al.  Vulnerabilities of UMTS Access Domain Security Architecture , 2008, 2008 Ninth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing.

[10]  Wei Huang,et al.  Managing threats by the use of visualisation techniques , 2011, Int. J. Space Based Situated Comput..

[11]  Helen J. Wang,et al.  Smart-Phone Attacks and Defenses , 2004 .

[12]  Alessandro Armando,et al.  Breaking and fixing the Android Launching Flow , 2013, Comput. Secur..

[13]  Georgios Kambourakis,et al.  Signaling-Oriented DoS Attacks in UMTS Networks , 2009, ISA.

[14]  Steve Hanna,et al.  A survey of mobile malware in the wild , 2011, SPSM '11.

[15]  Nicola Gobbo,et al.  A Denial of Service Attack to GSM Networks via Attach Procedure , 2013, CD-ARES Workshops.

[16]  H. Holma,et al.  Connection Setup Delay for Packet Switched Services , 2005 .

[17]  Alfredo De Santis,et al.  Do You Trust Your Phone? , 2009, EC-Web.

[18]  Patrick D. McDaniel,et al.  On Attack Causality in Internet-Connected Cellular Networks , 2007, USENIX Security Symposium.

[19]  Thomas F. La Porta,et al.  Mitigating Attacks on Open Functionality in SMS-Capable Cellular Networks , 2006, IEEE/ACM Transactions on Networking.

[20]  Jean-Pierre Seifert,et al.  Rise of the iBots: Owning a telco network , 2010, 2010 5th International Conference on Malicious and Unwanted Software.

[21]  Umberto Ferraro Petrillo,et al.  SPEECH: Secure Personal End-to-End Communication with Handheld , 2006, ISSE.

[22]  William C. Chu,et al.  A secure wireless communication system integrating RSA, Diffie–Hellman PKDS, intelligent protection-key chains and a Data Connection Core in a 4G environment , 2013, The Journal of Supercomputing.

[23]  Dimitris Gritzalis,et al.  Smartphone security evaluation The malware attack case , 2011, Proceedings of the International Conference on Security and Cryptography.

[24]  Antti Toskala,et al.  WCDMA for UMTS: Radio Access for Third Generation Mobile Communications , 2000 .