Mitigating Attacks on Open Functionality in SMS-Capable Cellular Networks Patrick Traynor, William Enck, Patrick McDaniel, and Thomas La Porta | MobiCom.

Slides:

Advertisements

Similar presentations

CSE 413: Computer Networks

Advertisements

Exploiting Open Functionality in SMS-Capable Cellular Networks Chang-Jae Lee Some of the slides and figures were borrowed from the author’s slides.

Code-Red : a case study on the spread and victims of an Internet worm David Moore, Colleen Shannon, Jeffery Brown Jonghyun Kim.

The study and demonstration on SIP security vulnerabilities Mahidhar Penigi Vamsi Krishna Karnati.

On Cellular Botnets: Measuring the Impact of Malicious Devices on a Cellular Network Core Patrick Michael Lin, Machigar Ongtang, Vikhyath.

An Adaptive Energy-Efficient MAC Protocol for Wireless Sensor Network

On Attack Causality in Internet- Connected Cellular Networks Presented by EunYoung Jeong.

Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,

Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) Sriram Gopinath( )

Introduction Future wireless systems will be characterized by their heterogeneity - availability of multiple access systems in the same physical space.

Common IS Threat Mitigation Strategies An overview of common detection and protection technologies Max Caceres CORE Security Technologies

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Mitigating Bandwidth- Exhaustion Attacks using Congestion Puzzles XiaoFeng Wang Michael K. Reiter.

Network Traffic Measurement and Modeling CSCI 780, Fall 2005.

ISCSI Performance Experiments Li Yin EECS Department U.C.Berkeley.

Inferring Internet Denial-of- Service Activity David Moore, Geoffrey M Voelker, Stefan Savage Presented by Yuemin Yu – CS290F – Winter 2005.

Internet Quarantine: Requirements for Containing Self-Propagating Code David Moore et. al. University of California, San Diego.

Exploiting Open Functionality in SMS-Capable Cellular Networks Authors: William Enck, Patrick Traynor, Patrick McDaniel, and Thomas La Porta Publication:

3/26/081 Exploiting Open Functionality in SMS- Capable Networks William Enck, Patrick Traynor, Patrick McDaniel, and Thomas La Porta Systems and Internet.

Lecture 15 Denial of Service Attacks

Game-based Analysis of Denial-of- Service Prevention Protocols Ajay Mahimkar Class Project: CS 395T.

Internet Relay Chat Security Issues By Kelvin Lau and Ming Li.

Denial of Service Attacks: Methods, Tools, and Defenses Authors: Milutinovic, Veljko, Savic, Milan, Milic, Bratislav,

DDoS Attack and Its Defense1 CSE 5473: Network Security Prof. Dong Xuan.

BOTNETS & TARGETED MALWARE Fernando Uribe. INTRODUCTION  Fernando Uribe   IT trainer and Consultant for over 15 years specializing.

Firewalls CS432. Overview  What are firewalls?  Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls.

Data Communications and Networking

Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 8 – Denial of Service.

Channel Allocation Schemes Comparison for Priority Wireless Mobile Networks By Dimas Gutierrez.

정보보호 및 알고리즘 조호성. Contents 정보보호 및 알고리즘 2.

Being an Intermediary for Another Attack Prepared By : Muhammad Majali Supervised By : Dr. Lo’ai Tawalbeh New York Institute of Technology (winter 2007)

Protecting VoIP networks against denial of service and service theft Henning Schulzrinne with Gaston Ormazabal (Verizon) and IRT graduate students Dept.

Distributed Denial of Service CRyptography Applications Bistro Presented by Lingxuan Hu April 15, 2004.

Denial of Service (DoS) Attacks in Green Mobile Ad–hoc Networks Ashok M.Kanthe*, Dina Simunic**and Marijan Djurek*** MIPRO 2012, May 21-25,2012, Opatija,

Presentation by Papua New Guinea Telecommunication & Radiocommunication Technical Authority (PANGTEL) For: PNG COMPUTER SOCIETY ANNUAL SEMINAR, 4th November.

UbiStore: Ubiquitous and Opportunistic Backup Architecture. Feiselia Tan, Sebastien Ardon, Max Ott Presented by: Zainab Aljazzaf.

--Harish Reddy Vemula Distributed Denial of Service.

Data and Computer Communications Circuit Switching and Packet Switching.

MULTIMEDIA OVER WIRELESS BROADBAND NETWORKS BY: NEELIMA PUNJALA.

1 TCP/IP based TML for ForCES Protocol Hormuzd Khosravi Furquan Ansari Jon Maloy 61 st IETF Meeting, DC.

A Dynamic Packet Stamping Methodology for DDoS Defense Project Presentation by Maitreya Natu, Kireeti Valicherla, Namratha Hundigopal CISC 859 University.

Portcullis: Protecting Connection Setup from Denial-of-Capability Attacks Paper by: Bryan Parno et al. (CMU) Presented by: Ionut Trestian Gergely Biczók.

Tiered Incentives for Integrity Based Queuing Fariba Khan, Carl A. Gunter University of Illinois at Urbana-Champaign.

Secure Wired Local Area Network( LAN ) By Sentuya Francis Derrick ID Module code:CT3P50N BSc Computer Networking London Metropolitan University.

A Framework for Classifying Denial of Service Attacks Alefiya Hussain, John Heidemann, Christos Papadopoulos Reviewed by Dave Lim.

CS460 Final Project Service Provider Scenario David Bergman Dong Jin Richard Bae Scott Greene Suraj Nellikar Wee Hong Yeo Virtual Customer: Mark Scifres.

1 SOS: Secure Overlay Services A. D. Keromytis V. Misra D. Runbenstein Columbia University.

Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) Sriram Gopinath( )

Chapter 7 Denial-of-Service Attacks Denial-of-Service (DoS) Attack The NIST Computer Security Incident Handling Guide defines a DoS attack as: “An action.

Tufts Wireless Laboratory School Of Engineering Tufts University Paper Review “An Energy Efficient Multipath Routing Protocol for Wireless Sensor Networks”,

A Case Study on Computer Worms Balaji Badam. Computer worms A self-propagating program on a network Types of Worms  Target Discovery  Carrier  Activation.

DoS/DDoS attack and defense

Automated Worm Fingerprinting Authors: Sumeet Singh, Cristian Estan, George Varghese and Stefan Savage Publish: OSDI'04. Presenter: YanYan Wang.

Autonomic Response to Distributed Denial of Service Attacks Paper by: Dan Sterne, Kelly Djahandari, Brett Wilson, Bill Babson, Dan Schnackenberg, Harley.

1 Thrust 5: Secure Wireless Networking Technologies For future generation wireless packet networks, two most important aspects need to be addressed: QoS.

Patrick Traynor, Michael Lin, Machigar Ongtang, Vikhyath Rao, Trent Jaeger, Patrick McDaniel, and Thomas La Porta 2/29/2012.

Courtesy Piggybacking: Supporting Differentiated Services in Multihop Mobile Ad Hoc Networks Wei LiuXiang Chen Yuguang Fang WING Dept. of ECE University.

Denial of Service Resilience in Ad Hoc Networks (MobiCom 2004) Imad Aad, Jean-Pierre Hubaux, and Edward W. Knightly November 21 th, 2006 Jinkyu Lee.

AP Waseem Iqbal.  DoS is an attack on computer or network that reduces, restricts or prevents legitimate of its resources  In a DoS attack, attackers.

Mitigating Distributed Denial of Service Attacks Using a Proportional- Integral-Derivative Controller Marcus Tylutki.

1Security for Service Providers – Dave Gladwin – Newport Networks – SIP ’04 – 22-Jan-04 Security for Service Providers Protecting Service Infrastructure.

QoS & Queuing Theory CS352.

Network Anti-Spoofing with SDN Data plane Authors:Yehuda Afek et al.

The Taming of The Shrew: Mitigating Low-Rate TCP-targeted Attack

Defending Against DDoS

Mitigating Attacks on Open Functionality in SMS-Capable Cellular Networks Ashvin Bodhale CS 388.

The study and demonstration on SIP security vulnerabilities

Defending Against DDoS

SPEAKER: Yu-Shan Chou ADVISOR: DR. Kai-Wei Ke

Presentation transcript:

Mitigating Attacks on Open Functionality in SMS-Capable Cellular Networks Patrick Traynor, William Enck, Patrick McDaniel, and Thomas La Porta | MobiCom ‘06 CS712 병렬처리특강 | Dependable Software Lab. | Lee Dong Kun

KAIST | Dependable Software Lab | Direito Contents  Introduction  Related Work  System/Attack Characterization  Mitigation Technique  Current Solution  Queue Management  Resource Provisioning  Simulation Result  Conclusion 2 KAIST | Dependable Software Lab | Direito

Introduction  Cellular Network System  Traditional cellular(phone) network system provided closed voice comm.  Currently cellular network system provides opened voice and data comm.  Service Interconnection  Phone network service and Internet service are interconnected by telecommunication provider.  Problems  Traditional phone networks had designed for only homogeneous closed system.  But current phone networks tightly interconnected with phone network and Internet.  Unexpected security problems occur  Heavy SMS traffics can flood over the phone network through Internet services. 3 KAIST | Dependable Software Lab | Direito

Contents  Introduction  Related Work  System/Attack Characterization  Mitigation Technique  Current Solution  Queue Management  Resource Provisioning  Result and Discussion  Conclusion 4 KAIST | Dependable Software Lab | Direito

Related Work | Vulnerability and Approaches  Traditional Solution  Disconnection method  Disconnect from external network – effective way in the past  Not effective anymore, because of new access pattern and service  Vulnerability  Telecomm. Networks are not only systems to suffer from vulnerabilities related to expanded connectivity.  Systems less directly connected to the Internet have also been subject to attack.  DoS(Denial of Service) Attack  Traditional DoS attack happen on the online web site.  Reported DoS accident over the phone networks 5 KAIST | Dependable Software Lab | Direito

Contents  Introduction  Related Work  System/Attack Characterization  Mitigation Technique  Current Solution  Queue Management  Resource Provisioning  Result and Discussion  Conclusion 6 KAIST | Dependable Software Lab | Direito

System characterization(I) | Message Delivery Overview 7 KAIST | Dependable Software Lab | Direito

System characterization(I) | Message Delivery Overview – logical channel  TCH(Transfer Channel)  Carry voice traffic after call setup  CCH(Control Channel)  Transport information about the network  Assist in call setup/SMS delivery 8 KAIST | Dependable Software Lab | Direito

Attack characterization(II) | System Vulnerability – Attack Phase Step 9 KAIST | Dependable Software Lab | Direito Recognition (identification of a vulnerability) Reconnaissance (characterization of the conditions necessary to attack the vulnerability) Exploit (attacking the vulnerability) Recovery (cleanup and forensics)

KAIST | Dependable Software Lab | Direito Attack characterization(II) | System Vulnerability – Attach Phase Step  Recognition  Vul. of GSM cellular network in this paper  Problem : Bandwidth allocation in air interface(call blocking)  Shared SDCCHs Problem  Voice Communication  SMS  Reconnaissance  Using tools, an attacker can easily construct a “hit-list” of potential targets.  Exploit  Saturating sectors to their SDCCH capacity for some period of time 10 KAIST | Dependable Software Lab | Direito

Attack Characterization | Experimental Attack Characterization  Events Characterization  Deploy a detailed GSM simulator  Base scenario  Cellular deployment in the scale of metropolitan. i.e.,) Manhattan  12 SDCCHs / each of 55 sectors  No pre-SDCCH queue  Assume a Poisson distribution for the arrival of text message 11 KAIST | Dependable Software Lab | Direito

Contents  Introduction  Related Work  System/Attack Characterization  Mitigation Technique  Current Solution  Queue Management  Resource Provisioning  Result and Discussion  Conclusion 12 KAIST | Dependable Software Lab | Direito

Mitigation Technique(I) | Current Solution  Goal  Not only protect voice services from targeted SMS attacks, But also allow SMS service to continue.  Current Deployed Solution : Edge Solution  Rate-Limiting Solution  Restrict the amount of messages on each IP  Drawbacks : Spoof IP and Existence of Zombie network  Filter SMS traffic  Similar to SPAM filtering methodology  Drawback : An adversary can bypass by generating legitimate looking SMS traffic 13 KAIST | Dependable Software Lab | Direito

Mitigation Technique(II) | Queue Management  Queue Management Technique(Network-based)  Weighted Fair Queuing(WFQ)  Fair Queuing(FQ)  Separate flows into individual queues and then apportions bandwidth equally between them(Round Robin)  Drawback : small time for packet to be transferred  Weighted Fair Queue(WFQ) in this paper  To solve FQ drawback, set priority to each flow.  Voice Call has higher priority compare to SMS  Install two queue on SDCCHs for Voice Call and SMS 14 KAIST | Dependable Software Lab | Direito

Mitigation Technique(II) | Queue Management(cont.)  Weighted Random Early Detection(WRED)  Random Early Detection(RED)  Prevent queue lockout by dropping packets base on Qavg  Weighted Random Early Detection(WRED)  Determine the victims to be dropped base on packet’s priority 15 KAIST | Dependable Software Lab | Direito

Mitigation Technique(III) | Resource Provisioning  Resource Provisioning(Air Interface)  Strict Resource Provisioning(SRP)  Some subset of SDCCH is only for Voice Call  Voice Call and SMS are shared other SDCCHs.  Dynamic Resource Provisioning(DRP)  If a small number of unused TCHs could be repurposed as SDCCHs, additional bandwidth could be provided to mitigate such attack.  Drawback : increase call blocking because of TCH exhaustion  Direct Channel Allocation(DCA)  The ideal means of eliminating the competition for resource - the separation of shared mechanism.  Separate SDCCHs to only Call setup and only SMS, strictly 16 KAIST | Dependable Software Lab | Direito

Contents  Introduction  Related Work  System/Attack Characterization  Mitigation Technique  Current Solution  Queue Management  Resource Provisioning  Result and Discussion  Conclusion 17 KAIST | Dependable Software Lab | Direito

Simulation Result(I) | Queue Management Technique 18 KAIST | Dependable Software Lab | Direito  WFQ vs. WRED

KAIST | Dependable Software Lab | Direito Simulation Result(II) | Queue Management Technique 19 KAIST | Dependable Software Lab | Direito  SRP vs. DRP vs. DCA

KAIST | Dependable Software Lab | Direito Contents  Introduction  Related Work  System/Attack Characterization  Mitigation Technique  Current Solution  Queue Management  Resource Provisioning  Result and Discussion  Conclusion 20 KAIST | Dependable Software Lab | Direito

Conclusion  Vulnerability by SMS-based DOS over the phone Network  Adversaries with limited resources can cause call blocking probabilities(70%) – incapacitating a cellular network  This work provides some preliminary solutions and analysis for these vulnerabilities.  Queue Management Scheme  Resource Provisioning  Future works  Seek more general solution that address these vulnerabilities 21 KAIST | Dependable Software Lab | Direito