Presentation is loading. Please wait.

Presentation is loading. Please wait.

정보보호 및 알고리즘 2007601028 조호성. Contents 정보보호 및 알고리즘 2.

Published byOswald Lyons Modified over 8 years ago

Similar presentations

Presentation on theme: "정보보호 및 알고리즘 2007601028 조호성. Contents 정보보호 및 알고리즘 2."— Presentation transcript:

1 정보보호 및 알고리즘 2007601028 조호성

2 Contents 정보보호 및 알고리즘 2

3 Paper Information Title On Attack Causality in Internet-Connected Cellular Network Authors P. Traynor, P. McDaniel and T. Porta The Pennsylvania Univ. Published USENIX Security 2007 – Network Security 3

4 Contribution Contribution of this paper New Vulnerability Analysis Identify and develop a realistic characterization of two new vulnerabilities in cellular data networks Implications of Combined Design Philosophies on Security Vulnerabilities are deeply rooted in opposing architectural assumptions. 4

5 New Vulnerability Analysis The Main Idea Present two new denial of service(DoS) vulnerabilities in cellular data services By delayed teardown mechanism By frequent connection reestablishmet 5

6 New Vulnerability Analysis Network Architecture A series of attachment and authentication procedures A device owner wants to use data service Locating a device 6

7 New Vulnerability Analysis Locating a device A series of attachment and authentication procedures 1.Power up and GPRS-attach message GPRS(General Packet Radio Services) 7 1

8 New Vulnerability Analysis A series of attachment and authentication procedures 2. Forward the message to SGSN SGSN(Serving GPRS Support Node)-authenticate user HLR(Home Location Resister)-keep track of user info. 8 2

9 New Vulnerability Analysis A series of attachment and authentication procedures 3. Establish PDP(Packet Data Protocol) PDP context is a data structure in SGSN and GGSN GGSN(Gateway GPRS Support Node) 9 3

10 New Vulnerability Analysis A series of attachment and authentication procedures 4. Request and receive the data A requested packet arrives at the GGSN GGSN matchs data and SGSN, then SGSN deliver data to the device 10 4

11 New Vulnerability Analysis 3 States of devices IDLE, unregistered and unreachable STANDBY, listen the“waken up”message from network READY, monitors the air interface for incoming packets 11

12 New Vulnerability Analysis Establishment of Air interface PPCH(Packet Paging Channel) PRACH(Packet Random Access Channel) PAGCH(Packet Access Grant Channel) PACCH(Packet Associated Control Channel) PDTCH(Packet Data Channel) 12 Paging Establish the data transfer channel

13 New Vulnerability Analysis Exploiting Teardown Mechanisms The process of locating, paging and establishing a connection between network and an end device is expensive So, after finishing data transmission, the device remains a READY state and secure the channel around 5 seconds Sending 32 messages to each sector can exhaust logical resources and temporarily prevent users from receiving traffic If above task can be repeated before 5 sec. expired, DoS attack becomes sustailable 13

14 New Vulnerability Analysis Exploiting Setup Procedures If connections to an end host must repeatedly be reestablished, the interarrival time between successive packets becomes exceedingly large Those time is also around 5 sec for each connection establishment 14

15 New Vulnerability Analysis Modeling Attacks on Teardown Mechanisms The blocking rates of legitimate traffic By an attack on the delayed teardown mechanisms 15

16 New Vulnerability Analysis Modeling Attacks on Connection Setup Blocking caused when immediate resource reclamation 16

17 Combined Design Philosophies Difference Between Cellular and traditional network Connection establishment are so different A comparison of the cost of delivering In the cellular data case, a significant amount of delay is added because of connection establishment procedure In the tranditional setting, simply forward the packet 17

18 Conclusion Introduce two DoS attack vulnerabilities Exploiting Teardown Mechanisms Exploiting Setup Procedures Explain the reason of vulnerabilities The problems are presented in this and others are artifacts of a larger architectural mismatch Packet-switched traffic vs. circuit-switched system 18

Download ppt "정보보호 및 알고리즘 2007601028 조호성. Contents 정보보호 및 알고리즘 2."

Similar presentations

CSE 413: Computer Networks

CSE 413: Computer Networks
MIGRATION OF GSM TO GPRS

MIGRATION OF GSM TO GPRS
The role of network capabilities Xiaowei Yang UC Irvine NSF FIND PI meeting, June 28 2007.

The role of network capabilities Xiaowei Yang UC Irvine NSF FIND PI meeting, June
Switching Technology presented by Hussain Ahmad BA-Abdullah. Fawaz abdullah AL-Amri. prof : Adel Ali.

Switching Technology presented by Hussain Ahmad BA-Abdullah. Fawaz abdullah AL-Amri. prof : Adel Ali.
1 General Packet Radio Service (GPRS) Adapted from a presentation by Miao Lu Nancy Samaan SITE, Ottawa.

1 General Packet Radio Service (GPRS) Adapted from a presentation by Miao Lu Nancy Samaan SITE, Ottawa.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
KAIS T Message-In-a-Bottle: User-Friendly and Secure Key Deployment for Sensor Nodes Cynthia Kuo, Mark Luk, Rohit Negi, Adrian Perrig(CMU), Sensys07 2007.

KAIS T Message-In-a-Bottle: User-Friendly and Secure Key Deployment for Sensor Nodes Cynthia Kuo, Mark Luk, Rohit Negi, Adrian Perrig(CMU), Sensys
General Packet Radio Service An Overview Ashish Bansal.

General Packet Radio Service An Overview Ashish Bansal.
General Packet Radio Services(GPRS). GPRS GSM GPRS GSM-Drawbacks Circuit switching is used. Complete traffic channel is allocated to user for complete.

General Packet Radio Services(GPRS). GPRS GSM GPRS GSM-Drawbacks Circuit switching is used. Complete traffic channel is allocated to user for complete.
On Cellular Botnets: Measuring the Impact of Malicious Devices on a Cellular Network Core Patrick Michael Lin, Machigar Ongtang, Vikhyath.

On Cellular Botnets: Measuring the Impact of Malicious Devices on a Cellular Network Core Patrick Michael Lin, Machigar Ongtang, Vikhyath.
On Attack Causality in Internet- Connected Cellular Networks Presented by EunYoung Jeong.

On Attack Causality in Internet- Connected Cellular Networks Presented by EunYoung Jeong.
Telefónica Móviles España GPRS (General Packet Radio Service)

Telefónica Móviles España GPRS (General Packet Radio Service)
Mobile Communication MMS / GPRS. What is GPRS ? General Packet Radio Service (GPRS) is a new bearer service for GSM that greatly improves and simplifies.

Mobile Communication MMS / GPRS. What is GPRS ? General Packet Radio Service (GPRS) is a new bearer service for GSM that greatly improves and simplifies.
Mobile Communication Division

Mobile Communication Division
Module 3.4: Switching Circuit Switching Packet Switching K. Salah.

Module 3.4: Switching Circuit Switching Packet Switching K. Salah.
Handoff in Hybrid Mobile Data Networks Vijay Dadlani.

Handoff in Hybrid Mobile Data Networks Vijay Dadlani.
Security Issues In Sensor Networks By Priya Palanivelu.

Security Issues In Sensor Networks By Priya Palanivelu.
System Architecture for Billing of Multi- Player Games in a Wireless Environment using GSM/UMTS and WLAN Services Femi Adeyemo 11/21/02.

System Architecture for Billing of Multi- Player Games in a Wireless Environment using GSM/UMTS and WLAN Services Femi Adeyemo 11/21/02.
General Packet Radio System (GPRS) Overview. Introduction General Packet Radio Service (GRPS) today “Packet overlay” network on top of the existing GSM.

General Packet Radio System (GPRS) Overview. Introduction General Packet Radio Service (GRPS) today “Packet overlay” network on top of the existing GSM.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

Similar presentations

Ads by Google