Abstract
The Universal Mobile Telecommunication Standard (UMTS) is the Third Generation (3G) mobile technology with the widest public acceptance. Although, enhanced in matters of security, comparing to its predecessor i.e., the GSM, it still has vulnerabilities that can lead to security breach. In this paper we investigate the vulnerabilities of the UMTS architecture that can be exploited by a malicious entity to launch Denial of Service (DoS) attacks. We examine the methodologies that an attacker would possibly follow, as well as the possible outcome of such class of attacks. We also give some suggestions that would provide greater tolerance to the system against DoS attacks.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
3GPP Organization, http://www.3gpp.org/ (accessed, 13/01/2008)
3rd Generation Partnership Project 2, 3GPP2, http://www.3gpp2.org/
Kazumi Algorithm Specification, ETSI TS 135 202 V7.0.0, http://www.etsi.org/website/document/algorithms/ts_135202v070000p.pdf (accessed, 13/01/2008)
Tang, C., Wu, D.O.: Mobile Privacy in Wireless Networks-Revisited. IEEE transactions on the wireless communications 7(3), 1035–1042 (2008)
Meyer, U., Wetzel, S.: A Man-in-the-Middle Attack on UMTS. In: WiSe 2004, Philadelphia, Pennsylvania, USA, October 1 (2004)
Lin, Y.-B., Chang, M.-F., Hsu, M.-T., Wu, L.-Y.: One-Pass GPRS and IMS Authentication Procedure for UMTS. IEEE Journal on selected areas in communications 23(6) (June 2005)
Gibson, S.: DRDoS Distributed Reflection Denial of Service (2002), http://grc.com/dos/drdos.htm
ETSI TS 133 102 Security architecture (December 2006)
ISO/IEC 9798-4. Information Technology; Security Techniques; Entity Authentication Part 4: Mechanisms using a cryptographic check function (1999)
Khan, M., Ahmed, A., Cheema, A.R.: Vulnerabilities of UMTS Access Domain Security Architecture. In: 9th ACIS International Conference on Software Engineering, Networking, and Parallel/Distributed Computing, Phuket, Thailand (August 2008)
3GPP TR 33.900 (1.2.0), A Guide to 3G Security (January 2000)
Feng, W., Kaiser, E., Feng, W., Luu, A.: The design and implementation of network puzzles. In: Proc. INFOCOM (2005)
Gligor, V.: Guaranteeing access in spite of service-flooding attacks. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols 2003. LNCS, vol. 3364, pp. 80–96. Springer, Heidelberg (2005)
Wang, X., Reiter, M.: Defending against denial-of-service attacks with puzzle auctions. In: Proc. IEEE Security and Privacy, pp. 78–92 (2003)
Waters, B., Juels, A., Halderman, J., Felten, E.: New client puzzle outsourcing techniques for DoS resistance. In: Proc. Computer and Communications Security, pp. 246–256 (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kambourakis, G., Kolias, C., Gritzalis, S., Hyuk-Park, J. (2009). Signaling-Oriented DoS Attacks in UMTS Networks. In: Park, J.H., Chen, HH., Atiquzzaman, M., Lee, C., Kim, Th., Yeo, SS. (eds) Advances in Information Security and Assurance. ISA 2009. Lecture Notes in Computer Science, vol 5576. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-02617-1_29
Download citation
DOI: https://doi.org/10.1007/978-3-642-02617-1_29
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-02616-4
Online ISBN: 978-3-642-02617-1
eBook Packages: Computer ScienceComputer Science (R0)