Skip to main content
Springer Nature Link
Log in

Location-Aware Mobile Intrusion Detection with Enhanced Privacy in a 5G Context

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

The paper proposes a location-aware mobile Intrusion Prevention System (mIPS) architecture with enhanced privacy that is integrated in Managed Security Service (MSS). The solution is envisaged in a future fifth generation telecommunications (5G) context with increased but varying bandwidth, a virtualised execution environment and infrastructure that allows threads, processes, virtual machines and storage to be migrated to cloud computing services on demand, to dynamically scale performance and save power. 5G mobile devices will be attractive targets for malicious software, and this threat will in some cases change with location. Mobile devices will store more sensitive information and will also be used to a larger extent for sensitive transactions than they typically do today. In addition, a distributed execution environment in itself gives raise to some new security challenges. In order to handle these security challenges, we have proposed the location-aware mIPS architecture, which benefits from a distributed execution environment where processor intensive services can be outsourced to Cloud hosting providers. The mIPS supports querying location threat profiles in a privacy-preserving way, and ensures that mIPS alerts sent to the the first-line MSS are anonymised. We finally perform an analysis of potential strengths and weaknesses of the proposed approach.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+
from $39.99 /Month
  • Starting from 10 chapters or articles per month
  • Access and download chapters and articles from more than 300k books and 2,500 journals
  • Cancel anytime
View plans

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

Explore related subjects

Discover the latest articles and news from researchers in related subjects, suggested using machine learning.

References

  1. 3GPP TS 31.101. (2009). 3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; UICC-terminal interface; Physical and logical characteristics (Release 9).3GPP, Sophia Antipolis, Valbonne, France, 12.

  2. 3GPP TS 33.401. (2009). 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3GPP System Architecture Evolution (SAE): Security architecture; (Release 9). 3GPP, Sophia Antipolis, Valbonne, France, 12.

  3. 3GPP TR 36.913. (2009). 3rd Generation Partnership Project; Technical Specification Group Radio Access Network; Requirements for further advancements for Evolved Universal Terrestrial Radio Access (E-UTRA) (LTE-Advanced) (Release 9). 3GPP, Sophia Antipolis, Valbonne, France, 12.

  4. Alrodhan, W., & Mitchell, C. J. (2008). A delegation framework for liberty. In Proceedings: 3rd conference on advances in computer security and forensics, (ACSF 2008) (pp. 67–73). Liverpool, UK: Liverpool JMU.

  5. Attrapadung, N., & Kobara, K. (2003). Broadcast encryption with short keys and transmissions. In Proceedings of the 3rd ACM workshop on digital rights management (pp. 55–66). Washington, DC, USA, ACM.

  6. Büschkes, R., & Kesdogan, D. (1999). Privacy enhanced intrusion detection. In G. Müller & K. Rannenberg, Multilateral security in communications, information security (pp. 187–204). Reading, MA: Addison Wesley.

  7. Büsckes, R. & Kesdogan D. (1999). Privacy enhanced intrusion detection. In Multilateral Security for Global Communication - Technology, Application, Business. Addison-Wesley-Longman.

  8. Debar, H., Curry, D., & Feinstein, B. (2007). The intrusion detection message exchange format (IDMEF). http://www.ietf.org/rfc/rfc4765.txt.

  9. Dolev D., Yao A. (1983) On the security of public-key protocols. IEEE Transactions on Information Theory 29(2): 198–208

    Article  MathSciNet  MATH  Google Scholar 

  10. Feinstein, B., & Matthews, G. (2007). The intrusion detection exchange protocol (IDXP). http://www.ietf.org/rfc/rfc4767.txt.

  11. Fischer-Hübner S. (2007) IDA-An intrusion detection and avoidance system (in German). Shaker, Aachen

    Google Scholar 

  12. Flegel U. (2007) Privacy-respecting intrusion detection. Springer, Newyork

    Google Scholar 

  13. Freedman, M. J., Nissim, K., Pinkas, B. (2004). Efficient private matching and set intersection. In Advances in Cryptology - EUROCRYPT 2004, volume 3027 of Lecture notes in computer science pp. (1–19). Springer.

  14. Garfinkel, T., & Rosenblum, M. (2003). A virtual machine introspection based architecture for intrusion detection. In Proceedings network and distributed systems security symposium pp. (191–206).

  15. Holz, T. (2004). An efficient distributed intrusion detection scheme. In COMPSAC Workshops pp. (39–40).

  16. ITU-R (2008). REPORT ITU-R M.2133, Requirements, evaluation criteria and submission templates for the development of IMT-Advanced. Technical report, ITU, 12.

  17. Kissner, L., & Song, D. (Aug 2005). Private and threshold set-intersection. In Proceedings of CRYPTO ’05.

  18. Køien G. M. (2007) Subscriber privacy in cellular systems. Telektronikk ISSN 0085-7130(103): 39–51

    Google Scholar 

  19. Køien G. M., Oleshuck Vladimir A. (2007) Personal privacy in a digital world. Telektronikk ISSN 0085-7130(103): 4–19

    Google Scholar 

  20. Køien, G. M., (Oct 2009). Entity authentication and personal privacy in future cellular systems. The River Publishers Series in Standardisation.

  21. Lawrence Berkeley National Laboratory. Bro intrusion detection system. http://bro-ids.org.

  22. Maier G., Sommer R., Dreger H., Feldmann A., Paxson V., Schneider F. (2008) Enriching network security analysis with time travel. SIGCOMM Computer Communication Review 38(4): 183–194

    Article  Google Scholar 

  23. Marchiori, M. (Ed). (2002). The platform for privacy preferences 1.0 specification. http://www.w3.org/TR/P3P.

  24. MIT Kerberos Team (2009). Kerberos: The network authentication protocol. http://web.mit.edu/Kerberos.

  25. Moriarty K. M., & Trammell, B. H. (2008). IODEF/RID over SOAP. http://www.ietf.org/internet-drafts/draft-moriarty-post-inch-rid-soap-05.txt.

  26. Moses, T. (Ed). (2005). OASIS eXtensible Access Control Markup Language (XACML) Version 2.0. http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-core-spec-os.pdf.

  27. Pang, R., & Paxson, V. (2003). A high-level programming environment for packet trace anonymization and transformation. In Proceedings of the 2003 conference on applications, technologies, architectures, and protocols for computer communications (pp. 339–351), Karlsruhe, Germany ACM.

  28. Powers, C., & Schunter, M. (Ed) (2003). Enterprise privacy authorization language (epal 1.2). http://www.w3.org/Submission/2003/SUBM-EPAL-20031110/.

  29. Reiss, F., & Joseph, M. H. (2004). Data triage: An adaptive architecture for load shedding in TelegraphCQ. In In ICDE pp. (155–156).

  30. Schmidt A.-D., Peters F., Lamour F., Scheel C., Çamtepe Seyit A., Sahin A. (2009) Monitoring smartphones for anomaly detection. Mobile Networks and Applications 14(1): 92–106

    Article  Google Scholar 

  31. Sobirey, M., Richter, B., & König, H. (1996). The intrusion detection system AID - architecture and experiences in automated audit trail analysis. In Proceedings of the IFIP TC6/TC11 international conference on communications and multimedia security pp. (278–290).

  32. Sobirey, M., Fischer-Hübner, S., & Rannenberg, K. (1997). Pseudonymous audit for privacy enhanced intrusion detection. In Proceedings of the IFIP TC11 13th international conference on information security (SEC’97) pp. (151–163).

  33. Ulltveit-Moe, N., & Oleshchuk, V. (2009). Two tiered privacy enhanced intrusion detection system architecture. In IEEE International workshop on intelligent data acquisition and advanced computing systems: technology and applications, 2009. IDAACS 2009 (pp. 8–14).

Download references

Author information

Authors and Affiliations

  1. University of Agder, Service box 509, 4898, Grimstad, Norway

    Nils Ulltveit-Moe, Vladimir A. Oleshchuk & Geir M. Køien

Authors
  1. Nils Ulltveit-Moe
    View author publications

    Search author on:PubMed Google Scholar

  2. Vladimir A. Oleshchuk
    View author publications

    Search author on:PubMed Google Scholar

  3. Geir M. Køien
    View author publications

    Search author on:PubMed Google Scholar

Corresponding author

Correspondence to Nils Ulltveit-Moe.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Ulltveit-Moe, N., Oleshchuk, V.A. & Køien, G.M. Location-Aware Mobile Intrusion Detection with Enhanced Privacy in a 5G Context. Wireless Pers Commun 57, 317–338 (2011). https://doi.org/10.1007/s11277-010-0069-6

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-010-0069-6

Keywords