A Distributed Architecture for Spam Mitigation on 4G Mobile Networks

The 4G of mobile networks is considered a technology-opportunistic and user-centric system combining the economical and technological advantages of various transmission technologies. Part of its new architecture dubbed as the System Architecture Evolution, 4G mobile networks will implement an evolved packet core. Although this will provide various critical advantages, it will however expose telecom networks to serious IP-based attacks. One often adopted solution by the industry to mitigate such attacks is based on a centralized security architecture. This centralized approach nonetheless, requires large processing resources to handle huge amount of traffic, which results in a significant over dimensioning problem in the centralized nodes causing this approach to fail from achieving its security task.\\ In this thesis, we primarily contribute by highlighting on two Spam flooding attacks, namely RTP VoIP SPIT and SMTP SPAM and demonstrating, through simulations and comparisons, their feasibility and DoS impact on 4G mobile networks and subsequent effects on mobile network operators. We further contribute by proposing a distributed architecture on the mobile architecture that is secure by mitigating those attacks, efficient by solving the over dimensioning problem and cost-effective by utilizing `off the shelf' low-cost hardware in the distributed nodes. Through additional simulation and analysis, we reveal the viability and effectiveness of our approach

Security-centric analysis and performance investigation of IEEE 802.16 WiMAX

fi=vertaisarvioitu|en=peerReviewed

INSTANT MESSAGING SPAM DETECTION IN LONG TERM EVOLUTION NETWORKS

The lack of efficient spam detection modules for packet data communication is resulting to increased threat exposure for the telecommunication network users and the service providers. In this thesis, we propose a novel approach to classify spam at the server side by intercepting packet-data communication among instant messaging applications. Spam detection is performed using machine learning techniques on packet headers and contents (if unencrypted) in two different phases: offline training and online classification. The contribution of this study is threefold. First, it identifies the scope of deploying a spam detection module in a state-of-the-art telecommunication architecture. Secondly, it compares the usefulness of various existing machine learning algorithms in order to intercept and classify data packets in near real-time communication of the instant messengers. Finally, it evaluates the accuracy and classification time of spam detection using our approach in a simulated environment of continuous packet data communication. Our research results are mainly generated by executing instances of a peer-to-peer instant messaging application prototype within a simulated Long Term Evolution (LTE) telecommunication network environment. This prototype is modeled and executed using OPNET network modeling and simulation tools. The research produces considerable knowledge on addressing unsolicited packet monitoring in instant messaging and similar applications

Strategies to Secure a Voice Over Internet Protocol Telephone System

Voice over internet protocol (VoIP) provides cost-effective phone service over a broadband internet connection rather than analog telephone services. While VoIP is a fast-growing technology, there are issues with intercepting and misusing transmissions, which are security concerns within telecommunication organizations and for customers. Grounded in the routine activity theory, the purpose of this multiple case study was to explore strategies information technology (IT) security managers used to secure VoIP telephone systems in telecommunication organizations. The participants consisted of nine IT security managers from three telecommunication organizations in New York who possessed the knowledge and expertise to secure a VoIP telephone system. The data were collected using semi structured interviews, note taking, and one document from one organization. Four themes emerged from the thematic analysis: best practices for VoIP security, using a secure VoIP provider, VoIP security recommendations, and awareness of future security concerns. A key recommendation for IT security professionals is to ensure encryption to secure a VoIP telephone system. The implications for positive social change include the potential for IT security managers and telecommunication organizations to reduce data breaches and the theft of their customers’ identities and credit card information