Big Data Network Optimization for Mobile Cellular Networks in 5G

5G ensures the provision of intelligent network and application services by means of connectivity to remote sensors, massive amounts of Internet of Things data, and fast data transmissions. Through the utilization of distributed compute architectures and by supporting massive connectivity across diverse devices like sensors, gateways, and controllers, 5G brings about a transformative revolution in the conversion of both big data at rest and data in motion into real-time intelligence. Big Data Analytics play an important role in the evolution of 5G standards, enabling intelligence across networks, applications, and businesses. Administrators of mobile organizations have access to a plethora of opportunities to enhance service quality through big data. Network optimization serves as a crucial method to achieve this task, with network prediction forming the foundation for such optimization. Ensuring network stability and security is essential for 5G mobile communication, considering its significance as an important tool in national life. Therefore, this work focuses on presenting big data network optimization for mobile cellular networks within the context of 5G. In order to improve the Quality of Experience (QoE) for users, this work explores various methods for integrating network optimization and Big Data analytics. The performance of the presented model is evaluated in terms of QoE, Throughput, handover rate, mobility, reliability, and network slicing

From Understanding Telephone Scams to Implementing Authenticated Caller ID Transmission

abstract: The telephone network is used by almost every person in the modern world. With the rise of Internet access to the PSTN, the telephone network today is rife with telephone spam and scams. Spam calls are significant annoyances for telephone users, unlike email spam, spam calls demand immediate attention. They are not only significant annoyances but also result in significant financial losses in the economy. According to complaint data from the FTC, complaints on illegal calls have made record numbers in recent years. Americans lose billions to fraud due to malicious telephone communication, despite various efforts to subdue telephone spam, scam, and robocalls. In this dissertation, a study of what causes the users to fall victim to telephone scams is presented, and it demonstrates that impersonation is at the heart of the problem. Most solutions today primarily rely on gathering offending caller IDs, however, they do not work effectively when the caller ID has been spoofed. Due to a lack of authentication in the PSTN caller ID transmission scheme, fraudsters can manipulate the caller ID to impersonate a trusted entity and further a variety of scams. To provide a solution to this fundamental problem, a novel architecture and method to authenticate the transmission of the caller ID is proposed. The solution enables the possibility of a security indicator which can provide an early warning to help users stay vigilant against telephone impersonation scams, as well as provide a foundation for existing and future defenses to stop unwanted telephone communication based on the caller ID information.Dissertation/ThesisDoctoral Dissertation Computer Science 201

Critical Infrastructures You Can Trust: Where Telecommunications Fits

This paper discusses two NISs: the public telephone network (PTN) and the Internet. Being themselves large and complex NISs, they not only merit study in their own right but can help us to understand some of the technical problems faced by the developers and operators of other NISs. In addition, the high cost of building a global communications infrastructure from the ground up implies that one or both of these two networks is likely to furnish communications services for most other NISs. Therefore, an understanding of the vulnerabilties of the PTN and Internet informs the assessment of the trustworthiness of other NISs. Ideas for improving the trustworthiness of the PTN and Internet are also proposed, both for the short-term (by improved use of existing technologies and procedures) and for the long-term (by identifying some areas where the state-of-the-art is inadequate and research is therefore needed). Finally, some observations are offered about Internet telephony and the use of the Internet for critical infrastructures

Analysis and Mitigation of Recent Attacks on Mobile Communication Backend

2014 aasta viimases kvartalis demonstreeriti mitmeid edukaid rünnakuid mobiilsidevõrkude vastu. Need baseerusid ühe peamise signaaliprotokolli, SS7 väärkasutamisel. Ründajatel õnnestus positsioneerida mobiilseadmete kasutajaid ja kuulata pealt nii kõnesid kui ka tekstisõnumeid. Ajal mil enamik viimase aja ründeid paljastavad nõrkusi lõppkasutajate seadmete tarkvaras, paljastavad need hiljutised rünnakud põhivõrkude endi haavatavust. Teadaolevalt on mobiilsete telekommunikatsioonivõrkude tööstuses raskusi haavatavuste õigeaegsel avastamisel ja nende mõistmisel. Käesolev töö on osa püüdlusest neid probleeme mõista. Töö annab põhjaliku ülevaate ja analüüsib teadaolevaid rünnakuid ning toob välja võimalikud lahendused. Rünnakud võivad olla väga suurte tagajärgedega, kuna vaatamata SS7 protokolli vanusele, jääb see siiski peamiseks signaaliprotokolliks mobiilsidevõrkudes veel pikaks ajaks. Uurimustöö analüüs ja tulemused aitavad mobiilsideoperaatoritel hinnata oma võrkude haavatavust ning teha paremaid investeeringuid oma taristu turvalisusele. Tulemused esitletakse mobiilsideoperaatoritele, võrguseadmete müüjatele ning 3GPP standardi organisatsioonile.In the last quarter of 2014, several successful attacks against mobile networks were demonstrated. They are based on misuse of one of the key signaling protocol, SS7, which is extensively used in the mobile communication backend for signaling tasks such as call and mobility management. The attackers were able to locate the mobile users and intercept voice calls and text messages. While most attacks in the public eye are those which exploits weaknesses in the end-device software or radio access links, these recently demonstrated vulnerabilities exploit weaknesses of the mobile core networks themselves. Understandably, there is a scramble in the mobile telecommunications industry to understand the attacks and the underlying vulnerabilities. This thesis is part of that effort. This thesis presents a broad and thorough overview and analysis of the known attacks against mobile network signaling protocols and the possible mitigation strategies. The attacks are presented in a uniform way, in relation to the mobile network protocol standards and signaling scenarios. Moreover, this thesis also presents a new attack that enables a malicious party with access to the signaling network to remove lost or stolen phones from the blacklist that is intended to prevent their use. Both the known and new attacks have been confirmed by implementing them in a controlled test environment. The attacks are serious because SS7, despite its age, remains the main signaling protocol in the mobile networks and will still long be required for interoperability and background compatibility in international roaming. Moreover, the number of entities with access to the core network, and hence the number of potential attackers, has increased significantly because of changes in regulation and opening of the networks to competition. The analysis and new results of this thesis will help mobile network providers and operators to assess the vulnerabilities in their infrastructure and to make security-aware decisions regarding their future investments and standardization. The results will be presented to the operators, network-equipment vendors, and to the 3GPP standards body

Signaling Security in LTE Roaming

LTE (Long Term Evolution) also known as 4G, is highly in demand for its incomparable levels of experience like high data rates, low latency, good Quality of Services(QoS) and roaming features. LTE uses Diameter protocol, which makes LTE an all IP network, connecting multiple network providers, providing flexibility in adding nodes and flexible mobility management while roaming. Which in turn makes LTE network more vulnerable to malicious actors. Diameter protocol architecture includes many nodes and the communication between the nodes is done through request and answer messages. Diameter manages the control session. Control session includes the signaling traffic which consists of messages to manage the user session. Roaming signaling traffic arises due to subscribers movement out of the geographical range of their home network to any other network. This signaling traffic moves over the roaming interconnection called S9 roaming interface. This thesis project aims to interfere and manipulate traffic from both user-to-network and network-to-network interfaces in order to identify possible security vulnerabilities in LTE roaming. A fake base-station is installed to establish a connection to a subscriber through the air interface. The IMSI (International Mobile Subscription Identity) is captured using this fake station. To explore the network-to-network communication an emulator based LTE testbed is used. The author has investigated how Diameter messages can be manipulated over the S9 interface to perform a fraud or DoS attack using the IMSI number. The consequences of such attacks are discussed and the countermeasures that can be considered by the MNOs (Mobile Network Operators) and Standardization Committees

A Hardware-in-the-Loop Water Distribution Testbed Dataset for Cyber-Physical Security Testing

This paper presents a dataset to support researchers in the validation process of solutions such as Intrusion Detection Systems (IDS) based on artificial intelligence and machine learning techniques for the detection and categorization of threats in Cyber Physical Systems (CPS). To this end, data were acquired from a hardware-in-the-loop Water Distribution Testbed (WDT) which emulates water flowing between eight tanks via solenoid-valves, pumps, pressure and flow sensors. The testbed is composed of a real subsystem that is virtually connected to a simulated one. The proposed dataset encompasses both physical and network data in order to highlight the consequences of attacks in the physical process as well as in network traffic behaviour. Simulations data are organized in four different acquisitions for a total duration of 2 hours by considering normal scenario and multiple anomalies due to cyber and physical attacks

Strong authentication based on mobile application

The user authentication in online services has evolved over time from the old username and password-based approaches to current strong authentication methodologies. Especially, the smartphone app has become one of the most important forms to perform the authentication. This thesis describes various authentication methods used previously and discusses about possible factors that generated the demand for the current strong authentication approach. We present the concepts and architectures of mobile application based authentication systems. Furthermore, we take closer look into the security of the mobile application based authentication approach. Mobile apps have various attack vectors that need to be taken under consideration when designing an authentication system. Fortunately, various generic software protection mechanisms have been developed during the last decades. We discuss how these mechanisms can be utilized in mobile app environment and in the authentication context. The main idea of this thesis is to gather relevant information about the authentication history and to be able to build a view of strong authentication evolution. This history and the aspects of the evolution are used to state hypothesis about the future research and development. We predict that the authentication systems in the future may be based on a holistic view of the behavioral patterns and physical properties of the user. Machine learning may be used in the future to implement an autonomous authentication concept that enables users to be authenticated with minimal physical or cognitive effort

Project BeARCAT : Baselining, Automation and Response for CAV Testbed Cyber Security : Connected Vehicle & Infrastructure Security Assessment

Connected, software-based systems are a driver in advancing the technology of transportation systems. Advanced automated and autonomous vehicles, together with electrification, will help reduce congestion, accidents and emissions. Meanwhile, vehicle manufacturers see advanced technology as enhancing their products in a competitive market. However, as many decades of using home and enterprise computer systems have shown, connectivity allows a system to become a target for criminal intentions. Cyber-based threats to any system are a problem; in transportation, there is the added safety implication of dealing with moving vehicles and the passengers within

Optimizing IETF multimedia signaling protocols and architectures in 3GPP networks : an evolutionary approach

Signaling in Next Generation IP-based networks heavily relies in the family of multimedia signaling protocols defined by IETF. Two of these signaling protocols are RTSP and SIP, which are text-based, client-server, request-response signaling protocols aimed at enabling multimedia sessions over IP networks. RTSP was conceived to set up streaming sessions from a Content / Streaming Server to a Streaming Client, while SIP was conceived to set up media (e.g.: voice, video, chat, file sharing, …) sessions among users. However, their scope has evolved and expanded over time to cover virtually any type of content and media session. As mobile networks progressively evolved towards an IP-only (All-IP) concept, particularly in 4G and 5G networks, 3GPP had to select IP-based signaling protocols for core mobile services, as opposed to traditional SS7-based protocols used in the circuit-switched domain in use in 2G and 3G networks. In that context, rather than reinventing the wheel, 3GPP decided to leverage Internet protocols and the work carried on by the IETF. Hence, it was not surprise that when 3GPP defined the so-called Packet-switched Streaming Service (PSS) for real-time continuous media delivery, it selected RTSP as its signaling protocol and, more importantly, SIP was eventually selected as the core signaling protocol for all multimedia core services in the mobile (All-)IP domain. This 3GPP decision to use off-the-shelf IETF-standardized signaling protocols has been a key cornerstone for the future of All-IP fixed / mobile networks convergence and Next Generation Networks (NGN) in general. In this context, the main goal of our work has been analyzing how such general purpose IP multimedia signaling protocols are deployed and behave over 3GPP mobile networks. Effectively, usage of IP protocols is key to enable cross-vendor interoperability. On the other hand, due to the specific nature of the mobile domain, there are scenarios where it might be possible to leverage some additional “context” to enhance the performance of such protocols in the particular case of mobile networks. With this idea in mind, the bulk of this thesis work has consisted on analyzing and optimizing the performance of SIP and RTSP multimedia signaling protocols and defining optimized deployment architectures, with particular focus on the 3GPP PSS and the 3GPP Mission Critical Push-to-Talk (MCPTT) service. This work was preceded by a detailed analysis work of the performance of underlying IP, UDP and TCP protocol performance over 3GPP networks, which provided the best baseline for the future work around IP multimedia signaling protocols. Our contributions include the proposal of new optimizations to enhance multimedia streaming session setup procedures, detailed analysis and optimizations of a SIP-based Presence service and, finally, the definition of new use cases and optimized deployment architectures for the 3GPP MCPTT service. All this work has been published in the form of one book, three papers published in JCR cited International Journals, 5 articles published in International Conferences, one paper published in a National Conference and one awarded patent. This thesis work provides a detailed description of all contributions plus a comprehensive overview of their context, the guiding principles beneath all contributions, their applicability to different network deployment technologies (from 2.5G to 5G), a detailed overview of the related OMA and 3GPP architectures, services and design principles. Last but not least, the potential evolution of this research work into the 5G domain is also outlined as well.Els mecanismes de Senyalització en xarxes de nova generació es fonamenten en protocols de senyalització definits per IETF. En particular, SIP i RTSP són dos protocols extensibles basats en missatges de text i paradigma petició-resposta. RTSP va ser concebut per a establir sessions de streaming de continguts, mentre SIP va ser creat inicialment per a facilitar l’establiment de sessions multimèdia (veu, vídeo, xat, compartició) entre usuaris. Tot i així, el seu àmbit d’aplicació s’ha anat expandint i evolucionant fins a cobrir virtualment qualsevol tipus de contingut i sessió multimèdia. A mesura que les xarxes mòbils han anat evolucionant cap a un paradigma “All-IP”, particularment en xarxes 4G i 5G, 3GPP va seleccionar els protocols i arquitectures destinats a gestionar la senyalització dels serveis mòbils presents i futurs. En un moment determinat 3GPP decideix que, a diferència dels sistemes 2G i 3G que fan servir protocols basats en SS7, els sistemes de nova generació farien servir protocols estandarditzats per IETF. Quan 3GPP va començar a estandarditzar el servei de Streaming sobre xarxes mòbils PSS (Packet-switched Streaming Service) va escollir el protocol RTSP com a mecanisme de senyalització. Encara més significatiu, el protocol SIP va ser escollit com a mecanisme de senyalització per a IMS (IP Multimedia Subsystem), l’arquitectura de nova generació que substituirà la xarxa telefònica tradicional i permetrà el desplegament de nous serveis multimèdia. La decisió per part de 3GPP de seleccionar protocols estàndards definits per IETF ha representat una fita cabdal per a la convergència del sistemes All-IP fixes i mòbils, i per al desenvolupament de xarxes NGN (Next Generation Networks) en general. En aquest context, el nostre objectiu inicial ha estat analitzar com aquests protocols de senyalització multimèdia, dissenyats per a xarxes IP genèriques, es comporten sobre xarxes mòbils 3GPP. Efectivament, l’ús de protocols IP és fonamental de cara a facilitar la interoperabilitat de solucions diferents. Per altra banda, hi ha escenaris a on és possible aprofitar informació de “context” addicional per a millorar el comportament d’aquests protocols en al cas particular de xarxes mòbils. El cos principal del treball de la tesi ha consistit en l’anàlisi i optimització del rendiment dels protocols de senyalització multimèdia SIP i RTSP, i la definició d’arquitectures de desplegament, amb èmfasi en els serveis 3GPP PSS i 3GPP Mission Critical Push-to-Talk (MCPTT). Aquest treball ha estat precedit per una feina d’anàlisi detallada del comportament dels protocols IP, TCP i UDP sobre xarxes 3GPP, que va proporcionar els fonaments adequats per a la posterior tasca d’anàlisi de protocols de senyalització sobre xarxes mòbils. Les contribucions inclouen la proposta de noves optimitzacions per a millorar els procediments d’establiment de sessions de streaming multimèdia, l’anàlisi detallat i optimització del servei de Presència basat en SIP i la definició de nous casos d’ús i exemples de desplegament d’arquitectures optimitzades per al servei 3GPP MCPTT. Aquestes contribucions ha quedat reflectides en un llibre, tres articles publicats en Revistes Internacionals amb índex JCR, 5 articles publicats en Conferències Internacionals, un article publicat en Congrés Nacional i l’adjudicació d’una patent. La tesi proporciona una descripció detallada de totes les contribucions, així com un exhaustiu repàs del seu context, dels principis fonamentals subjacents a totes les contribucions, la seva aplicabilitat a diferents tipus de desplegaments de xarxa (des de 2.5G a 5G), així una presentació detallada de les arquitectures associades definides per organismes com OMA o 3GPP. Finalment també es presenta l’evolució potencial de la tasca de recerca cap a sistemes 5G.Postprint (published version

Journal of Telecommunications and Information Technology

kwartalni