55 research outputs found
Analysis and Experimental Verification of Diameter Attacks in Long Term Evolution Networks
In cellular networks, the roaming interconnection was designed when there were only a few trusted parties and security was not a major concern or design criteria. Most of the roaming interconnections today are still based on the decades-old SS7 and the lack of security is being blamed for several vulnerabilities. Recent research indicates that the roaming interconnection has been widely misused for gaining access to the core network. Several attacks have been demonstrated by malicious attackers and other unauthorized entities such as intelligence agencies by exploiting the SS7 signaling protocol. Some operators moved to the more modern LTE (Long Term Evolution) and Diameter Signaling for high-speed data roaming and enhanced security. While LTE offers very high quality and resilience over the air security, it still requires special security capabilities and features to secure the core network against attacks targeting the roaming interconnection.
This thesis analyses and identifies attacks that exploit the roaming interconnection and Diameter signaling used in LTE networks. The attacks are analyzed in accordance with the mobile network protocol standards and signaling scenarios. The attacks are also implemented in a test LTE network of a global operator. This thesis also focuses on potential countermeasures to mitigate the identified attacks
Improved internet protocol multimedia subsystem authentication for long term evolution
Long Term Evolution (LTE) is a major technology to be used in the 4th generation (4G) mobile network and the core network is evolving towards a converged packet based framework for all services. As a part of the evolved core network, Internet Protocol (IP) Multimedia Subsystem (IMS) provides multimedia services (data, voice, video and variations) over packet switched networks. LTE and IMS are both defined by the 3rd Generation Partnership Project (3GPP) group, and the specification identifies that a LTE user device has to carry out two authentication steps to access IP multimedia services. The first authentication step is used to gain LTE network admission and the second authentication step is the IMS authentication used to gain access to the multimedia services. It is observed that the 4G standardized authentication protocols include double execution of the Authentication and Key Agreement (AKA) which increases the system’s complexity, results in significant authentication delay and high terminal energy consumption. Authentication is very important for a terminal to gain access to a network and therefore considerable previous research into this topic has occurred. However a common limitation of previously proposed authentication systems is either a lack of security or significant system modification. This research proposes the Improved AKA (IAKA) authentication protocol which binds the two layer’s authentication procedures by using the unified IP Multimedia Private-user Identity (IMPI). The proposed IAKA only executes the AKA protocol once in the network layer and generates authentication credentials which would be used in the second IMS service layer authentication. This research work included providing IAKA authentication protocol, developing a LTE IMS integrated network by using OPNET Modeller, simulation of the IAKA and the legacy 3GPP defined 4G LTE AKA authentication protocol under different environments, and in-depth analysis of the system performance, security and terminal’s energy consumption. It is shown that the proposed IAKA carries out terminal authentication correctly, improves security, reduces IMS layer authentication delay by up to 38%, and provides an 81.82% terminal energy consumption saving
A framework to provide charging for third party composite services
Includes synopsis.Includes bibliographical references (leaves 81-87).Over the past few years the trend in the telecommunications industry has been geared towards offering new and innovative services to end users. A decade ago network operators were content with offering simple services such as voice and text messaging. However, they began to notice that these services were generating lower revenues even while the number of subscribers increased. This was a direct result of the market saturation and network operators were forced to rapidly deploy services with minimum capital investment and while maximising revenue from service usage by end users. Network operators can achieve this by exposing the network to external content and service providers. They would create interfaces that would allow these 3rd party service and content providers to offer their applications and services to users. Composing and bundling of these services will essentially create new services for the user and achieve rapid deployment of enhanced services. The concept of offering a wide range of services that are coordinated in such a way that they deliver a unique experience has sparked interest and numerous research on Service Delivery Platforms (SDP). SDP‟s will enable network operators to be able to develop and offer a wide-variety service set. Given this interest on SDP standardisation bodies such as International Telecommunications Union – Telecommunications (ITU-T), Telecoms and Internet converged Servicers and Protocols for Advanced Networks) (TISPAN), 3rd Generations Partnership Project (3GPP) and Open Mobile Alliance (OMA) are leading efforts into standardising functions and protocols to enhance service delivery by network operators. Obtaining revenue from these services requires effective accounting of service usage and requires mechanisms for billing and charging of these services. The IP Multimedia subsystem(IMS) is a Next Generation Network (NGN) architecture that provides a platform for which multimedia services can be developed and deployed by network operators. The IMS provides network operators, both fixed or mobile, with a control layer that allows them to offer services that will enable them to remain key role players within the industry. Achieving this in an environment where the network operator interacts directly with the 3rd party service providers may become complicated
VoLTE service implementation in EPS-IMS networks
Diplomová práce popisuje VoLTE sluĹľbu, vĂ˝voj a nasazenĂ LTE (zavádÄ›cĂ fázi, skuteÄŤnĂ˝ LTE stav a vĂ˝hledy do budoucna atd.), EPC-IMS architekturu (popis funkce uzlu, rozhranĂ atd.) Komunikace mezi uzly a funkce, rozhranĂ a protokoly jsou pouĹľĂvány v prĹŻbÄ›hu signalizace (SIP SDP) a datovĂ˝ tok (RTCP RTP). Práce struÄŤnÄ› popisuje základnĂ toky hovorĹŻ, typy nosiÄŤĹŻ (GBR and N-GBR), a to vytvoĹ™enĂ / mazanĂ nosiÄŤĹŻ bÄ›hem komunikace. Dalšà část diplomovĂ© práce o implementaci volte, instalace a konfigurace IMS. ZávÄ›reÄŤná část diplomovĂ© práce popisuje zkoušky sĂtÄ› a, analĂ˝zu protokolu.The master's thesis describes VoLTE service, LTE evolution and deployment (deployment phases, actual LTE state and future perspectives etc.), EPC-IMS architecture (functional node description, interfaces etc.). Communications between nodes and functions, interfaces and protocols which are used during signaling (SIP-SDP) and data flow (RTCP RTP). Thesis briefly describe basic call flows, bearers types (GBR and N-GBR) and their establishment/delete during communication. The next part of master's thesis is about VoLTE implementation solutions, IMS installation and configuration. The final part of master's thesis describes the network and protocols tests, analyzes.
LEVERAGING OPENAIRINTERFACE AND SOFTWARE DEFINED RADIO TO ESTABLISH A LOW-COST 5G NON-STANDALONE ARCHITECTURE
Includes Supplementary MaterialCommercial cellular service providers are at the forefront of the paradigm shift from 4G Long Term Evolution (LTE) to 5G New Radio (NR). The increase in throughput, provisioning of ultra-low latency, and greater reliability of 5G enable potential uses that no other wireless communication could support. The Department of Defense (DOD) is interested in 5G NR technologies, but the implementation of the architecture can be lengthy and costly. This capstone configured a 4G LTE network and a 5G non-standalone network using OpenAirInterface and software defined radios (SDRs). Universal Subscriber Identity Module (USIM) cards were configured and introduced to user equipment and attached to the 4G LTE network. A gNodeB (gNB) was added to the 4G LTE network to establish the 5G non-standalone (NSA) network architecture (3GPP Option 3). The testbed developed in this research was able to connect the core to a commercial internet service provider and browse the internet using third-party applications. Our analysis educates future researchers on the challenges and lessons learned when implementing the OpenAirInterface 4G LTE and 5G NSA networks. This work also provides a better understanding of 4G LTE and 5G NSA OpenAirInterface software usability, flexibility, and scalability for potential use cases for the DOD.Chief Petty Officer, United States NavyApproved for public release. Distribution is unlimited
Terminal LTE flexĂvel
Mstrado em Engenharia Eletrónica e TelecomunicaçõesAs redes móveis estão em constante evolução. A geração atual (4G) de
redes celulares de banda larga e representada pelo standard Long Term
Evolution (LTE), definido pela 3rd Generation Partnership Project (3GPP).
Existe uma elevada procura/uso da rede LTE, com um aumento exponencial
do número de dispositivos móveis a requerer uma ligação à Internet de alto
débito. Isto pode conduzir à sobrelotação do espetro, levando a que o sinal
tenha que ser reforçado e a cobertura melhorada em locais especĂficos, tal
como em grandes conferĂŞncias, festivais e eventos desportivos. Por outro
lado, seria uma vantagem importante se os utilizadores pudessem continuar
a usar os seus equipamentos e terminais em situações onde o acesso a redes
4G é inexistente, tais como a bordo de um navio, eventos esporádicos em
localizações remotas ou em cenários de catástrofe, em que as infraestruturas
que permitem as telecomunicações foram danificadas e a cobertura
temporária de rede pode ser decisiva em processos de salvamento. Assim
sendo, existe uma motivação clara por trás do desenvolvimento de uma
infraestrutura celular totalmente reconfigurável e que preencha as caracterĂsticas mencionadas anteriormente.
Uma possĂvel abordagem consiste numa plataforma de rádio definido por
software (SDR), de cĂłdigo aberto, que implementa o standard LTE e corre
em processadores de uso geral (GPPs), tornando possĂvel construir uma rede
completa investindo somente em hardware - computadores e front-ends de
radiofrequência (RF). Após comparação e análise de várias plataformas LTE
de cĂłdigo aberto foi selecionado o OpenAirInterface (OAI) da EURECOM,
que disponibiliza uma implementação compatĂvel com a Release 8.6 da
3GPP (com parte das funcionalidades da Release 10).
O principal objectivo desta dissertação é a implementação de um User
Equipment (UE) flexĂvel, usando plataformas SDR de cĂłdigo aberto que corram
num computador de placa Ăşnica (SBC) compacto e de baixa potĂŞncia,
integrado com um front-end de RF - Universal Software Radio Peripheral
(USRP). A transmissĂŁo de dados em tempo real usando os modos de duplexagem
Time Division Duplex (TDD) e Frequency Division Duplex (FDD) é suportada e a reconfiguração de certos parâmetros é permitida, nomeadamente
a frequĂŞncia portadora, a largura de banda e o nĂşmero de Resource
Blocks (RBs) usados. AlĂ©m disso, Ă© possĂvel partilhar os dados mĂłveis LTE
com utilizadores que estejam prĂłximos, semelhante ao que acontece com
um hotspot de Wi-Fi. O processo de implementação é descrito, incluindo
todos os passos necessários para o seu desenvolvimento, englobando o port
do UE de um computador para um SBC. Finalmente, a performance da rede
é analisada, discutindo os valores de débitos obtidos.Mobile networks are constantly evolving. 4G is the current generation of
broadband cellular network technology and is represented by the Long Term
Evolution (LTE) standard, de ned by 3rd Generation Partnership Project
(3GPP). There's a high demand for LTE at the moment, with the number
of mobile devices requiring an high-speed Internet connection increasing exponentially.
This may overcrowd the spectrum on the existing deployments
and the signal needs to be reinforced and coverage improved in speci c sites,
such as large conferences, festivals and sport events. On the other hand,
it would be an important advantage if users could continue to use their
equipment and terminals in situations where cellular networks aren't usually
available, such as on board of a cruise ship, sporadic events in remote
locations, or in catastrophe scenarios in which the telecommunication infrastructure
was damaged and the rapid deployment of a temporary network
can save lives. In all of these situations, the availability of
exible and easily
deployable cellular base stations and user terminals operating on standard
or custom bands would be very desirable. Thus, there is a clear motivation
for the development of a fully recon gurable cellular infrastructure solution
that ful lls these requirements.
A possible approach is an open-source, low-cost and low maintenance
Software-De ned Radio (SDR) software platform that implements the LTE
standard and runs on General Purpose Processors (GPPs), making it possible
to build an entire network while only spending money on the hardware
itself - computers and Radio-Frequency (RF) front-ends. After comparison
and analysis of several open-source LTE SDR platforms, the EURECOM's
OpenAirInterface (OAI) was chosen, providing a 3GPP standard-compliant
implementation of Release 8.6 (with a subset of Release 10 functionalities).
The main goal of this dissertation is the implementation of a
exible opensource
LTE User Equipment (UE) software radio platform on a compact
and low-power Single Board Computer (SBC) device, integrated with an
RF hardware front-end - Universal Software Radio Peripheral (USRP). It
supports real-time Time Division Duplex (TDD) and Frequency Division
Duplex (FDD) LTE modes and the recon guration of several parameters,
namely the carrier frequency, bandwidth and the number of LTE Resource
Blocks (RB) used. It can also share its LTE mobile data with nearby users,
similarly to a Wi-Fi hotspot. The implementation is described through
its several developing steps, including the porting of the UE from a regular
computer to a SBC. The performance of the network is then analysed based
on measured results of throughput
Network sharing through service outsourcing in inter-domain IMS frameworks
Includes abstract.Includes bibliographical references (leaves 161-167).Resource sharing can be used as a short-term solution to the imbalance between the supply and demand of network resources. Resources sharing enables operators to provide services to their subscribers using networks belonging to other operators. Resource sharing in mobile networks is increasingly becoming an option for operators to provide service to their subscribers. In this thesis we explore a mechanism for sharing access network resources that utilises negotiable short-term Service Level Agreements (SLA) that can easily adapt to changing network conditions. Through this mechanism operators of resource constrained networks may use near real time dynamic SLAs to negotiate network access services for their subscribers. We refer to this form of resource sharing as 'Service Outsourcing'
Integration of LoRa Wide Area Network with the 5G Test Network
Abstract. The global communication network is going through major transformation from conventional to more versatile and diversified network approaches. With the advent of virtualization and cloud technology, information technology (IT) is merging with telecommunications to alter the conventional approaches of traditional proprietary networking techniques. From radio to network and applications, the existing infrastructure lacks several features that we wished to be part of 5th Generation Mobile Networks (5G). Having a support for large number of applications, Internet of Things (IoT) will bring a major evolution by creating a comfortable, flexible and an automated environment for end users. A network having the capability to support radio protocols on top of basic networking protocols, when blended with a platform which can generate IoT use cases, can make the expectations of 5G a reality.
Low Power Wide Area Network (LPWAN) technologies can be utilized with other emerging and suitable technologies for IoT applications. To implement a network where all the technologies can be deployed virtually to serve their applications within a single cloud, Network Functions Virtualization (NFV) and Software Defined Network (SDN) is introduced to implement such a networking possibility for upcoming technologies. The 5G Test Network (5GTN), a testbed for implementing and testing 5G features in real time, is deployed in virtual platform which allows to add other technologies for IoT applications. To implement a network with an IoT enabler technology, LoRa Wide Area Network (LoRaWAN) technology can be integrated to test the feasibility and capability of IoT implications. LoRaWAN being an IoT enabler technology is chosen out of several possibilities to be integrated with the 5GTN. Using MultiConnect Conduit as a gateway, the integration is realized by establishing point to point protocol (PPP) connection with eNodeB. Once the connection is established, LoRa packets are forwarded to the ThingWorx IoT cloud and responses can be received by the end-devices from that IoT cloud by using Message Queuing Telemetry Transport (MQTT) protocol. Wireshark, an open source packet analyser, is then used to ensure successful transmission of packets to the ThingWorx using the 5GTN default packet routes
Flexible cross layer optimization for fixed and mobile broadband telecommunication networks and beyond
In der heutigen Zeit, in der das Internet im Allgemeinen und Telekommunikationsnetze im Speziellen kritische Infrastrukturen erreicht haben, entstehen hohe Anforderungen und neue Herausforderungen an den Datentransport in Hinsicht auf Effizienz und Flexibilität. Heutige Telekommunikationsnetze sind jedoch rigide und statisch konzipiert, was nur ein geringes Maß an Flexibilität und Anpassungsfähigkeit der Netze ermöglicht und darüber hinaus nur im begrenzten Maße die Wichtigkeit von Datenflüssen im wiederspiegelt. Diverse Lösungsansätze zum kompletten Neuentwurf als auch zum evolutionären Konzept des Internet wurden ausgearbeitet und spezifiziert, um diese neuartigen Anforderungen und Herausforderungen adäquat zu adressieren. Einer dieser Ansätze ist das Cross Layer Optimierungs-Paradigma, welches eine bisher nicht mögliche direkte Kommunikation zwischen verteilten Funktionalitäten unterschiedlichen Typs ermöglicht, um ein höheres Maß an Dienstgüte zu erlangen. Ein wesentlicher Indikator, welcher die Relevanz dieses Ansatzes unterstreicht, zeichnet sich durch die Programmierbarkeit von Netzwerkfunktionalitäten aus, welche sich aus der Evolution von heutigen hin zu zukünftigen Netzen erkennen lässt. Dieses Konzept wird als ein vielversprechender Lösungsansatz für Kontrollmechanismen von Diensten in zukünftigen Kernnetzwerken erachtet. Dennoch existiert zur Zeit der Entstehung dieser Doktorarbeit kein Ansatz zur Cross Layer Optimierung in Festnetz-und Mobilfunknetze, welcher der geforderten Effizienz und Flexibilität gerecht wird. Die übergeordnete Zielsetzung dieser Arbeit adressiert die Konzeptionierung, Entwicklung und Evaluierung eines Cross Layer Optimierungsansatzes für Telekommunikationsnetze. Einen wesentlichen Schwerpunkt dieser Arbeit stellt die Definition einer theoretischen Konzeptionierung und deren praktischer Realisierung eines Systems zur Cross Layer Optimierung für Telekommunikationsnetze dar. Die durch diese Doktorarbeit analysierten wissenschaftlichen Fragestellungen betreffen u.a. die Anwendbarkeit von Cross Layer Optimierungsansätzen auf Telekommunikationsnetzwerke; die Betrachtung neuartiger Anforderungen; existierende Konzepte, Ansätze und Lösungen; die Abdeckung neuer Funktionalitäten durch bereits existierende Lösungen; und letztendlich den erkennbaren Mehrwert des neu vorgeschlagenen Konzepts gegenüber den bestehenden Lösungen. Die wissenschaftlichen Beiträge dieser Doktorarbeit lassen sich grob durch vier Säulen skizzieren: Erstens werden der Stand der Wissenschaft und Technik analysiert und bewertet, Anforderungen erhoben und eine Lückenanalyse vorgenommen. Zweitens werden Herausforderungen, Möglichkeiten, Limitierungen und Konzeptionierungsaspekte eines Modells zur Cross Layer Optimierung analysiert und evaluiert. Drittens wird ein konzeptionelles Modell - Generic Adaptive Resource Control (GARC) - spezifiziert, als Prototyp realisiert und ausgiebig validiert. Viertens werden theoretische und praktische Beiträge dieser Doktorarbeit vertiefend analysiert und bewertet.As the telecommunication world moves towards a data-only network environment, signaling, voice and other data are similarly transported as Internet Protocol packets. New requirements, challenges and opportunities are bound to this transition and influence telecommunication architectures accordingly. In this time in which the Internet in general, and telecommunication networks in particular, have entered critical infrastructures and systems, it is of high importance to guarantee efficient and flexible data transport. A certain level of Quality-of-Service (QoS) for critical services is crucial even during overload situations in the access and core network, as these two are the bottlenecks in the network. However, the current telecommunication architecture is rigid and static, which offers very limited flexibility and adaptability. Several concepts on clean slate as well as evolutionary approaches have been proposed and defined in order to cope with these new challenges and requirements. One of these approaches is the Cross Layer Optimization paradigm. This concept omits the strict separation and isolation of the Application-, Control- and Network-Layers as it enables interaction and fosters Cross Layer Optimization among them. One indicator underlying this trend is the programmability of network functions, which emerges clearly during the telecommunication network evolution towards the Future Internet. The concept is regarded as one solution for service control in future mobile core networks. However, no standardized approach for Cross Layer signaling nor optimizations in between the individual layers have been standardized at the time this thesis was written. The main objective of this thesis is the design, implementation and evaluation of a Cross Layer Optimization concept on telecommunication networks. A major emphasis is given to the definition of a theoretical model and its practical realization through the implementation of a Cross Layer network resource optimization system for telecommunication systems. The key questions answered through this thesis are: in which way can the Cross Layer Optimization paradigm be applied on telecommunication networks; which new requirements arise; which of the required functionalities cannot be covered through existing solutions, what other conceptual approaches already exist and finally whether such a new concept is viable. The work presented in this thesis and its contributions can be summarized in four parts: First, a review of related work, a requirement analysis and a gap analysis were performed. Second, challenges, limitations, opportunities and design aspects for specifying an optimization model between application and network layer were formulated. Third, a conceptual model - Generic Adaptive Resource Control (GARC) - was specified and its prototypical implementation was realized. Fourth, the theoretical and practical thesis contributions was validated and evaluated
- …