Signalling Storms in 3G Mobile Networks

We review the characteristics of signalling storms that have been caused by certain common apps and recently observed in cellular networks, leading to system outages. We then develop a mathematical model of a mobile user's signalling behaviour which focuses on the potential of causing such storms, and represent it by a large Markov chain. The analysis of this model allows us to determine the key parameters of mobile user device behaviour that can lead to signalling storms. We then identify the parameter values that will lead to worst case load for the network itself in the presence of such storms. This leads to explicit results regarding the manner in which individual mobile behaviour can cause overload conditions on the network and its signalling servers, and provides insight into how this may be avoided.Comment: IEEE ICC 2014 - Communications and Information Systems Security Symposiu

Survey of End-to-End Mobile Network Measurement Testbeds, Tools, and Services

Mobile (cellular) networks enable innovation, but can also stifle it and lead to user frustration when network performance falls below expectations. As mobile networks become the predominant method of Internet access, developer, research, network operator, and regulatory communities have taken an increased interest in measuring end-to-end mobile network performance to, among other goals, minimize negative impact on application responsiveness. In this survey we examine current approaches to end-to-end mobile network performance measurement, diagnosis, and application prototyping. We compare available tools and their shortcomings with respect to the needs of researchers, developers, regulators, and the public. We intend for this survey to provide a comprehensive view of currently active efforts and some auspicious directions for future work in mobile network measurement and mobile application performance evaluation.Comment: Submitted to IEEE Communications Surveys and Tutorials. arXiv does not format the URL references correctly. For a correctly formatted version of this paper go to http://www.cs.montana.edu/mwittie/publications/Goel14Survey.pd

Mobile network anomaly detection and mitigation: The NEMESYS approach

Mobile malware and mobile network attacks are becoming a significant threat that accompanies the increasing popularity of smart phones and tablets. Thus in this paper we present our research vision that aims to develop a network-based security solution combining analytical modelling, simulation and learning, together with billing and control-plane data, to detect anomalies and attacks, and eliminate or mitigate their effects, as part of the EU FP7 NEMESYS project. These ideas are supplemented with a careful review of the state-of-the-art regarding anomaly detection techniques that mobile network operators may use to protect their infrastructure and secure users against malware

Behind the NAT – A Measurement Based Evaluation of Cellular Service Quality

Abstract—Mobile applications such as VoIP, (live) gaming, or video streaming have diverse QoS requirements ranging from low delay to high throughput. The optimization of the network quality experienced by end-users requires detailed knowledge of the expected network performance. Also, the achieved service quality is affected by a number of factors, including network operator and available technologies. However, most studies focusing on measuring the cellular network do not consider the performance implications of network configuration and management. To this end, this paper reports about an extensive data set of cellular network measurements, focused on analyzing root causes of mobile network performance variability. Measurements conducted over four weeks in a 4G cellular network in Germany show that management and configuration decisions have a substantial impact on the performance. Specifically, it is observed that the association of mobile devices to a Point of Presence (PoP) within the operator’s network can influence the end-to-end RTT by a large extent. Given the collected data a model predicting the PoP assignment and its resulting RTT leveraging Markov Chain and machine learning approaches is developed. RTT increases of 58% to 73% compared to the optimum performance are observed in more than 57% of the measurements

A Simple Non-Deterministic Approach Can Adapt to Complex Unpredictable 5G Cellular Networks

5G cellular networks are envisioned to support a wide range of emerging delay-oriented services with different delay requirements (e.g., 20ms for VR/AR, 40ms for cloud gaming, and 100ms for immersive video streaming). However, due to the highly variable and unpredictable nature of 5G access links, existing end-to-end (e2e) congestion control (CC) schemes perform poorly for them. In this paper, we demonstrate that properly blending non-deterministic exploration techniques with straightforward proactive and reactive measures is sufficient to design a simple yet effective e2e CC scheme for 5G networks that can: (1) achieve high controllable performance, and (2) possess provable properties. To that end, we designed Reminis and through extensive experiments on emulated and real-world 5G networks, show the performance benefits of it compared with different CC schemes. For instance, averaged over 60 different 5G cellular links on the Standalone (SA) scenarios, compared with a recent design by Google (BBR2), Reminis can achieve 2.2x lower 95th percentile delay while having the same link utilization

Updating Neighbour Cell List via Crowdsourced User Reports: A Framework for Measuring Time Performance

In modern wireless networks deployments, each serving node needs to keep its Neighbour Cell List (NCL) constantly up to date to keep track of network changes. The time needed by each serving node to update its NCL is an important parameter of the network’s reliability and performance. An adequate estimate of such parameter enables a significant improvement of self-configuration functionalities. This paper focuses on the update time of NCLs when an approach of crowdsourced user reports is adopted. In this setting, each user periodically reports to the serving node information about the set of nodes sensed by the user itself. We show that, by mapping the local topological structure of the network onto states of increasing knowledge, a crisp mathematical framework can be obtained, which allows in turn for the use of a variety of user mobility models. Further, using a simplified mobility model we show how to obtain useful upper bounds on the expected time for a serving node to gain Full Knowledge of its local neighbourhood

Private Communication Detection via Side-Channel Attacks

Private communication detection (PCD) enables an ordinary network user to discover communication patterns (e.g., call time, length, frequency, and initiator) between two or more private parties. Analysis of communication patterns between private parties has historically been a powerful tool used by intelligence, military, law-enforcement and business organizations because it can reveal the strength of tie between these parties. Ordinary users are assumed to have neither eavesdropping capabilities (e.g., the network may employ strong anonymity measures) nor the legal authority (e.g. no ability to issue a warrant to network providers) to collect private-communication records. We show that PCD is possible by ordinary users merely by sending packets to various network end-nodes and analyzing the responses. Three approaches for PCD are proposed based on a new type of side channels caused by resource contention, and defenses are proposed. The Resource-Saturation PCD exploits the resource contention (e.g., a fixed-size buffer) by sending carefully designed packets and monitoring different responses. Its effectiveness has been demonstrated on three commercial closed-source VoIP phones. The Stochastic PCD shows that timing side channels in the form of probing responses, which are caused by distinct resource-contention responses when different applications run in end nodes, enable effective PCD despite network and proxy-generated noise (e.g., jitter, delays). It was applied to WiFi and Instant Messaging for resource contention in the radio channel and the keyboard, respectively. Similar analysis enables practical Sybil node detection. Finally, the Service-Priority PCD utilizes the fact that 3G/2G mobile communication systems give higher priority to voice service than data service. This allows detection of the busy status of smartphones, and then discovery of their call records by correlating the busy status. This approach was successfully applied to iPhone and Android phones in AT&T's network. An additional, unanticipated finding was that an Internet user could disable a 2G phone's voice service by probing it with short enough intervals (e.g., 1 second). PCD defenses can be traditional side-channel countermeasures or PCD-specific ones, e.g., monitoring and blocking suspicious periodic network traffic