Storms in mobile networks

Mobile networks are vulnerable to signalling attacks and storms caused by traffic that overloads the control plane through excessive signalling, which can be introduced via malware and mobile botnets. With the advent of machine-to-machine (M2M) communications over mobile networks, the potential for signalling storms increases due to the normally periodic nature of M2M traffic and the sheer number of communicating nodes. Several mobile network operators have also experienced signalling storms due to poorly designed applications that result in service outage. The radio resource control (RRC) protocol is particularly susceptible to such attacks, motivating this work within the EU FP7 NEMESYS project which presents simulations that clarify the temporal dynamics of user behavior and signalling, allowing us to suggest how such attacks can be detected and mitigated

Detection and mitigation of signaling storms in mobile networks

Mobile Networks are subject to "signaling storms" launched by malware or apps, which overload the the bandwidth at the cell, the backbone signaling servers, and Cloud servers, and may also deplete the battery power of mobile devices. This paper reviews the subject and discusses a novel technique to detect and mitigate such signaling storms. Through a mathematical analysis we introduce a technique based on tracking time-out transitions in the signaling system that can substantially reduce both the number of misbehaving mobiles and the signaling overload in the backbone

Security for smart mobile networks: The NEMESYS approach

The growing popularity of smart mobile devices such as smartphones and tablets has made them an attractive target for cyber-criminals, resulting in a rapidly growing and evolving mobile threat as attackers experiment with new business models by targeting mobile users. With the emergence of the first large-scale mobile botnets, the core network has also become vulnerable to distributed denial-of-service attacks such as the signaling attack. Furthermore, complementary access methods such as Wi-Fi and femtocells introduce additional vulnerabilities for the mobile users as well as the core network. In this paper, we present the NEMESYS approach to smart mobile network security, to develop novel security technologies for seamless service provisioning in the smart mobile ecosystem, and to improve mobile network security through a better understanding of the threat landscape

Modeling and analysis of RRC-based signalling storms in 3G networks

Mobile networks are vulnerable to signaling attacks and storms that are caused by traffic patterns that overload the control plane, and differ from distributed denial of service attacks in the Internet since they directly affect the control plane, and also reserve wireless bandwidth and network resources without actually using them. Such storms can result from malware and mobile botnets, as well as from poorly designed applications, and can cause service outages in 3G and 4G networks, which have been experienced by mobile operators. Since the radio resource control (RRC) protocol in the 3G and 4G networks is particularly susceptible to such storms, we analyze their effect with a mathematical model that helps to predict the congestion that is caused by a storm. A detailed simulation model of a mobile network is used to better understand the temporal dynamics of user behavior and signaling in the network and to show how RRC-based signaling attacks and storms cause significant problems in both the control and user planes of the network. Our analysis also serves to identify how storms can be detected, and to propose how system parameters can be chosen to mitigate their effect

Resilient Emergency Evacuation Using Opportunistic Communications

Abstract We describe an emergency evacuation support system (ESS) that employs short-range wireless communications among mobile devices carried by civilians. Emergency information is disseminated via opportunistic contacts between communication nodes (CNs), and each CN provides adaptive step-by-step navigation directions for its user during evacuation. Using mobile devices and opportunistic communications (oppcomms) allow ESS to operate when other means of communication are destroyed or overloaded. In this paper, we evaluate the resilience of oppcomms as used to enable evacuation support in ESS; we specifically consider the effect of CN failures on evacuation and communication performance. Our simulation experiments of evacuation of a three-floor office building show that ESS is highly resilient to node failures, and failure ratios up to 20 % are well-tolerated.

The Emergency Direct Mobile App: Safety Message Dissemination over a Multi-Group Network of Smartphones using Wi-Fi Direct

Nowadays, the Wi-Fi Direct technology is supported by most of smartphones on the market, and provides a viable solution to guarantee opportunistic communication among group of devices in a 1-hop range. However, the current specifications of the standard do not support the inter-group communication, which constitutes a key requirement for content-delivery applications like the public safety ones. In this paper, we provide an in-depth analysis of the utilization of the Wi-Fi Direct technology for safety message dissemination over emergency and post-disaster scenarios. Three main contributions are provided. First, we show the experimental results of the Wi-Fi Direct technology on a test-bed composed of multiple heterogeneous smartphones, and we analyze the main factors affecting the system performance, like the network setup overhead, the communication range and the network throughput. Second, we investigate how to create multi-group Peer-to-Peer (P2P) networks by leveraging on the presence of P2P relay devices, which are in charge of offloading the data among different P2P groups, although being connected to only one P2P group at a time. An analytical model is proposed in order to derive the optimal group switching time which provides the best trade-off between the multihop delay and the delivery rate, by taking into account the buffer size of the P2P Group Owners (GO) devices. Finally, we describe the implementation of the network formation algorithm within the Emergency Direct mobile application, which allows the multi-hop dissemination of instantaneous and geo-localized alert messages among the smartphones located in the scenario of the emergency

Research and innovation action for the security of the internet of things: The SerIoT project

The Internet of Things (IoT) was born in the mid 2010’s, when the threshold of connecting more objects than people to the Internet, was crossed. Thus, attacks and threats on the content and quality of service of the IoT platforms can have economic, energetic and physical security consequences that go way beyond the traditional Internet’s lack of security, and way beyond the threats posed by attacks to mobile telephony. Thus, this paper describes the H2020 project “Secure and Safe Internet of Things” (SerIoT) which will optimize the information security in IoT platforms and networks in a holistic, cross-layered manner (i.e. IoT platforms and devices, honeypots, SDN routers and operator’s controller) in order to offer a secure SerIoT platform that can be used to implement secure IoT platforms and networks anywhere and everywhere