Roaming interface signaling security for LTE networks

| openaire: EC/H2020/737422/EU//SCOTTA consistent effort has been made to provide fast, secure and uninterrupted mobile connectivity around the world. Mobile network operators use the private Interconnection network (IPX) to communicate with each other and with other service providers for international roaming and a large range of services. In LTE/4G, many core network nodes are involved in the communication and connection set-up for the subscriber in roaming scenarios. Currently, Diameter based protocols and the S9 interface are rolled out on the IPX network. We analyze the roaming interface (S9) in the LTE networks which is used for communicating charging, service control and QoS control signaling messages. This research explores Diameter Protocol features for the charging mechanisms and describes how manipulation in policy control and charging rules can influence the subscriber plan and services. The concept has been implemented and tested using a specification conformant LTE emulator. To mitigate the attack we will describe approaches and protection strategies that can be deployed.Peer reviewe

A Framework for Privacy Quantification: Measuring the Impact of Privacy Techniques through Mutual Information, Distance Mapping, and Machine Learning

In This Paper, We Propose to Investigate How the Effects of Privacy Techniques Can Be Practically Assessed in the Specific Context of Data Anonymization, and Present Some Possible Tools for Measuring the Effects of Such Anonymization. We Develop an Approach using Mutual Information for Measuring the Information Content in Any Dataset, Including over Non-Euclidean Data Spaces, by Means of Mapping Non-Euclidean Distances to a Euclidean Space. We Further Evaluate the Proposed Approach over Toy Datasets Composed of Timestamped Gps Traces, and Attempt to Quantify the Information Content Loss Created by Three State-Of-The-Art Anonymization Approaches. the Results Allow for an Objective Quantification of the Effects of the K-Anonymity and Differential Privacy Algorithms, and Illustrate on the Toy Data Used, that Such Privacy Techniques Have Very Non-Linear Effects on the Information Content of the Data

Practical Estimation of Mutual Information on Non-Euclidean Spaces

Part 3: MAKE PrivacyInternational audienceWe propose, in this paper, to address the issue of measuring the impact of privacy and anonymization techniques, by measuring the data loss between “before” and “after”. The proposed approach focuses therefore on data usability, more than in ensuring that the data is sufficiently anonymized. We use Mutual Information as the measure criterion for this approach, and detail how we propose to measure Mutual Information over non-Euclidean data, in practice, using two possible existing estimators. We test this approach using toy data to illustrate the effects of some well known anonymization techniques on the proposed measure

Testbed for security orchestration in a network function virtualization environment

We present a testbed implementation for the development, evaluation and demonstration of security orchestration in a network function virtualization environment. As a specific scenario, we demonstrate how an intelligent response to DDoS and various other kinds of targeted attacks can be formulated such that these attacks and future variations can be mitigated. We utilise machine learning to characterise normal network traffic, attacks and responses, then utilise this information to orchestrate virtualized network functions around affected components to isolate these components and to capture, redirect and filter traffic (e.g. honeypotting) for additional analysis. This allows us to maintain a high level of network quality of service to given network functions and components despite adverse network conditions

Anomaly-Based Intrusion Detection using Extreme Learning Machine and Aggregation of Network Traffic Statistics in Probability Space

Recently, with the Increased Use of Network Communication, the Risk of Compromising the Information Has Grown Immensely. Intrusions Have Become More Sophisticated and Few Methods Can Achieve Efficient Results While the Network Behavior Constantly Changes. This Paper Proposes an Intrusion Detection System based on Modeling Distributions of Network Statistics and Extreme Learning Machine (Elm) to Achieve High Detection Rates of Intrusions. the Proposed Model Aggregates the Network Traffic at the Ip Subnetwork Level and the Distribution of Statistics Are Collected for the Most Frequent Ipv4 Addresses Encountered as Destination. the Obtained Probability Distributions Are Learned by Elm. This Model is Evaluated on the Iscx-Ids 2012 Dataset, Which is Collected using a Real-Time Testbed. the Model is Compared Against Leading Approaches using the Same Dataset. Experimental Results Show that the Presented Method Achieves an Average Detection Rate of 91% and a Misclassification Rate of 9%. the Experimental Results Show that Our Methods Significantly Improve the Performance of the Simple Elm Despite a Trade-Off between Performance and Time Complexity. Furthermore, Our Methods Achieve Good Performance in Comparison with the Other Few State-Of-The-Art Approaches Evaluated on the Iscx-Ids 2012 Dataset

Data Anonymization as a Vector Quantization Problem: Control Over Privacy for Health Data

Part 2: Special Session on Privacy Aware Machine Learning for Health Data Science (PAML 2016)International audienceThis paper tackles the topic of data anonymization from a vector quantization point of view. The admitted goal in this work is to provide means of performing data anonymization to avoid single individual or group re-identification from a data set, while maintaining as much as possible (and in a very specific sense) data integrity and structure. The structure of the data is first captured by clustering (with a vector quantization approach), and we propose to use the properties of this vector quantization to anonymize the data. Under some assumptions over possible computations to be performed on the data, we give a framework for identifying and “pushing back outliers in the crowd”, in this clustering sense, as well as anonymizing cluster members while preserving cluster-level statistics and structure as defined by the assumptions (density, pairwise distances, cluster shape and members...)