A Denial of Service Attack to GSM Networks via Attach Procedure

Abstract : Mobile Network Operators (MNOs) keep a strict control over users accessing the networks by means of the Subscriber Identity Module (SIM). This module grants the user access to the network, by performing the registration and authentication of the user’s device. Without a valid Subscribe IdentityModule (SIM) module and a successful authentication, mobile devices are not granted access and, hence, they are not allowed to inject any traffic in the mobile infrastructure. Nevertheless, in this paper we describe an attack to the security of a mobile network allowing an unauthenticated malicious mobile device to inject traffic in the mobile operator’s infrastructure. We show that even with devices without any SIM module it is possible to inject high levels of signaling traffic in the mobile infrastructure, causing significant service degradation up to a full-fledged Denial of Service (DoS) attack.
Type de document :
Communication dans un congrès
Alfredo Cuzzocrea; Christian Kittl; Dimitris E. Simos; Edgar Weippl; Lida Xu. 1st Cross-Domain Conference and Workshop on Availability, Reliability, and Security in Information Systems (CD-ARES), Sep 2013, Regensburg, Germany. Springer, Lecture Notes in Computer Science, LNCS-8128, pp.361-376, 2013, Security Engineering and Intelligence Informatics
Liste complète des métadonnées

Littérature citée [43 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01506555
Contributeur : Hal Ifip <>
Soumis le : mercredi 12 avril 2017 - 10:24:53
Dernière modification le : jeudi 14 juin 2018 - 10:54:03
Document(s) archivé(s) le : jeudi 13 juillet 2017 - 12:25:54

Fichier

978-3-642-40588-4_25_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

  • HAL Id : hal-01506555, version 1

Citation

Nicola Gobbo, Alessio Merlo, Mauro Migliardi. A Denial of Service Attack to GSM Networks via Attach Procedure. Alfredo Cuzzocrea; Christian Kittl; Dimitris E. Simos; Edgar Weippl; Lida Xu. 1st Cross-Domain Conference and Workshop on Availability, Reliability, and Security in Information Systems (CD-ARES), Sep 2013, Regensburg, Germany. Springer, Lecture Notes in Computer Science, LNCS-8128, pp.361-376, 2013, Security Engineering and Intelligence Informatics. 〈hal-01506555〉

Partager

Métriques

Consultations de la notice

127

Téléchargements de fichiers

188