Abstract
Cellular networks are fundamental infrastructures nowadays, so that any communication problem could affect the user in different ways, from accessing social networks up to personal safety issues. In this work, we explore the feasibility of carrying out a DDoS attack to the Home Subscriber Server of the 4G network through non-3GPP access, i.e. access points that are not specified by the Third Generation Partnership Project, in particular using the SIP register procedure. A previous study on a DDoS attack to UMTS Network showed that injecting 2500 requests in every 4.7s time window is possible to reduce the HLR capability to serve legitimate requests by 93%, and that such an attack can be mounted with a few hundred devices. A limit to that attacking approach is that we would require mobile devices that need to connect to an eNodeB (cellular base station). Instead, in the approach proposed in this paper we carry out a preliminary study to explore the possibility of using devices that are generically connected to the Internet: this means that the population of devices that can be leveraged to mount the attack is wider than in the first case; furthermore, the constraint of having legitimate SIM modules is removed.
This work is supported by the University of Padua.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
3GPP The Mobile Global Standard. https://www.3gpp.org/about-3gpp/about-3gpp
ETSI TS 136 300 V14.2.0 (2017). https://www.etsi.org/deliver/etsi_ts/136300_136399/136300/14.02.00_60/ts_136300v140200p.pdf
Technical Specification Group Services and System Aspects, IP Multimedia Subsystem (IMS), Stage 2, TS 23.228 (2006). 3rd Generation Partnership Project. https://www.etsi.org/deliver/etsi_ts/123400_123499/123406/07.01.00_60/ts_123406v070100p.pdf
Aonzo, S., Merlo, A., Tavella, G., Fratantonio, Y.: Phishing attacks on modern android. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (CCS 2018) (2018)
Ficco, M., Palmieri, F.: Introducing fraudulent energy consumption in cloud infrastructures: a new generation of denial-of-service attacks. IEEE Syst. J. 11(2), 460–470 (2017). https://doi.org/10.1109/JSYST.2015.2414822
Palmieri, F., Fiore, U.: Providing true end-to-end security in converged voice over IP infrastructures. Comput. Secur. 28(6), 433–449 (2009)
Traynor, P., Lin, M., Ongtang, M., Rao, V., Jaeger, T., McDaniel, P., La Porta, T.: On cellular botnets: measuring the impact of malicious devices on a cellular network core. In: Proceedings of 16th ACM Conference on Computer Communication Security, pp. 223–234 (2009)
Merlo, A., Migliardi, M., Gobbo, N., Palmieri, F., Castiglione, A.: A denial of service attack to UMTS networks using sim-less devices. IEEE Trans. Dependable Secure Comput. 11(3), 280–291 (2014). https://doi.org/10.1109/TDSC.2014.2315198
Home Subscribe Server. https://sites.google.com/site/lteencyclopedia/lte-network-infrastructure-and-elements#TOC-3.2-HSS-Home-Subscriber-Server-10
Internet Engineering Task Force (IETF), RFC, Requirements from Session Initiation Protocol (SIP) Session Border Control (SBC) Deployments. https://tools.ietf.org/html/rfc5853
Tsiatsikas, Z., Fakis, A., Papamartzivanos, D., Geneiatakis, D., Kambourakis, G., Kolias, C.: Battling against DDoS in SIP: is machine learning-based detection an effective weapon?. In: 2015 12th International Joint Conference on e-Business and Telecommunications (ICETE), Colmar, pp. 301–308 (2015)
Tang, J., Cheng, Y., Hao, Y., Song, W.: SIP flooding attack detection with a multi-dimensional sketch design. IEEE Trans. Dependable Secure Comput. 11(6), 582–595 (2014). https://doi.org/10.1109/TDSC.2014.2302298
Febro, A., Xiao, H., Spring, J.: Distributed SIP DDoS Defense with P4. In: 2019 IEEE Wireless Communications and Networking Conference (WCNC), Marrakesh, Morocco, pp. 1–8 (2019). https://doi.org/10.1109/WCNC.2019.8885926
Antonakakis, M., et al.: Understanding the Mirai Botnet. https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-antonakakis.pdf
Marzano, A., et al.: The evolution of Bashlite and Mirai IoT botnets. In: 2018 IEEE Symposium on Computers and Communications (ISCC), Natal, pp. 00813–00818 (2018). https://doi.org/10.1109/ISCC.2018.8538636
Arora, K., Kumar, K., Sachdeva, M.: Impact analysis of recent DDoS attacks. https://pdfs.semanticscholar.org/a097/9ffca5c4669fd90b2e7b56a831a9e2e8d03a.pdf
Gobbo, N., Merlo, A., Migliardi, M.: A denial of service attack to GSM networks via attach procedure. LNCS, vol. 8128, pp. 361–376 (2013)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Cibin, N., Guerar, M., Merlo, A., Migliardi, M., Verderame, L. (2020). Towards a SIP-based DDoS Attack to the 4G Network. In: Barolli, L., Amato, F., Moscato, F., Enokido, T., Takizawa, M. (eds) Web, Artificial Intelligence and Network Applications. WAINA 2020. Advances in Intelligent Systems and Computing, vol 1150. Springer, Cham. https://doi.org/10.1007/978-3-030-44038-1_78
Download citation
DOI: https://doi.org/10.1007/978-3-030-44038-1_78
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-44037-4
Online ISBN: 978-3-030-44038-1
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)