Counter based Detection and Mitigation of Signalling Attacks

Mihajlo Pavloski; Gökçe Görbil; Erol Gelenbe

doi:10.5220/0005573504130418

Counter based Detection and Mitigation of Signalling Attacks

Mihajlo Pavloski, Gökçe Görbil, Erol Gelenbe

2015

Abstract

The increase of the number of smart devices using mobile networks’ services is followed by the increase of the number of security threats for mobile devices, generating new challenges for mobile network operators. Signalling attacks and storms represent an emerging type of distributed denial of service (DDoS) attacks and happen because of special malware installed on smart devices. These attacks are performed in the control plane of the network, rather than the data plane, and their goal is to overload the Signalling servers which leads to service degradation and even network failures. This paper proposes a detection and mitigation mechanism of such attacks which is based on counting repetitive bandwidth allocations by mobile terminals and blocking the misbehaving ones. The mechanism is implemented in our simulation environment for security in mobile networks SECSIM. The detector is evaluated calculating the probabilities of false positive and false negative detection and is characterised by very low negative impact on un-attacked terminals. Simulation results using joint work of both detector and mitigator, are shown for: the number of allowed attacking bandwidth allocations, end-to-end delay for normal users, wasted bandwidth and load on the Signalling server. Results suggest that for some particular settings of the mechanism, the impact of the attack is successfully lowered, keeping the network in stable condition and protecting the normal users from service degradations.

Download

Paper Citation

in Harvard Style

Pavloski M., Görbil G. and Gelenbe E. (2015). Counter based Detection and Mitigation of Signalling Attacks . In Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015) ISBN 978-989-758-117-5, pages 413-418. DOI: 10.5220/0005573504130418

in Bibtex Style

@conference{secrypt15,
author={Mihajlo Pavloski and Gökçe Görbil and Erol Gelenbe},
title={Counter based Detection and Mitigation of Signalling Attacks},
booktitle={Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)},
year={2015},
pages={413-418},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005573504130418},
isbn={978-989-758-117-5},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)
TI - Counter based Detection and Mitigation of Signalling Attacks
SN - 978-989-758-117-5
AU - Pavloski M.
AU - Görbil G.
AU - Gelenbe E.
PY - 2015
SP - 413
EP - 418
DO - 10.5220/0005573504130418