A detection mechanism for SMS flooding attacks in cellular networks

Eun Kyoung Kim; Patrick McDaniel; Thomas La Porta

doi:10.1007/978-3-642-36883-7_6

A detection mechanism for SMS flooding attacks in cellular networks

Eun Kyoung Kim, Patrick McDaniel, Thomas La Porta

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

8 Scopus citations

Abstract

In recent years, cellular networks have been reported to be susceptible targets for Distributed Denial of Service (DDoS) attacks due to their limited resources. One potential powerful DDoS attack in cellular networks is a SMS flooding attack. Previous research has demonstrated that SMS-capable cellular networks are vulnerable to a SMS flooding attack in which a sufficient rate of SMS messages is sent to saturate the control channels in target areas. We propose a novel detection algorithm which identifies a SMS flooding attack based on the reply rate to messages sent by a handset. We further propose a mitigation technique to reduce the blocking rate caused by the attack. Our simulation results show that the false positive and false negative rates of our detection algorithm are low even when the attack traffic is blended with flash crowd traffic and/or the attack traffic mimics flash crowd traffic, and that the blocking rate is successfully reduced through the mitigation technique.

Original language	English (US)
Title of host publication	Security and Privacy in Communication Networks - 8th International ICST Conference, SecureComm 2012, Revised Selected Papers
Pages	76-93
Number of pages	18
DOIs	https://doi.org/10.1007/978-3-642-36883-7_6
State	Published - 2013
Event	8th International ICST Conference on Security and Privacy in Communication Networks, SecureComm 2012 - Padua, Italy Duration: Sep 3 2012 → Sep 5 2012

Publication series

Name	Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering
Volume	106 LNICS
ISSN (Print)	1867-8211

Other

Other	8th International ICST Conference on Security and Privacy in Communication Networks, SecureComm 2012
Country/Territory	Italy
City	Padua
Period	9/3/12 → 9/5/12

All Science Journal Classification (ASJC) codes

Computer Networks and Communications

Access to Document

10.1007/978-3-642-36883-7_6

Cite this

Kim, E. K., McDaniel, P., & La Porta, T. (2013). A detection mechanism for SMS flooding attacks in cellular networks. In Security and Privacy in Communication Networks - 8th International ICST Conference, SecureComm 2012, Revised Selected Papers (pp. 76-93). (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering; Vol. 106 LNICS). https://doi.org/10.1007/978-3-642-36883-7_6

Kim, Eun Kyoung ; McDaniel, Patrick ; La Porta, Thomas. / A detection mechanism for SMS flooding attacks in cellular networks. Security and Privacy in Communication Networks - 8th International ICST Conference, SecureComm 2012, Revised Selected Papers. 2013. pp. 76-93 (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering).

@inproceedings{850d7727d0374008bec73c220959f018,

title = "A detection mechanism for SMS flooding attacks in cellular networks",

abstract = "In recent years, cellular networks have been reported to be susceptible targets for Distributed Denial of Service (DDoS) attacks due to their limited resources. One potential powerful DDoS attack in cellular networks is a SMS flooding attack. Previous research has demonstrated that SMS-capable cellular networks are vulnerable to a SMS flooding attack in which a sufficient rate of SMS messages is sent to saturate the control channels in target areas. We propose a novel detection algorithm which identifies a SMS flooding attack based on the reply rate to messages sent by a handset. We further propose a mitigation technique to reduce the blocking rate caused by the attack. Our simulation results show that the false positive and false negative rates of our detection algorithm are low even when the attack traffic is blended with flash crowd traffic and/or the attack traffic mimics flash crowd traffic, and that the blocking rate is successfully reduced through the mitigation technique.",

author = "Kim, {Eun Kyoung} and Patrick McDaniel and {La Porta}, Thomas",

year = "2013",

doi = "10.1007/978-3-642-36883-7_6",

language = "English (US)",

isbn = "9783642368820",

series = "Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering",

pages = "76--93",

booktitle = "Security and Privacy in Communication Networks - 8th International ICST Conference, SecureComm 2012, Revised Selected Papers",

note = "8th International ICST Conference on Security and Privacy in Communication Networks, SecureComm 2012 ; Conference date: 03-09-2012 Through 05-09-2012",

}

Kim, EK, McDaniel, P & La Porta, T 2013, A detection mechanism for SMS flooding attacks in cellular networks. in Security and Privacy in Communication Networks - 8th International ICST Conference, SecureComm 2012, Revised Selected Papers. Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, vol. 106 LNICS, pp. 76-93, 8th International ICST Conference on Security and Privacy in Communication Networks, SecureComm 2012, Padua, Italy, 9/3/12. https://doi.org/10.1007/978-3-642-36883-7_6

A detection mechanism for SMS flooding attacks in cellular networks. / Kim, Eun Kyoung; McDaniel, Patrick ; La Porta, Thomas.

Security and Privacy in Communication Networks - 8th International ICST Conference, SecureComm 2012, Revised Selected Papers. 2013. p. 76-93 (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering; Vol. 106 LNICS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - A detection mechanism for SMS flooding attacks in cellular networks

AU - Kim, Eun Kyoung

AU - McDaniel, Patrick

AU - La Porta, Thomas

PY - 2013

Y1 - 2013

N2 - In recent years, cellular networks have been reported to be susceptible targets for Distributed Denial of Service (DDoS) attacks due to their limited resources. One potential powerful DDoS attack in cellular networks is a SMS flooding attack. Previous research has demonstrated that SMS-capable cellular networks are vulnerable to a SMS flooding attack in which a sufficient rate of SMS messages is sent to saturate the control channels in target areas. We propose a novel detection algorithm which identifies a SMS flooding attack based on the reply rate to messages sent by a handset. We further propose a mitigation technique to reduce the blocking rate caused by the attack. Our simulation results show that the false positive and false negative rates of our detection algorithm are low even when the attack traffic is blended with flash crowd traffic and/or the attack traffic mimics flash crowd traffic, and that the blocking rate is successfully reduced through the mitigation technique.

AB - In recent years, cellular networks have been reported to be susceptible targets for Distributed Denial of Service (DDoS) attacks due to their limited resources. One potential powerful DDoS attack in cellular networks is a SMS flooding attack. Previous research has demonstrated that SMS-capable cellular networks are vulnerable to a SMS flooding attack in which a sufficient rate of SMS messages is sent to saturate the control channels in target areas. We propose a novel detection algorithm which identifies a SMS flooding attack based on the reply rate to messages sent by a handset. We further propose a mitigation technique to reduce the blocking rate caused by the attack. Our simulation results show that the false positive and false negative rates of our detection algorithm are low even when the attack traffic is blended with flash crowd traffic and/or the attack traffic mimics flash crowd traffic, and that the blocking rate is successfully reduced through the mitigation technique.

UR - http://www.scopus.com/inward/record.url?scp=84874515318&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84874515318&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-36883-7_6

DO - 10.1007/978-3-642-36883-7_6

M3 - Conference contribution

AN - SCOPUS:84874515318

SN - 9783642368820

T3 - Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering

SP - 76

EP - 93

BT - Security and Privacy in Communication Networks - 8th International ICST Conference, SecureComm 2012, Revised Selected Papers

T2 - 8th International ICST Conference on Security and Privacy in Communication Networks, SecureComm 2012

Y2 - 3 September 2012 through 5 September 2012

ER -

Kim EK, McDaniel P , La Porta T. A detection mechanism for SMS flooding attacks in cellular networks. In Security and Privacy in Communication Networks - 8th International ICST Conference, SecureComm 2012, Revised Selected Papers. 2013. p. 76-93. (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering). doi: 10.1007/978-3-642-36883-7_6

A detection mechanism for SMS flooding attacks in cellular networks

Abstract

Publication series

Other

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this