security and privacy in next generation mobile networks l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Security and Privacy in Next Generation Mobile Networks PowerPoint Presentation
Download Presentation
Security and Privacy in Next Generation Mobile Networks

Loading in 2 Seconds...

play fullscreen
1 / 20

Security and Privacy in Next Generation Mobile Networks - PowerPoint PPT Presentation


  • 89 Views
  • Uploaded on

Security and Privacy in Next Generation Mobile Networks. Long Term Evolution and Femtocells. By Igor Bilogrevic, LCA1 Supervisor: Jean-Pierre Hubaux. Mini-Project Security and Cooperation in Wireless Networks | EPFL January 19, 2010. Why Next Generation Networks ?.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

Security and Privacy in Next Generation Mobile Networks


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
security and privacy in next generation mobile networks

Security and Privacy in Next Generation Mobile Networks

Long Term Evolution and Femtocells

By Igor Bilogrevic, LCA1

Supervisor: Jean-Pierre Hubaux

Mini-Project

Security and Cooperation in Wireless Networks | EPFL

January 19, 2010

why next generation networks
Why Next Generation Networks ?
  • Higher data-rate demands
    • Smartphones, laptops with 3G modems, multimedia apps
  • Origin of mobile network traffic*
  • Weak indoor coverage

* Presentations by ABI Research, Picochip, Airvana, IP.access, Gartner, Telefonica Espana, 2nd Int’l. Conf. Home Access Points and Femtocells;

http://www.avrenevents.com/dallasfemto2007/purchase_presentations.htm

Security and Privacy in Next Generation Mobile Networks

femtocells
Femtocells
  • Home base stations for mobile networks
    • Licensed spectrum
    • Low-power, low-range
    • At user’s premises
    • Operated by cell. provider
    • Cellular access throughfixed broadband connection (ADSL,…)
  • Why femtocells?
    • Better throughput, coverage, lower prices for users
    • Unload wide area cellular networks, reduce op. costs

Security and Privacy in Next Generation Mobile Networks

problem statement
ProblemStatement
  • New mobile network architecture
    • Long Term Evolution is All-IP (EPS)
    • Untrusted connection: cell site operator
    • User-installed but operator controlled equipment
  • Challenges
  • Contributions

Context-aware, user-triggeredtemporary ID change

DDoS protection offer/demand model betweenISPs and mobile operators

Security and Privacy in Next Generation Mobile Networks

outline
Outline
  • Related Work
  • Identity and Location Privacy
    • Context-aware, user-triggered ID change
  • Distributed Denial of Service (DDoS) Protection
    • Location-aware DDoS defense for femtocell networks
  • Conclusion and Future Work

Security and Privacy in Next Generation Mobile Networks

1 related work
1. RelatedWork
  • Privacy in cellular networks
    • Subscriber de-anonymization using GSM location traces [DeMulderDBP2008]
    • Privacy-preserving 3-way authentication protocol (PP3WAKA) [KoeinO2006]
      • Mobile device – serving network – home network
  • Security in the core network
    • Nobody talks about it
    • Economics of DDoS attacks on femtocell gateways [SeguraL2009]
      • Criminal organizations queried for costs of bandwidth attacks

Security and Privacy in Next Generation Mobile Networks

2 identity and location privacy
2. Identity and Location Privacy
  • Currently in UMTS/LTE
    • Each device is assigned a temporary identifier
    • Operator decides when to renew it (one each 100 cells)

Pseudo B

Pseudo A

Pseudo A

Pseudo C

Pseudo D

Pseudo A

Pseudo A

Security and Privacy in Next Generation Mobile Networks

2 identity and location privacy8
2. Identity and Location Privacy
  • Substantial research in mobile/vehicular ad hoc networks
    • Temporary identifiers (pseudonyms)
    • Mix zones [FreudigerSH2009]
  • Idea for cellular networks
  • Context-aware, device-triggeredtemporary ID change

but

  • Challenges
  • Standards
  • Implementation

Security and Privacy in Next Generation Mobile Networks

3 ddos protection
3. DDoS Protection

Attacker

  • Intuition
    • Use femtocell location to enhance protection
    • Only « insiders » allowed to connect
  • Model
    • Interaction ISPs– mobile op
      • ISPs offer protection, can collaborate
      • Mobile operator chooses to be protected or not
    • Each entity wants to maximize individual benefits

X

Femto GW

X

« Game Theory … whatelse ? »

X

Security and Privacy in Next Generation Mobile Networks

3 ddos protection10
3. DDoS Protection
  • Game Theory
    • Stackelberggame
    • Complete information
  • Players
    • Mob. Op  leader, plays first
    • ISPs followers, know the leader’sstrategy, one-shotgame
  • Strategies
    • Mob. Op.  {Protected, Vulnerable} = {P, V}
    • ISPs {Alone, Cooperate, Nothing} = {A, C, N}

Security and Privacy in Next Generation Mobile Networks

3 ddos protection11
3. DDoS Protection
  • Payoffs

,

,

,

,

,

,

Security and Privacy in Next Generation Mobile Networks

3 ddos protection12
3. DDoS Protection
  • Results
    • Mobile operator
    • ISP j

Security and Privacy in Next Generation Mobile Networks

3 ddos protection13
3. DDoS Protection
  • Numerical evaluation
    • 2 games
      • 1 mobile operator, 2 ISPs

 = 0.5

 = 0.9

Nash equilibriumis

(Alone, Nothing)

Nash equilibriumis

(Alone, Alone)

?

Security and Privacy in Next Generation Mobile Networks

4 conclusion
4. Conclusion
  • Security and privacy are still an issue
    • LTE has shortcomings even before its debut
    • All-IP is more efficient but more exposed to attacks
  • Contributions
    • Identified privacy and security challenges in LTE
    • Suggested context-aware, user-triggered temporary ID change inspired by MANET research
    • Modeled and numerically evaluated DDoS defense dynamics between ISPs and mobile network operators

Security and Privacy in Next Generation Mobile Networks

4 future work
4. Future Work
  • Privacy
    • Feasibility study of proposed idea
    • Implementation on mobile devices (N900 ?)
      • How easy is it to get cell ID on mobile phone? P2P communication? How to trigger core network action?
  • DDoS Security
    • Improve flaws of current model
      • Refine payoff functions, system parameters, effectiveness of ISPs if not exclusive provider

Security and Privacy in Next Generation Mobile Networks

references
References
  • [DeMulderDBP2008] Y. De Mulder, G. Danezis, L. Batina, and B. Preneel, “Identification via location-profiling in GSM networks,” in Proceedings of the 7th ACM workshop on Privacy in the electronic society. ACM New York, NY, USA, 2008, pp. 23–32.
  • [FreudigerSH2009] J. Freudiger, R. Shokri, and J.-P. Hubaux, “On the optimal placement of mix zones,” in The 9th Privacy Enhancing Technologies Symposium. Springer, 2009.
  • [KoeinO2006] G. Koien and V. Oleshchuk, “Location Privacy for Cellular Systems; Analysis and Solution,” Lecture Notes in Computer Science, vol. 3856, p. 40, 2006.
  • [SeguraL2009] V. Segura and J. Lahuerta, “Modeling the economic incentives of DDoS Attacks: femtocell case study,” The Eighth Workshop on the Economics of Information Security (WEIS 2009), 2009.

Security and Privacy in Next Generation Mobile Networks

backup slides
Backup Slides

Security and Privacy in Next Generation Mobile Networks

network architectures
Network Architectures
  • 3G: UMTS vs LTE

Security and Privacy in Next Generation Mobile Networks

security and privacy challenges
Security and Privacy Challenges
  • New threats
    • Attacks on femtocells
    • Attacks on backhaul and core network (IPsec tunnel)

Source: www.SafeNet-Inc.com

Security and Privacy in Next Generation Cellular Networks

location and identity privacy
Location and Identity Privacy
  • UMTS and LTE identity management
    • Temporary identifiers (“pseudonyms”)

LA 0

Pseudo A

LA 1

Pseudo B

LA 3

Pseudo D

LA 2

Pseudo C

Security and Privacy in Next Generation Cellular Networks