1 / 20

Security and Privacy in Next Generation Mobile Networks

Security and Privacy in Next Generation Mobile Networks. Long Term Evolution and Femtocells. By Igor Bilogrevic, LCA1 Supervisor: Jean-Pierre Hubaux. Mini-Project Security and Cooperation in Wireless Networks | EPFL January 19, 2010. Why Next Generation Networks ?.

edric
Download Presentation

Security and Privacy in Next Generation Mobile Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security and Privacy in Next Generation Mobile Networks Long Term Evolution and Femtocells By Igor Bilogrevic, LCA1 Supervisor: Jean-Pierre Hubaux Mini-Project Security and Cooperation in Wireless Networks | EPFL January 19, 2010

  2. Why Next Generation Networks ? • Higher data-rate demands • Smartphones, laptops with 3G modems, multimedia apps • Origin of mobile network traffic* • Weak indoor coverage * Presentations by ABI Research, Picochip, Airvana, IP.access, Gartner, Telefonica Espana, 2nd Int’l. Conf. Home Access Points and Femtocells; http://www.avrenevents.com/dallasfemto2007/purchase_presentations.htm Security and Privacy in Next Generation Mobile Networks

  3. Femtocells • Home base stations for mobile networks • Licensed spectrum • Low-power, low-range • At user’s premises • Operated by cell. provider • Cellular access throughfixed broadband connection (ADSL,…) • Why femtocells? • Better throughput, coverage, lower prices for users • Unload wide area cellular networks, reduce op. costs Security and Privacy in Next Generation Mobile Networks

  4. ProblemStatement • New mobile network architecture • Long Term Evolution is All-IP (EPS) • Untrusted connection: cell site operator • User-installed but operator controlled equipment • Challenges • Contributions Context-aware, user-triggeredtemporary ID change DDoS protection offer/demand model betweenISPs and mobile operators Security and Privacy in Next Generation Mobile Networks

  5. Outline • Related Work • Identity and Location Privacy • Context-aware, user-triggered ID change • Distributed Denial of Service (DDoS) Protection • Location-aware DDoS defense for femtocell networks • Conclusion and Future Work Security and Privacy in Next Generation Mobile Networks

  6. 1. RelatedWork • Privacy in cellular networks • Subscriber de-anonymization using GSM location traces [DeMulderDBP2008] • Privacy-preserving 3-way authentication protocol (PP3WAKA) [KoeinO2006] • Mobile device – serving network – home network • Security in the core network • Nobody talks about it • Economics of DDoS attacks on femtocell gateways [SeguraL2009] • Criminal organizations queried for costs of bandwidth attacks Security and Privacy in Next Generation Mobile Networks

  7. 2. Identity and Location Privacy • Currently in UMTS/LTE • Each device is assigned a temporary identifier • Operator decides when to renew it (one each 100 cells) Pseudo B Pseudo A Pseudo A Pseudo C Pseudo D Pseudo A Pseudo A Security and Privacy in Next Generation Mobile Networks

  8. 2. Identity and Location Privacy • Substantial research in mobile/vehicular ad hoc networks • Temporary identifiers (pseudonyms) • Mix zones [FreudigerSH2009] • Idea for cellular networks • Context-aware, device-triggeredtemporary ID change but • Challenges • Standards • Implementation Security and Privacy in Next Generation Mobile Networks

  9. 3. DDoS Protection Attacker • Intuition • Use femtocell location to enhance protection • Only « insiders » allowed to connect • Model • Interaction ISPs– mobile op • ISPs offer protection, can collaborate • Mobile operator chooses to be protected or not • Each entity wants to maximize individual benefits X Femto GW X « Game Theory … whatelse ? » X Security and Privacy in Next Generation Mobile Networks

  10. 3. DDoS Protection • Game Theory • Stackelberggame • Complete information • Players • Mob. Op  leader, plays first • ISPs followers, know the leader’sstrategy, one-shotgame • Strategies • Mob. Op.  {Protected, Vulnerable} = {P, V} • ISPs {Alone, Cooperate, Nothing} = {A, C, N} Security and Privacy in Next Generation Mobile Networks

  11. 3. DDoS Protection • Payoffs , , “ , , , , Security and Privacy in Next Generation Mobile Networks

  12. 3. DDoS Protection • Results • Mobile operator • ISP j Security and Privacy in Next Generation Mobile Networks

  13. 3. DDoS Protection • Numerical evaluation • 2 games • 1 mobile operator, 2 ISPs  = 0.5  = 0.9 Nash equilibriumis (Alone, Nothing) Nash equilibriumis (Alone, Alone) ? Security and Privacy in Next Generation Mobile Networks

  14. 4. Conclusion • Security and privacy are still an issue • LTE has shortcomings even before its debut • All-IP is more efficient but more exposed to attacks • Contributions • Identified privacy and security challenges in LTE • Suggested context-aware, user-triggered temporary ID change inspired by MANET research • Modeled and numerically evaluated DDoS defense dynamics between ISPs and mobile network operators Security and Privacy in Next Generation Mobile Networks

  15. 4. Future Work • Privacy • Feasibility study of proposed idea • Implementation on mobile devices (N900 ?) • How easy is it to get cell ID on mobile phone? P2P communication? How to trigger core network action? • DDoS Security • Improve flaws of current model • Refine payoff functions, system parameters, effectiveness of ISPs if not exclusive provider Security and Privacy in Next Generation Mobile Networks

  16. References • [DeMulderDBP2008] Y. De Mulder, G. Danezis, L. Batina, and B. Preneel, “Identification via location-profiling in GSM networks,” in Proceedings of the 7th ACM workshop on Privacy in the electronic society. ACM New York, NY, USA, 2008, pp. 23–32. • [FreudigerSH2009] J. Freudiger, R. Shokri, and J.-P. Hubaux, “On the optimal placement of mix zones,” in The 9th Privacy Enhancing Technologies Symposium. Springer, 2009. • [KoeinO2006] G. Koien and V. Oleshchuk, “Location Privacy for Cellular Systems; Analysis and Solution,” Lecture Notes in Computer Science, vol. 3856, p. 40, 2006. • [SeguraL2009] V. Segura and J. Lahuerta, “Modeling the economic incentives of DDoS Attacks: femtocell case study,” The Eighth Workshop on the Economics of Information Security (WEIS 2009), 2009. Security and Privacy in Next Generation Mobile Networks

  17. Backup Slides Security and Privacy in Next Generation Mobile Networks

  18. Network Architectures • 3G: UMTS vs LTE Security and Privacy in Next Generation Mobile Networks

  19. Security and Privacy Challenges • New threats • Attacks on femtocells • Attacks on backhaul and core network (IPsec tunnel) Source: www.SafeNet-Inc.com Security and Privacy in Next Generation Cellular Networks

  20. Location and Identity Privacy • UMTS and LTE identity management • Temporary identifiers (“pseudonyms”) LA 0 Pseudo A LA 1 Pseudo B LA 3 Pseudo D LA 2 Pseudo C Security and Privacy in Next Generation Cellular Networks

More Related