Skip to main content
SpringerLink
Log in

Dependency relation based vulnerability analysis of 3G networks: Can it identify unforeseen cascading attacks?

  • Published:
Telecommunication Systems Aims and scope Submit manuscript

Abstract

Cascading attacks pose a new threat to the third generation (3G) wireless telecommunications network. These attacks are dangerous and difficult to detect due to their remote far-reaching effects. To automate the accurate detection of these attacks and their remote effects, we developed a telecommunication specification based toolkit called the Advanced Cellular Network Vulnerability Assessment Toolkit—aCAT. aCAT is unique due to the incorporation of 3G network specific dependency model, infection propagation rules, as well as expert knowledge. These features allow aCAT to accurately and exhaustively identify cascading attacks and their remote effects. aCAT illustrates the types of cascading attacks that may be derived from the specifications, and showcases its utility in uncovering these attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. 3GPP. (1999). 3g security; security principles and objectives. Technical Standard 3G TS 33.120 V3.0.0, 3G Partnership Project, May 1999.

  2. 3GPP. (1999) 3g security; security threats and requirements. Technical Standard 3G TS 21.133 V3.1.0, 3G Partnership Project, Dec. 1999.

  3. 3GPP. (1999). Basic call handling – technical realisation. Technical Standard 3GPP TS 23.018 V3.4.0, 3G Partnership Project, April 1999.

  4. 3GPP. (1999). Mobile application part (map) specification. Technical Standard 3GPPTS 29.002 V3.4.0, 3G Partnership Project, April 1999.

  5. 3GPP. (1999). A guide to 3rd generation security. Technical Standard 3GPP TR 33.900 V1.2.0, 3G Partnership Project, Jan. 2001.

  6. G. 3GPP. Third generation partnership project. In http://www.3gpp.org/.

  7. Ammann, P., Wijesekera, D., & Kaushik, S. (2002). Scalable, graph-based network vulnerability analysis. In Proceedings of the 9th ACM conference on Computer and communications security (CCS ’02) (pp. 217–224), November 2002.

  8. Bharghavan, V., & Ramamoorthy, C. (1996). Security issues in mobile communications. In Proceedings ISADS 95. Second international symposium on autonomous decentralized systems (pp. 19–24), April 1995.

  9. Boman, K., Horn, G., Howard, P., & Niemi, V. (2002). Umts security. Electronics Communications Engineering Journal: Special issue security for mobility, 14(5), 191–204.

    Google Scholar 

  10. Brookson, C. B. (1995). Security in current systems. In IEE colloquium on security in networks, number Digest No. 1995 024 (pp. 3/1–3/6), February 1995.

  11. Clissmann, C., & Patel, A. (1994). Security for mobile users of telecommunication services. In Universal personal communications, ICUPC ’94 (pp. 350–353), October 1994.

  12. Cuppens, F., & Miège, A. (2002). Alert correlation in a cooperative intrusion detection framework. In Proceedings of the 2002 IEEE symposium on security and privacy (pp. 202–215), May 2002.

  13. Cuppens, F., & Ortalo, R. (2000). Lambda: A language to model a database for detection of attacks. In Recent advances in intrusion detection (pp. 197–216).

  14. El-Fishway, N. A., Nofal, M. A., & Tadros, A. M. (2003). An improvement on secure communication in PCS. In Performance, computing, and communications conference, 2003. Conference proceedings of the 2003 IEEE international (pp. 175–182), April 2003.

  15. Ellsberger, J., Hogrefe, D., & Sarma, A. (1997). SDL, formal object-oriented language for communicating systems. Prentice Hall.

  16. Enck, W., Traynor, P., McDaniel, P., & La Porta, T. F. (2005). Exploiting open functionality in sms-capable cellular networks. In CCS ’05: Proceedings of the 12th ACM conference on computer and communications security. ACM Press.

  17. Howard, P., Walker, M., & Wright, T. (2001). Towards a coherent approach to third generation system security. In Second international conference, 3G mobile communication technologies (pp. 21–27), Nov. 2001.

  18. Jha, S., Sheyner, O., & Wing, J. (2002). Two formal analysis of attack graphs. In Proceedings of the 15th IEEE Computer Security Foundations Workshop (CSFW’02) (p. 49). Washington, DC, USA: IEEE Computer Society, June 2002.

  19. Jha, S., Sheyner, O., & Wing, J. M. (2002). Minimization and reliability analyses of attack graphs. Technical Report CMU-CS-02-109, February 2002.

  20. Kotapati, K., Liu, P., & La Porta, T. F. (2006). CAT – A practical graph & SDL based toolkit for vulnerability assessment of 3G networks. In Proceedings of the 21st IFIP TC-11 international information security conference, “Security and privacy in dynamic environments”, SEC 2006, May 2006.

  21. Kotapati, K., Liu, P., Sun, Y., & La Porta, T. F. (2005). A taxonomy of cyber attacks on 3G networks. In Lecture notes in computer science. Proceedings IEEE international conference on intelligence and security informatics, ISI (pp. 631–633). Springer-Verlag, May 2005.

  22. Lee, C., Hwang, M., & Yang, W. (1999). Enhanced privacy and authentication for the global system for mobile communications. Wireless Networks, 5(4), 231–243.

    Article  Google Scholar 

  23. Lo, C. C., & Chen, Y. J. (1999). Secure communication mechanisms for GSM networks. In Lecture notes in computer science. IEEE transactions on consumer electronics (pp. 1074–1080), Nov. 1999.

  24. Mitchell, C. (1995). Security techniques. Proceedings of the IEE electronics division colloquium on security in networks, 14(IEE (London) Digest No: 1995/024):2/1–2/6, February 1995.

  25. Moore, D., Paxson, V., Savage, S., Shannon, C., Staniford, S., & Weaver, N. (2003). Inside the slammer worm. IEEE Security and Privacy, 1(4), 33–39.

    Article  Google Scholar 

  26. Moore, T., Kosloff, T., Keller, J., Manes, G., & Shenoi, S. (2002). Signaling System 7 (SS7) network security. In Proceedings of the IEEE 45th midwest symposium on circuits and systems, August 2002.

  27. Ning, P., Cui, Y., & Reeves, D. S. (2002). Constructing attack scenarios through correlation of intrusion alerts. In Proceedings of the 9th ACM conference on Computer & Communications Security (CCS ’02) (pp. 245–254), Nov. 2002.

  28. Ning, P., & Xu, D. (2003). Learning attack strategies from intrusion alerts. In Proceedings of the 10th ACM conference on Computer and Communications Security (CCS ’03) (pp. 200–209), Oct. 2003.

  29. Ning, P., Xu, D., Healey, C. G., & St. Amant, R. A. (2004). Building attack scenarios through integration of complementary alert correlation methods. In Proceedings of the 11th annual Network and Distributed System Security Symposium (NDSS ’04) (pp. 97–111), Feb. 2004.

  30. Ou, X., Govindavajhala, S., & Appel, A. (2005). MulVAL: A logic-based network security analyzer. In Proceedings of the 14th Usenix security symposium (pp. 113–128), August 2005.

  31. Phillips, C., & Swiler, L. P. (1998). A graph-based system for network-vulnerability analysis. In Proceedings of the 1998 workshop on New security paradigms (NSPW ’98).

  32. Ramakrishnan, C. R., & Sekar, R. C. (2002). Model-based analysis of configuration vulnerabilities. Journal of Computer Security.

  33. Ritchey, R. W., & Ammann, P. (2000). Using model checking to analyze network vulnerabilities. In Proceedings 2000 IEEE computer society symposium on security and privacy (vol. 00, pp. 156–165). Los Alamitos: IEEE Computer Society.

    Google Scholar 

  34. Sheyner, O., Haines, J., Jha, S., Lippmann, R., & Wing, J. M. (2002) Automated generation and analysis of attack graphs. In Proceedings of the 2002 IEEE symposium on security and privacy, May 2002.

  35. Sheyner, O., & Wing, J. (2005). Tools for generating and analyzing attack graphs. In Lecture notes in computer science. Proceedings of formal methods for components and objects (pp. 344–371).

  36. Swiler, L., Phillips, C., Ellis, D., & Chakerian, S. (2001). Computer-attack graph generation tool. In Proceedings of the DARPA information survivability conference and exposition II, June 2001.

  37. Swiler, L. P., Philips, C., & Gaylor, T. (1998). A graph-based network vulnerability analysis system. SandiaReport SAND97-3010/1, Sandia National Laboratories, January 1998.

  38. Switch. 5ESS switch. http://www.alleged.com/telephone/5ESS/.

  39. Telcoman. CENTRAL OFFICES. http://www.thecentraloffice.com/.

  40. Templeton, S. J., & Levitt, K. (2000). A requires/provides model for computer attacks. In Proceedings of the 2000 workshop on New security paradigms (NSPW ’00) (pp. 31–38). New York: ACM Press, September 2000.

    Chapter  Google Scholar 

  41. Welch, D., & Lathrop, S. (2003). Wireless security threat taxonomy. In IEEE workshop on information assurance. IEEE Systems, Man and Cybernetics Society Information Assurance Workshop (pp. 76–83), Jun. 2003.

  42. Zerkle, D., & Levitt, K. (1996). NetKuang – A multi-host configuration vulnerability checker. In Proceedings of the sixth USENIX security symposium (pp. 195–201).

Download references

Author information

Authors and Affiliations

  1. The Pennsylvania State University, University Park, PA, 16802, USA

    Kameswari Kotapati, Peng Liu & Thomas F. La Porta

Authors
  1. Kameswari Kotapati
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Peng Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Thomas F. La Porta
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Kameswari Kotapati.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Kotapati, K., Liu, P. & La Porta, T.F. Dependency relation based vulnerability analysis of 3G networks: Can it identify unforeseen cascading attacks?. Telecommun Syst 35, 99–122 (2007). https://doi.org/10.1007/s11235-007-9046-0

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11235-007-9046-0

Keywords

Search

Navigation