Countering Mobile Signaling Storms with Counters

  • Erol GelenbeEmail author
  • Omer H. Abdelrahman
Conference paper
Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST, volume 169)


Mobile Networks are subject to signaling storms launched by misbehaving applications or malware, which result in bandwidth overload at the cell level and excessive signaling within the mobile operator, and may also deplete the battery power of mobile devices. This paper reviews the causes of signaling storms and proposes a novel technique for storm detection and mitigation. The approach is based on counting the number of successive signaling transitions that do not utilize allocated bandwidth, and temporarily blocking mobile devices that exceed a certain threshold to avoid overloading the network. Through a mathematical analysis, we derive the optimum value of the counter’s threshold, which minimizes both the number of misbehaving mobiles and the signaling overload in the network. Simulation results are provided to illustrate the effectiveness of the proposed scheme.


Signaling overload Radio resource control M2M IoT Application malfunctions Malware QoS 



We thank Mihajlo Pavloski and Gokce Gorbil for the simulation results, and the EU FP7 project NEMESYS (Enhanced Network Security for Seamless Service Provisioning in the Smart Mobile Ecosystem), grant agreement no. 317888, for financial support.


  1. 1.
    3GPP: Study on machine-type communications (MTC) and other mobile data applications communications enhancements (release 12) (2013). 3GPP TR 23.887.
  2. 2.
    Abdelrahman, O.H., Gelenbe, E.: Signalling storms in 3G mobile networks. In: Proceedings of IEEE International Conference on Communications (ICC), pp. 1017–1022, Sydney (2014). doi: 10.1109/ICC.2014.6883453
  3. 3.
    Abdelrahman, O.H., Gelenbe, E.: A data plane approach for detecting control plane anomalies in mobile networks. In: Proceedings of International Conference on Cyber Physical Systems, IoT and Sensors Networks (Cyclone), Rome (2015)Google Scholar
  4. 4.
    Abdelrahman, O.H., Gelenbe, E., Gorbil, G., Oklander, B.: Mobile network anomaly detection and mitigation: the NEMESYS approach. In: Gelenbe, E., Lent, R. (eds.) Information Sciences and Systems 2013. Lecture Notes in Electrical Engineering, vol. 264, pp. 429–438. Springer, Switzerland (2013). doi: 10.1007/978-3-319-01604-7_42 CrossRefGoogle Scholar
  5. 5.
    Amrutkar, C., Hiltunen, M., Jim, T., Joshi, K., Spatscheck, O., Traynor, P., Venkataraman, S.: Why is my smartphone slow? on the fly diagnosis of underperformance on the mobile internet. In: Proceedings of 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 1–8. IEEE Computer Society, Budapest (2013). doi: 10.1109/DSN.2013.6575301
  6. 6.
    Arbor Networks: Worldwide infrastructure security report (2014).
  7. 7.
    AT&T: Best practices for 3G and 4G app development. Whitepaper (2012).
  8. 8.
    Choi, Y., Yoon, C.H., Kim, Y.S., Heo, S.W., Silvester, J.: The impact of application signaling traffic on public land mobile networks. IEEE Commun. Mag. 52(1), 166–172 (2014). doi: 10.1109/MCOM.2014.6710079 CrossRefGoogle Scholar
  9. 9.
    Coluccia, A., D’alconzo, A., Ricciato, F.: Distribution-based anomaly detection via generalized likelihood ratio test: a general maximum entropy approach. Comput. Netw. 57(17), 3446–3462 (2013). doi: 10.1016/j.comnet.2013.07.028 CrossRefGoogle Scholar
  10. 10.
    Corner, S.: Angry birds + android + ads = network overload (2011).
  11. 11.
    Donegan, M.: Operators urge action against chatty apps. Light Reading Report (2011).
  12. 12.
  13. 13.
    Ericsson: A smartphone app developers guide: Optimizing for mobile networks. Whitepaper (2014).
  14. 14.
    Francois, F., Abdelrahman, O.H., Gelenbe, E.: Impact of signaling storms on energy consumption and latency of LTE user equipment. In: Proceedings of 7th IEEE International Symposium on Cyberspace safety and security (CSS), New York (2015)Google Scholar
  15. 15.
    Gabriel, C.: DoCoMo demands Google’s help with signalling storm (2012).
  16. 16.
    Gelenbe, E.: The first decade of G-networks. Eur. J. Oper. Res. 126(2), 231–232 (2000)CrossRefzbMATHGoogle Scholar
  17. 17.
    Gelenbe, E., Mahmoodi, T.: Energy-aware routing in the cognitive packet network. In: ENERGY, Venice (2011)Google Scholar
  18. 18.
    Gelenbe, E., Morfopoulou, C.: A framework for energy-aware routing in packet networks. Comput. J. 54(6), 850–859 (2011)CrossRefGoogle Scholar
  19. 19.
    Gelenbe, E., Timotheou, S.: Random neural networks with synchronized interactions. Neural Comput. 20(9), 2308–2324 (2008)MathSciNetCrossRefzbMATHGoogle Scholar
  20. 20.
    Gelenbe, E., Wu, F.J.: Large scale simulation for human evacuation and rescue. Comput. Math. Appl. 64(12), 3869–3880 (2012)CrossRefGoogle Scholar
  21. 21.
    Gorbil, G., Abdelrahman, O.H., Gelenbe, E.: Storms in mobile networks. In: Proceedings of 10th ACM Symposium on QoS and Security for Wireless and Mobile Networks (Q2SWinet), Montreal, pp. 119–126 (2014). doi: 10.1145/2642687.2642688
  22. 22.
    Gorbil, G., Abdelrahman, O.H., Pavloski, M., Gelenbe, E.: Modeling and analysis of RRC-based signalling storms in 3G networks. IEEE Trans. Emerg. Topics Comput. 4(1), 113–127 (2016). doi: 10.1109/TETC.2015.2389662 CrossRefGoogle Scholar
  23. 23.
    GSMA: Smarter apps for smarter phones, version 4.0 (2014).
  24. 24.
    Jiantao, S.: Analyzing the network friendliness of mobile applications. Technical report, Huawei (2012).
  25. 25.
    Ksentini, A., Hadjadj-Aoul, Y., Taleb, T.: Cellular-based machine-to-machine: overload control. IEEE Netw. 26(6), 54–60 (2012). doi: 10.1109/MNET.2012.6375894 CrossRefGoogle Scholar
  26. 26.
    Lee, P.P., Bu, T., Woo, T.: On the detection of signaling DoS attacks on 3G wireless networks. In: Proceedings of 26th IEEE Internatioanl Conference on Computer Communications (INFOCOM), pp. 1289–1297 (2007). doi: 10.1109/INFCOM.2007.153
  27. 27.
    Li, J., Pei, W., Cao, Z.: Characterizing high-frequency subscriber sessions in cellular data networks. In: Proceedings of IFIP Networking Conference, Brooklyn, pp. 1–9 (2013)Google Scholar
  28. 28.
    Maslennikov, D.: Mobile malware evolution: Part 6. Technical report, Kaspersky Lab (2013).
  29. 29.
    NSN Smart Labs: Understanding smartphone behavior in the network. White paper (2011).
  30. 30.
    Qian, Z., Wang, Z., Xu, Q., Mao, Z.M., Zhang, M., Wang, Y.M.: You can run, but you can’t hide: exposing network location for targeted DoS attacks in cellular networks. In: Proceedings of Network and Distributed System Security Symposium (NDSS), San Diego, pp. 1–16 (2012)Google Scholar
  31. 31.
    Redding, G.: OTT service blackouts trigger signaling overload in mobile networks (2013).
  32. 32.
    Ricciato, F.: Unwanted traffic in 3G networks. ACM SIGCOMM Comput. Commun. Rev. 36(2), 53–56 (2006). doi: 10.1145/1129582.1129596 CrossRefGoogle Scholar
  33. 33.
    Ricciato, F., Coluccia, A., D’Alconzo, A.: A review of DoS attack models for 3G cellular networks from a system-design perspective. Comput. Commun. 33(5), 551–558 (2010). doi: 10.1016/j.comcom.2009.11.015 CrossRefGoogle Scholar
  34. 34.
    Sakellari, G., Morfopoulou, C., Mahmoodi, T., Gelenbe, E.: Using energy criteria to admit flows in a wired network. In: Gelenbe, E., Lent, R. (eds.) Computer and Information Sciences III, pp. 63–72. Springer, London (2013). doi: 10.1007/978-1-4471-4594-3_7 CrossRefGoogle Scholar
  35. 35.
    Serror, J., Zang, H., Bolot, J.C.: Impact of paging channel overloads or attacks on a cellular network. In: Proceedings of 5th ACM Workshop Wireless Security (WiSe 2006), New York, pp. 75–84 (2006). doi: 10.1145/1161289.1161304
  36. 36.
    Shafiq, M.Z., Ji, L., Liu, A.X., Pang, J., Wang, J.: A first look at cellular machine-to-machine traffic: large scale measurement and characterization. SIGMETRICS Perf. Eval. Rev. 40(1), 65–76 (2012). doi: 10.1145/2318857.2254767 CrossRefGoogle Scholar
  37. 37.
    Traynor, P., Lin, M., Ongtang, M., Rao, V., Jaeger, T., McDaniel, P., La Porta, T.: On cellular botnets: measuring the impact of malicious devices on a cellular network core. In: Proceedings of 16th ACM conference on Computer and Communications Security (CCS), Chicago, pp. 223–234 (2009). doi: 10.1145/1653662.1653690
  38. 38.
    Wang, Z., Qian, Z., Xu, Q., Mao, Z., Zhang, M.: An untold story of middleboxes in cellular networks. In: Proceedings of ACM SIGCOMM, Toronto, pp. 374–385 (2011). doi: 10.1145/2018436.2018479

Copyright information

© ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2016

Authors and Affiliations

  1. 1.Department of Electrical and Electronic EngineeringImperial CollegeLondonUK

Personalised recommendations