Paging storm attacks against 4G/LTE networks from regional Android botnets: rationale, practicality, and implications

Abstract

Although the impact of mobile botnet attacks against cellular networks has been studied in a number of previous works, little attention has been paid to regional botnets, where bot-infected mobile devices are geographically concentrated at local areas. In this work we investigate a new type of threats called paging storm attacks, which can be launched from a regional botnet to exhaust the limited paging capacity of cells in a 4G/LTE (Long-Term Evolution) network. As paging storm attacks can delay paging requests for legitimate time-critical voice or video calls in a target area, their real-life implications include user annoyance, distortion of call center analytics, and loss of productivity. To demonstrate the feasibility of such attacks, we design and implement a proof-of-concept Android botnet that can coordinate bot activities to create pulsating paging requests within a short period of time. We mathematically analyze the probability that normal paging requests are delayed due to a botnet attack. Experimental results observed from a high-fidelity emulation testbed reveal that paging storm attacks launched from a regional botnet can create repetitive surges of paging requests in the target LTE network, thereby delaying time-critical voice/video calls by several seconds.