Zhaowei Tan, Boyan Ding, Jinghao Zhao, Yunqi Guo, Songwu Lu
{"title":"蜂窝物联网中的数据平面信令:攻击与防御","authors":"Zhaowei Tan, Boyan Ding, Jinghao Zhao, Yunqi Guo, Songwu Lu","doi":"10.1145/3447993.3483255","DOIUrl":null,"url":null,"abstract":"In this paper, we devise new attacks exploiting the unprotected data-plane signaling in cellular IoT networks (aka both NB-IoT and Cat-M). We show that, despite the deployed security mechanisms on both control-plane signaling and data-plane packet forwarding, novel data-plane signaling attacks are still feasible. Such attacks exhibit a variety of attack forms beyond simplistic packet-blasting, denial-of-service (DoS) threats, including location privacy breach, packet delivery loop, prolonged data delivery, throughput limiting, radio resource draining, and connection reset. Our testbed evaluation and operational network validation have confirmed the viability. We further propose a new defense solution within the 3GPP C-IoT standard framework.","PeriodicalId":177431,"journal":{"name":"Proceedings of the 27th Annual International Conference on Mobile Computing and Networking","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-10-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"Data-plane signaling in cellular IoT: attacks and defense\",\"authors\":\"Zhaowei Tan, Boyan Ding, Jinghao Zhao, Yunqi Guo, Songwu Lu\",\"doi\":\"10.1145/3447993.3483255\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In this paper, we devise new attacks exploiting the unprotected data-plane signaling in cellular IoT networks (aka both NB-IoT and Cat-M). We show that, despite the deployed security mechanisms on both control-plane signaling and data-plane packet forwarding, novel data-plane signaling attacks are still feasible. Such attacks exhibit a variety of attack forms beyond simplistic packet-blasting, denial-of-service (DoS) threats, including location privacy breach, packet delivery loop, prolonged data delivery, throughput limiting, radio resource draining, and connection reset. Our testbed evaluation and operational network validation have confirmed the viability. We further propose a new defense solution within the 3GPP C-IoT standard framework.\",\"PeriodicalId\":177431,\"journal\":{\"name\":\"Proceedings of the 27th Annual International Conference on Mobile Computing and Networking\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-10-19\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 27th Annual International Conference on Mobile Computing and Networking\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3447993.3483255\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 27th Annual International Conference on Mobile Computing and Networking","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3447993.3483255","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Data-plane signaling in cellular IoT: attacks and defense
In this paper, we devise new attacks exploiting the unprotected data-plane signaling in cellular IoT networks (aka both NB-IoT and Cat-M). We show that, despite the deployed security mechanisms on both control-plane signaling and data-plane packet forwarding, novel data-plane signaling attacks are still feasible. Such attacks exhibit a variety of attack forms beyond simplistic packet-blasting, denial-of-service (DoS) threats, including location privacy breach, packet delivery loop, prolonged data delivery, throughput limiting, radio resource draining, and connection reset. Our testbed evaluation and operational network validation have confirmed the viability. We further propose a new defense solution within the 3GPP C-IoT standard framework.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
