目前針對分散式資源網路的分散式阻斷攻擊 (DDoS) 已被廣泛研究，這類攻擊者 的目標在於破壞由一台或多台伺服器所提供之正常服務。此類型攻擊於近期興起 的 LTE 網路上，其影響仍為一個懸而未解的問題，即本文主要探討議題。本研究 建立了 4G LTE 實驗平台，針對流量消耗、網路協定及應用軟體各不同類型，實 作現有 DDoS 攻擊，實驗手機為可取得超級使用者 (root) 權限之 Android 手機， 目標網路由開源軟體 OpenAirInterface (OAI) 搭建。此外為有效偵測各攻擊，亦 額外建立監控模組收集攻擊流量封包、執行代碼及樣態，透過最終評估結果可發 現，現有基於 IP 的 DDoS 攻擊在 LTE 網路中可以成功實現，且對 LTE 實驗網 路造成巨大網路流量。

The infamous distributed denial-of-service (DDoS) cyberattack in which attackers aim to disrupt normal services provided by one or more servers over the Internet based on distributed resources have been deeply investigated. However, the impacts on the recent popular LTE networks remain an open issue and becomes the main target of this paper. We implement the different types of existing DDoS attacks against volume, protocols, and applications in experimental 4G LTE networks. In particular, the attack is developed on the rooted Android mobile phone and the targeted networks build by using OpenAirInterface (OAI) platform. An additional monitoring module is included to capture the packets, payloads, and patterns gen- erated from attacks. The evaluated results show that the existing IP-based DDoS attack can be successfully launched and cause significant amount of traffic volume to the experimental networks.

[1] S. Mavoungou, G. Kaddoum, M. Taha, and G. Matar, “Survey on threats and attacks on mobile networks,” IEEE Access, vol. 4, pp. 4543–4572, Aug. 2016.
[2] D. Rupprecht, A. Dabrowski, T. Holz, E. Weippl, and C. Pöpper, “On security research towards future mobile network generations,” IEEE Commun. Surveys Tuts., vol. 20, no. 3, pp. 2518–2542, 3rd-quarter 2018.
[3] S. Steig, A. Aarnes, T. Van Do, and H. T. Nguyen, “A network based IMSI catcher detection,” in Proc. IEEE ICITCS 2016, Sep. 2016.
[4] S. Park, A. Shaik, R. Borgaonkar, A. Martin, and J.-P. Seifert, “Whitestingray: Evaluating IMSI catchers detection applications,” in Proc. USENIX WOOT 2017, Aug. 2017.
[5] A. Shaik, R. Borgaonkar, N. Asokan, V. Niemi, and J.-P. Seifert, “Practical attacks against privacy and availability in 4G/LTE mobile communication sys- tems,” in Proc. NDSS 2016, Feb. 2016.
[6] A. Shaik, R. Borgaonkar, S. Park, and J.-P. Seifert, “On the impact of rogue base stations in 4G/LTE self organizing networks,” in Proc. ACM WiSec 2018, Jun. 2018, pp. 75–86.
[7] T. Fei and W. Wang, “LTE is vulnerable: Implementing identity spoofing and Denial-of-Service attacks in LTE networks,” in Proc. IEEE Globecom 2019, Dec. 2019.
[8] M. Khosroshahy, D. Qiu, and M. K. M. Ali, “Botnets in 4G cellular networks: Platforms to launch DDoS attacks against the air interface,” in Proc. MoWNeT 2013, Aug. 2013, pp. 30–35.
[9] J. Henrydoss and T. Boult, “Critical security review and study of DDoS attacks on LTE mobile network,” in Proc. APWIMOB 2014, Aug. 2014, pp. 194–200.
[10] R. P. Jover, “Security attacks against the availability of LTE mobility networks: Overview and research directions,” in Proc. IEEE WPMC 2013, Jun. 2013.
27
[11] A. Gupta, T. Verma, S. Bali, and S. Kaul, “Detecting MS initiated signaling DDoS attacks in 3G/4G wireless networks,” in Proc. COMSNETS 2013, Jan. 2013.
[12] A. Shaik, R. Borgaonkar, S. Park, and J.-P. Seifert, “New vulnerabilities in 4G and 5G cellular access network protocols: exposing device capabilities,” in Proc. ACM WiSec 2019, May 2019, pp. 221–231.
[13] G. Lee, J. Lee, J. Lee, Y. Im, M. Hollingsworth, E. Wustrow, D. Grunwald, and S. Ha, “This is your president speaking: Spoofing alerts in 4G LTE networks,” in Proc. ACM MobiSys 2019, Jun. 2019, pp. 404–416.
[14] R. P. Jover, “LTE security, protocol exploits and location tracking experimen- tation with low-cost software radio,” arXiv preprint arXiv:1607.05171, Jul. 2016.
[15] R. Borgaonkar, L. Hirschi, S. Park, and A. Shaik, “New privacy threat on 3G, 4G, and upcoming 5G AKA protocols,” Proceedings on Privacy Enhancing Technologies, vol. 3, pp. 108–127, Jul. 2019.
[16] D. Rupprecht, K. Kohls, T. Holz, and C. Pöpper, “Breaking LTE on layer two,” in Proc. IEEE S&P 2019, May 2019.
[17] W.-L. Heish, B.-K. Hong, and S.-M. Cheng, “Toward large-scale rogue base station attacks using container-based virtualization,” in Proc. IEEE VTC-Fall 2019, Sep. 2019.
[18] P. Farina, E. Cambiaso, G. Papaleo, and M. Aiello, “Understanding DDoS attacks from mobile devices,” in Proc. FiCloud 2015, Aug. 2015, pp. 614–619.
[19] Y. Kouraogo, K. Zkik, G. Orhanou et al., “Attacks on Android banking appli- cations,” in Proc. ICEMIS 2016, Sep. 2016.
[20] Y.-a. Tan, Y. Xue, C. Liang, J. Zheng, Q. Zhang, J. Zheng, and Y. Li, “A root privilege management scheme with revocable authorization for Android devices,” Journal of Network and Computer Applications, vol. 107, pp. 69–82, Apr. 2018.
[21] N. Agrawal and S. Tapaswi, “Defense mechanisms against DDoS attacks in a cloud computing environment: State-of-the-art and research challenges,” IEEE Commun. Surveys Tuts., vol. 21, no. 4, pp. 3769–3795, 4th-quarter 2019.
[22] T. Byrd, V. Marojevic, and R. P. Jover, “CSAI: Open-source cellular radio access network security analysis instrument,” arXiv:1905.07617, May 2019.
[23] X. Hu, C. Liu, S. Liu, W. You, Y. Li, and Y. Zhao, “A systematic analysis method for 5G Non-Access stratum signalling security,” IEEE Access, vol. 7, pp. 125 424–125 441, Aug. 2019.