Research Article
A Detection Mechanism for SMS Flooding Attacks in Cellular Networks
@INPROCEEDINGS{10.1007/978-3-642-36883-7_6, author={Eun Kim and Patrick McDaniel and Thomas Porta}, title={A Detection Mechanism for SMS Flooding Attacks in Cellular Networks}, proceedings={Security and Privacy in Communication Networks. 8th International ICST Conference, SecureComm 2012, Padua, Italy, September 3-5, 2012. Revised Selected Papers}, proceedings_a={SECURECOMM}, year={2013}, month={2}, keywords={SMS flooding attack DDoS attack flash crowd anomaly detection modeling cellular network}, doi={10.1007/978-3-642-36883-7_6} }- Eun Kim
Patrick McDaniel
Thomas Porta
Year: 2013
A Detection Mechanism for SMS Flooding Attacks in Cellular Networks
SECURECOMM
Springer
DOI: 10.1007/978-3-642-36883-7_6
Abstract
In recent years, cellular networks have been reported to be susceptible targets for Distributed Denial of Service (DDoS) attacks due to their limited resources. One potential powerful DDoS attack in cellular networks is a SMS flooding attack. Previous research has demonstrated that SMS-capable cellular networks are vulnerable to a SMS flooding attack in which a sufficient rate of SMS messages is sent to saturate the control channels in target areas. We propose a novel detection algorithm which identifies a SMS flooding attack based on the reply rate to messages sent by a handset. We further propose a mitigation technique to reduce the blocking rate caused by the attack. Our simulation results show that the false positive and false negative rates of our detection algorithm are low even when the attack traffic is blended with flash crowd traffic and/or the attack traffic mimics flash crowd traffic, and that the blocking rate is successfully reduced through the mitigation technique.