|
The cellular network is the largest wireless infrastructure deployed today. It offers users mobile Internet access and carrier-grade voice service. Each such service (e.g., data or voice) typically involves operations on both data and control planes. The former transfers service content to users, whereas the latter performs control functions of service instantiation, maintenance, update, and termination. Securing control and data planes is thus critical to mobile network service. Different from the Internet built upon the single best-effort delivery, the fourth-generation (4G) mobile network supports diversified service models. It not only provides multiple priorities within the network (e.g., voice has higher priority than data), but also carries control and data over different radio channels. Consequently, given a service (e.g., voice, video, or messaging), its control-plane and data-plane operations open new venues for security research. This project aims to study both planes in 4G networks from the security perspective. The success of this research will not only protect the trillion-dollar market of mobile voice for billions of smartphone users, but also safeguard the mobile Internet access from attacks initiated by malicious calls. The proposed activity may influence the upcoming 5G technology standardization and train a new generation of engineers and students.
The proposed research has two main thrusts. One is the insecurity analysis of 4G network services. This project examines the control and data planes and their coordination. It conducts thorough theoretical analysis to uncover all potential vulnerabilities, explores novel attacks, and empirically validates those practical threats. The other is to propose defenses to secure both planes from such threats. The solution calls for concerted efforts between the network and the user, and between hardware and software. This project seeks to make three contributions: (1) Systematic disclosure of insecurity on the control-plane and data-plane operations: Both incur new breaches that current defense measures fail to protect; (2) Identification of diverse root causes: Mobile standards stipulate loose regulations, whereas device software and hardware assume protection from each other. As both planes become more accessible to smartphones, no new protection mechanisms are in place. (3) Solution that secures both control-plane and data-plane operations: It adds protection at both hardware and software at mobile devices, and inside the network infrastructure. It further leverages device capabilities while preserving flexible network services.
|
TWC: Small: Collaborative: Cellular Network Services in Peril: A Perspective on Control-Plane and Data-Plane Design