On De-synchronization of User Pseudonyms in Mobile Networks

Mohsin Khan, Kimmo Järvinen, Philip Ginzboorg, Valtteri Niemi

    Tutkimustuotos: Artikkeli kirjassa/konferenssijulkaisussaConference article in proceedingsScientificvertaisarvioitu

    3 Sitaatiot (Scopus)

    Abstrakti

    This paper is in the area of pseudonym-based enhancements of user identity privacy in mobile networks. Khan and Mitchell (2017) have found that in recently published pseudonym-based schemes an attacker can desynchronize the pseudonyms’ state in the user equipment and in its home network. In this paper, we first show that by exploiting this vulnerability a botnet of mobile devices can kick out of service a large portion of the users of a mobile network. We characterize this novel DDoS attack analytically and confirm our analysis using a simulation. Second, we explain how to modify the pseudonym-based schemes in order to mitigate the DDoS attack. The proposed solution is simpler than that in Khan and Mitchell (2017). We also discuss aspects of pseudonym usage in mobile network from charging and regulatory point of view.
    AlkuperäiskieliEnglanti
    OtsikkoInformation Systems Security. ICISS 2017
    Alaotsikko13th International Conference, ICISS 2017, Mumbai, India, December 16-20, 2017, Proceedings
    ToimittajatR. Shyamasundar, V. Singh, J. Vaidya
    KustantajaSpringer
    Sivut347-366
    ISBN (elektroninen)978-3-319-72598-7
    ISBN (painettu)978-3-319-72597-0
    DOI - pysyväislinkit
    TilaJulkaistu - 2017
    OKM-julkaisutyyppiA4 Artikkeli konferenssijulkaisussa
    TapahtumaInternational Conference on Information Systems Security - Mumbai, Intia
    Kesto: 16 jouluk. 201720 jouluk. 2017
    Konferenssinumero: 13

    Julkaisusarja

    NimiLecture Notes in Computer Science
    Vuosikerta10717

    Conference

    ConferenceInternational Conference on Information Systems Security
    LyhennettäICISS
    Maa/AlueIntia
    KaupunkiMumbai
    Ajanjakso16/12/201720/12/2017

    Sormenjälki

    Sukella tutkimusaiheisiin 'On De-synchronization of User Pseudonyms in Mobile Networks'. Ne muodostavat yhdessä ainutlaatuisen sormenjäljen.

    Siteeraa tätä