JUCS - Journal of Universal Computer Science 21(3): 406-418, doi: 10.3217/jucs-021-03-0406
On the Security of a User Equipment Registration Procedure in Femtocell-Enabled Networks
Chien-Ming Chen‡, Tsu-Yang Wu‡, Raylin Tso§, Masahiro Mambo|, Mu-En Wu¶‡ Harbin Institute of Technology Shenzhen Graduate School, Shenzhen, China§ National Chengchi University, Taipei| Japan, Kanazawa¶ Soochow University, Taipei
Corresponding author: Chien-Ming Chen ( dr.chien-ming.chen@ieee.org ) © Chien-Ming Chen, Tsu-Yang Wu, Raylin Tso, Masahiro Mambo, Mu-En Wu. This article is freely available under the J.UCS Open Content License. Citation:
Chen C-M, Wu T-Y, Tso R, Mambo M, Wu M-E (2015) On the Security of a User Equipment Registration Procedure in Femtocell-Enabled Networks. JUCS - Journal of Universal Computer Science 21(3): 406-418. https://doi.org/10.3217/jucs-021-03-0406 |  |
Abstract
Mobile data traffic has been growing at an increasing rate with the popularity of smartphones, tablets, and other wireless devices. To reduce the load on the network, mobile network operators deploy femtocells to increase their coverage and performance and to eliminate wireless notspots. Femtocells are low-cost devices that connect a new femtocell network architecture to the core telecommunication network through a licensed spectrum and standardized interface protocols. In this paper, we first note that the user equipment registration procedure, which is defined in the 3GPP (Third Generation Partnership Project) standard, in a femtocellenabled network is vulnerable to denial-of-service attacks. We then propose a mechanism to defend against these attacks. For compatibility, the proposed mechanism makes use of the well-defined control message in the 3GPP standard and modifies the user equipment registration procedure as little as possible.
Keywords
Femtocell, denial-of-service attack, 3GPP standard, security