Cellpot: A Concept for Next Generation Cellular Network Honeypots

Smartphones have been shown to be vulnerable. Similarly, cellular networks have been shown to be vulnerable to denial of service attacks through signaling. Attackers can use compromised smartphones to remotely attack the cellular network. Therefore the mobile network operator requires measures to detect and mitigate attacks as they emerge. In the past honeypots proved to be a valuable tool to detect ongoing attacks. Several designs for honeypots on smartphones have been proposed. However, their utility is hampered as they are unlikely to achieve a sufficient coverage. In this paper we introduce Cellpot as a novel honeypot concept for threat detection and defence directly inside the cellular network. Cellpot comprises an army of honeypots that are deployed on small cell base stations and is under full control of the operator. We show that Cellpot provides a cost-effective and scalable way for operators to detect and mitigate threats to their core network by reducing signaling overhead. We also present selected applications such as prevention of SMS spam, mobile theft and mobile malware.

[1]  Jean-Pierre Seifert,et al.  Experimental Analysis of the Femtocell Location Verification Techniques , 2010, NordSec.

[2]  Thomas F. La Porta,et al.  On cellular botnets: measuring the impact of malicious devices on a cellular network core , 2009, CCS.

[3]  Ayman I. Kayssi,et al.  Signaling oriented denial of service on LTE networks , 2012, MobiWac '12.

[4]  Hui Zang,et al.  Impact of paging channel overloads or attacks on a cellular network , 2006, WiSe '06.

[5]  Collin Mulliner,et al.  Nomadic Honeypots : A Novel Concept for Smartphone Honeypots , 2013 .

[6]  Zhiguang Qin,et al.  Honeypot: a supplemented active defense system for network security , 2003, Proceedings of the Fourth International Conference on Parallel and Distributed Computing, Applications and Technologies.

[7]  Matthias Lange,et al.  Taming Mr Hayes: Mitigating signaling based attacks on smartphones , 2012, IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012).

[8]  Yubo Song,et al.  A Mobile Communication Honeypot Observing System , 2012, 2012 Fourth International Conference on Multimedia Information Networking and Security.

[9]  Patrick P. C. Lee,et al.  On the detection of signaling DoS attacks on 3G/WiMax wireless networks , 2009, Comput. Networks.

[10]  Jean-Pierre Seifert,et al.  Security analysis of a femtocell device , 2011, SIN '11.

[11]  Shujun Li,et al.  A novel anti-phishing framework based on honeypots , 2009, 2009 eCrime Researchers Summit.

[12]  Matthias Lange,et al.  L4Android: a generic operating system framework for secure smartphones , 2011, SPSM '11.

[13]  Ravishankar Borgaonkar,et al.  Weaponizing Femtocells: The Effect of Rogue Devices on Mobile Telecommunications , 2012, NDSS.