Eliminating rouge femtocells based on distance bounding protocol and geographic information

Recently, femtocell solutions have been attracting increasing attention since coverage for broadband radios can effectively eliminate wireless notspots. To restrict malicious subscribers from accessing femtocells, 3G/WiMAX standards introduce an access control strategy, called Closed Subscriber Group (CSG). However, CSG only prevents malicious clients, but not rouge femtocells. In 2009, Han et al. proposed the first mutual authentication mechanism. This mechanism does not consider the case that an attacker can locate femtocells in an unregistered area even these femtocells are legitimate. In this paper, we first define two attacks, sinkhole and wormhole attacks, in femtocell-enabled mobile networks. Then, we design two approaches based on distance bounding protocols and geographic information to defend against these two attacks. In our design, a subscriber can confirm whether or not the femtocell he connected with is physically-present. Experiment results demonstrate that the distance bounding protocol can estimate an approximate distance between a subscriber's device and the deployed femtocell. Moreover, femtocells that are deployed inside or outside can both be identified and distinguished without the bias of signal strength based on our design.

[1]  Todor Cooklev,et al.  Air Interface for Fixed Broadband Wireless Access Systems , 2004 .

[2]  Hyoung-Kee Choi,et al.  Building Femtocell More Secure with Improved Proxy Signature , 2009, GLOBECOM 2009 - 2009 IEEE Global Telecommunications Conference.

[3]  Srdjan Capkun,et al.  Location privacy of distance bounding protocols , 2008, CCS.

[4]  Markus G. Kuhn,et al.  An RFID Distance Bounding Protocol , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[5]  Srdjan Capkun,et al.  ID-Based Secure Distance Bounding and Localization , 2009, ESORICS.

[6]  Ravishankar Borgaonkar,et al.  Weaponizing Femtocells: The Effect of Rogue Devices on Mobile Telecommunications , 2012, NDSS.

[7]  C. Karlof,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Proceedings of the First IEEE International Workshop on Sensor Network Protocols and Applications, 2003..

[8]  Chin-Chen Chang,et al.  Chaotic Maps-Based Mutual Authentication and Key Agreement using Smart Cards for Wireless Communications , 2013, J. Inf. Hiding Multim. Signal Process..

[9]  Francesco Sottile,et al.  Robust Localization for Wireless Sensor Networks , 2008, 2008 5th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks.

[10]  Ronny Yongho Kim,et al.  WiMAX femtocell: requirements, challenges, and solutions , 2009, IEEE Communications Magazine.

[11]  Gpp 3G Home NodeB Study Item Technical Report , 2008 .

[12]  Srdjan Capkun,et al.  Secure positioning in wireless networks , 2006, IEEE Journal on Selected Areas in Communications.

[13]  Jean-Pierre Seifert,et al.  Security analysis of a femtocell device , 2011, SIN '11.

[14]  Rajadurai Rajavelsamy,et al.  Towards security architecture for Home (evolved) NodeB: challenges, requirements and solutions , 2011, Secur. Commun. Networks.

[15]  David L. Black,et al.  Using Authenticated Encryption Algorithms with the Encrypted Payload of the Internet Key Exchange version 2 (IKEv2) Protocol , 2008, RFC.

[16]  Ieee Microwave Theory,et al.  Part 16: Air Interface for Fixed and Mobile Broadband Wireless Access Systems — Amendment for Physical and Medium Access Control Layers for Combined Fixed and Mobile Operation in Licensed Bands , 2003 .

[17]  Naganand Doraswamy,et al.  Ipsec: the new security standard for the internet , 1999 .

[18]  Jean-Pierre Hubaux,et al.  Security Issues in Next Generation Mobile Networks: LTE and Femtocells , 2010 .

[19]  Srdjan Capkun,et al.  ROPE: robust position estimation in wireless sensor networks , 2005, IPSN 2005. Fourth International Symposium on Information Processing in Sensor Networks, 2005..

[20]  Jean-Pierre Seifert,et al.  Experimental Analysis of the Femtocell Location Verification Techniques , 2010, NordSec.

[21]  Hung-Min Sun,et al.  A Scalable Transitive Human-Verifiable Authentication Protocol for Mobile Devices , 2013, IEEE Transactions on Information Forensics and Security.

[22]  Radha Poovendran,et al.  SeRLoc: Robust localization for wireless sensor networks , 2005, TOSN.

[23]  Victor C. M. Leung,et al.  Enhancing the performance of secured handover protocols in UMTS-WiMAX interworking , 2010, Wirel. Networks.

[24]  Cheng-Chi Lee,et al.  A secure dynamic ID based remote user authentication scheme for multi-server environment using smart cards , 2011, Expert Syst. Appl..

[25]  Michael R. Lyu,et al.  On the Intruder Detection for Sinkhole Attack in Wireless Sensor Networks , 2006, 2006 IEEE International Conference on Communications.

[26]  Andrei V. Gurtov,et al.  Secure and Multihomed Vehicular Femtocells , 2012, 2012 IEEE 75th Vehicular Technology Conference (VTC Spring).

[27]  Yu-Jung Huang,et al.  Hardware Implementation of RFID Mutual Authentication Protocol , 2010, IEEE Transactions on Industrial Electronics.