Location-Aware Mobile Intrusion Detection with Enhanced Privacy in a 5G Context

The paper proposes a location-aware mobile Intrusion Prevention System (mIPS) architecture with enhanced privacy that is integrated in Managed Security Service (MSS). The solution is envisaged in a future fifth generation telecommunications (5G) context with increased but varying bandwidth, a virtualised execution environment and infrastructure that allows threads, processes, virtual machines and storage to be migrated to cloud computing services on demand, to dynamically scale performance and save power. 5G mobile devices will be attractive targets for malicious software, and this threat will in some cases change with location. Mobile devices will store more sensitive information and will also be used to a larger extent for sensitive transactions than they typically do today. In addition, a distributed execution environment in itself gives raise to some new security challenges. In order to handle these security challenges, we have proposed the location-aware mIPS architecture, which benefits from a distributed execution environment where processor intensive services can be outsourced to Cloud hosting providers. The mIPS supports querying location threat profiles in a privacy-preserving way, and ensures that mIPS alerts sent to the the first-line MSS are anonymised. We finally perform an analysis of potential strengths and weaknesses of the proposed approach.

[1]  Anja Feldmann,et al.  Enriching network security analysis with time travel , 2008, SIGCOMM '08.

[2]  Geir M. Køien Subscriber Privacy in Cellular Systems , 2007 .

[3]  Sahin Albayrak,et al.  Monitoring Smartphones for Anomaly Detection , 2008, Mob. Networks Appl..

[4]  Geir M. Kien Entity Authentication and Personal Privacy in Future Cellular Systems , 2009 .

[5]  Marc Langheinrich,et al.  The platform for privacy preferences 1.0 (p3p1.0) specification , 2002 .

[6]  Frederick Reiss,et al.  Data Triage: an adaptive architecture for load shedding in TelegraphCQ , 2005, 21st International Conference on Data Engineering (ICDE'05).

[7]  Ims Restoration Procedures 3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; , 2008 .

[8]  Lorrie Faith Cranor,et al.  The platform for privacy preferences , 1999, CACM.

[9]  Vladimir A. Oleshchuk,et al.  Personal Privacy in a Digital World , 2007 .

[10]  Nils Ulltveit-Moe,et al.  Two tiered privacy enhanced intrusion detection system architecture , 2009, 2009 IEEE International Workshop on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications.

[11]  Ulrich Flegel,et al.  Privacy-Respecting Intrusion Detection , 2007, Advances in Information Security.

[12]  Kathleen Moriarty IODEF/RID over SOAP , 2006 .

[13]  Vern Paxson,et al.  Bro Intrusion Detection System , 2006 .

[14]  Vern Paxson,et al.  A high-level programming environment for packet trace anonymization and transformation , 2003, SIGCOMM '03.

[15]  Kazukuni Kobara,et al.  Broadcast encryption with short keys and transmissions , 2003, DRM '03.

[16]  Hartmut König,et al.  The Intrusion Detection System AID - Architecture, and Experiences in Automated Audit Analysis , 1996, Communications and Multimedia Security.

[17]  Hervé Debar,et al.  The Intrusion Detection Message Exchange Format (IDMEF) , 2007, RFC.

[18]  Ulrich Flegel,et al.  Privacy-Respecting Intrusion Detection (Advances in Information Security) , 2007 .

[19]  Chris J. Mitchell,et al.  A Delegation Framework for Liberty , 2008 .

[20]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[21]  Gregory A. Matthews,et al.  The Intrusion Detection Exchange Protocol (IDXP) , 2007, RFC.

[22]  Thomas Holz An efficient distributed intrusion detection scheme , 2004, Proceedings of the 28th Annual International Computer Software and Applications Conference, 2004. COMPSAC 2004..

[23]  Tal Garfinkel,et al.  A Virtual Machine Introspection Based Architecture for Intrusion Detection , 2003, NDSS.

[24]  Benny Pinkas,et al.  Efficient Private Matching and Set Intersection , 2004, EUROCRYPT.

[25]  D. Song,et al.  Private and threshold set-intersection , 2004 .

[26]  Dogan Kesdogan,et al.  Privacy Enhanced Intrusion Detection , 1999 .

[27]  Kai Rannenberg,et al.  Pseudonymous audit for privacy enhanced intrusion detection , 1997, SEC.