Exploiting open functionality in SMS-capable cellular networks
Proceedings of the 12th ACM conference on Computer and communications security
On the Impact of Unwanted Traffic onto a 3G Network
SECPERU '06 Proceedings of the Second International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing
SmartSiren: virus detection and alert for smartphones
Proceedings of the 5th international conference on Mobile systems, applications and services
On the detection of signaling DoS attacks on 3G/WiMax wireless networks
Computer Networks: The International Journal of Computer and Telecommunications Networking
On cellular botnets: measuring the impact of malicious devices on a cellular network core
Proceedings of the 16th ACM conference on Computer and communications security
An untold story of middleboxes in cellular networks
Proceedings of the ACM SIGCOMM 2011 conference
LTE for UMTS: Evolution to LTE-Advanced
LTE for UMTS: Evolution to LTE-Advanced
A survey of mobile malware in the wild
Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices
Charging and pricing challenges for 3G systems
IEEE Communications Surveys & Tutorials
Can we pay for what we get in 3G data access?
Proceedings of the 18th annual international conference on Mobile computing and networking
Towards accurate accounting of cellular data for TCP retransmission
Proceedings of the 14th Workshop on Mobile Computing Systems and Applications
Accounting for roaming users on mobile data access: issues and root causes
Proceeding of the 11th annual international conference on Mobile systems, applications, and services
How voice calls affect data in operational LTE networks
Proceedings of the 19th annual international conference on Mobile computing & networking
Last call for the buffet: economics of cellular networks
Proceedings of the 19th annual international conference on Mobile computing & networking
PREC: practical root exploit containment for android devices
Proceedings of the 4th ACM conference on Data and application security and privacy
Hi-index | 0.00 |
3G/4G cellular networks adopt usage-based charging. Mobile users are billed based on the traffic volume when accessing data service. In this work, we assess both this metered accounting architecture and application-specific charging policies by operators from the security perspective. We have identified loopholes in both, and discovered two effective attacks exploiting the loopholes. The "toll-free-data-access-attack" enables the attacker to access any data service for free. The "stealth-spam-attack" incurs any large traffic volume to the victim, while the victim may not be even aware of such spam traffic.Our experiments on two operational 3G networks have confirmed the feasibility and simplicity of such attacks. We also propose defense remedies.