摘要
随着移动通信网络的迅猛发展,其安全漏洞产生的影响更为广泛,使得安全性研究尤为重要。根据长期演进(Long Term Evolution,LTE)非接入层协议的漏洞,构建了针对网络端和终端的两种拒绝服务攻击模型,通过获取不同终端的国际移动用户标识并分别伪造鉴权拒绝消息和附着请求消息对目标发起不同危害程度的拒绝服务攻击。实验结果表明,采用鉴权拒绝发起的攻击会使目标终端强制降为2G网络;而采用附着请求发起的攻击会使核心网侧中央处理器(Central Processing Unit,CPU)使用率由30%提升至80%,造成网络资源消耗巨大,导致用户很难正常接入。研究结论有助于推进非接入层协议的安全演进。
With the rapid development of mobile communication network,the impact of its security vulnerabilities is more extensive,which makes the security research particularly important.According to the vulnerability of LTE non-access layer protocol,two denial-of-service(DoS)attack models for network terminal and terminal are constructed in this paper.By obtaining the International Mobile Subscriber Identity(IMSI)of different terminals and faking the authentication denial message and attached request message respectively,DoS attack with different degree of damage is launched against the target.The experimental results show that the attack initiated by authentication denial can force the target terminal down to 2G network.However,the attack initiated by attachment request will increase the central processing unit utilization rate of the core network side from 30%to 80%,resulting in huge consumption of network resources and making it difficult for users to access normally.The research conclusion is helpful to promote the security evolution of non-access layer protocol.
作者
王华华
黄俊霖
何沛
吴妙灵
张杰棠
WANG Huahua;HUANG Junlin;HE Pei;WU Miaoling;ZHANG Jietang(School of Communication and Information Engineering,Chongqing University of Posts and Telecommunications,Chongqing 400065,China)
出处
《电讯技术》
北大核心
2022年第3期354-360,共7页
Telecommunication Engineering
基金
教育部-中国移动科研基金(MCM201805-2)。
关键词
移动通信
网络安全
非接入层
安全漏洞
拒绝服务
攻击模型
mobile communication
network security
non-access layer
security vulnerabilities
denial of service
attack model