JP5378799B2 - 3g無線ネットワークを悪意ある攻撃から防護するための方法および装置 - Google Patents
3g無線ネットワークを悪意ある攻撃から防護するための方法および装置 Download PDFInfo
- Publication number
- JP5378799B2 JP5378799B2 JP2008547354A JP2008547354A JP5378799B2 JP 5378799 B2 JP5378799 B2 JP 5378799B2 JP 2008547354 A JP2008547354 A JP 2008547354A JP 2008547354 A JP2008547354 A JP 2008547354A JP 5378799 B2 JP5378799 B2 JP 5378799B2
- Authority
- JP
- Japan
- Prior art keywords
- network
- radio
- attack
- status information
- aware
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000000034 method Methods 0.000 title claims description 12
- 238000001514 detection method Methods 0.000 description 5
- 230000011664 signaling Effects 0.000 description 5
- 238000012545 processing Methods 0.000 description 4
- 238000013461 design Methods 0.000 description 3
- 230000002776 aggregation Effects 0.000 description 2
- 238000004220 aggregation Methods 0.000 description 2
- 230000006399 behavior Effects 0.000 description 2
- 238000005259 measurement Methods 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 238000012512 characterization method Methods 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 230000002596 correlated effect Effects 0.000 description 1
- 230000000875 corresponding effect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000007781 pre-processing Methods 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 230000007781 signaling event Effects 0.000 description 1
- 230000007480 spreading Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
- H04W12/121—Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
- H04W12/122—Counter-measures against attacks; Protection against rogue devices
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W24/00—Supervisory, monitoring or testing arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/22—Processing or transfer of terminal data, e.g. status or physical capabilities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W84/00—Network topologies
- H04W84/02—Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
- H04W84/04—Large scale networks; Deep hierarchical networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Databases & Information Systems (AREA)
- Mobile Radio Communication Systems (AREA)
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Description
しかし、3G無線ネットワークに対する攻撃は、信号攻撃およびバッテリ攻撃だけに限定されない。
Claims (10)
- 3G無線ネットワークに対する攻撃を検出するための方法であって、
無攻撃な無線トラフィック状態に基づくプロファイルを生成するステップと、
無線データチャネルの確立および解放を含む無線状態情報を取得するステップと、
前記ネットワーク内の要素に攻撃が仕掛けられているかどうかを決定するために、前記無線状態情報をプロファイルと比較するステップと、
を備える方法。 - 前記比較が攻撃を示唆している場合、前記ネットワーク内の移動体装置に宛てられた悪意あるトラフィックが前記装置に到達することを防止するステップをさらに備える、請求項1に記載の方法。
- 前記無線状態情報が、前記ネットワーク内の1つまたは複数のネットワーク要素から収集される、請求項1に記載の方法。
- 前記無線状態情報が、前記ネットワークについての知識から推測される、請求項1に記載の方法。
- 3G無線ネットワークに対する攻撃を検出するための装置であって、
無攻撃な無線トラフィック状態に基づくプロファイルを生成し、
無線データチャネルの確立および解放を含む無線状態情報を取得し、
前記ネットワーク内の要素に攻撃が仕掛けられているかどうかを決定するために、前記無線状態情報をプロファイルと比較する、
ように動作可能な装置。 - 前記比較が攻撃を示唆している場合、前記ネットワーク内の移動体装置に宛てられた悪意あるトラフィックが前記装置に到達することを防止するようにさらに動作可能な、請求項5に記載の装置。
- 前記装置が、前記無線状態情報を前記ネットワーク内の1つまたは複数の要素から収集するようにさらに動作可能な、請求項5に記載の装置。
- 前記装置が、前記無線状態情報を前記ネットワークについての知識から推測するようにさらに動作可能な、請求項5に記載の装置。
- 前記無線状態情報は移動体が活動状態にある時間を含む、請求項1に記載の装置。
- 前記無線状態情報は移動体が活動状態にある時間を含む、請求項5に記載の装置。
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US11/303,915 | 2005-12-19 | ||
| US11/303,915 US8965334B2 (en) | 2005-12-19 | 2005-12-19 | Methods and devices for defending a 3G wireless network against malicious attacks |
| PCT/US2006/047929 WO2007075423A2 (en) | 2005-12-19 | 2006-12-15 | Methods and devices for defending a 3g wireless network against malicious attacks |
Related Child Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| JP2012173597A Division JP5506871B2 (ja) | 2005-12-19 | 2012-08-06 | 3g無線ネットワークを悪意ある攻撃から防護するための方法および装置 |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| JP2009520447A JP2009520447A (ja) | 2009-05-21 |
| JP5378799B2 true JP5378799B2 (ja) | 2013-12-25 |
Family
ID=38175285
Family Applications (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| JP2008547354A Expired - Fee Related JP5378799B2 (ja) | 2005-12-19 | 2006-12-15 | 3g無線ネットワークを悪意ある攻撃から防護するための方法および装置 |
| JP2012173597A Expired - Fee Related JP5506871B2 (ja) | 2005-12-19 | 2012-08-06 | 3g無線ネットワークを悪意ある攻撃から防護するための方法および装置 |
Family Applications After (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| JP2012173597A Expired - Fee Related JP5506871B2 (ja) | 2005-12-19 | 2012-08-06 | 3g無線ネットワークを悪意ある攻撃から防護するための方法および装置 |
Country Status (6)
| Country | Link |
|---|---|
| US (2) | US8965334B2 (ja) |
| EP (1) | EP1964366B1 (ja) |
| JP (2) | JP5378799B2 (ja) |
| KR (1) | KR20080076960A (ja) |
| CN (2) | CN105025026A (ja) |
| WO (1) | WO2007075423A2 (ja) |
Families Citing this family (24)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9036540B2 (en) * | 2007-09-28 | 2015-05-19 | Alcatel Lucent | Method and system for correlating IP layer traffic and wireless layer elements in a UMTS/GSM network |
| WO2010145855A1 (en) | 2009-06-15 | 2010-12-23 | Pantec Biosolutions Ag | Monolithic, side pumped solid-state laser and method for operating the same |
| US10924500B2 (en) | 2012-11-22 | 2021-02-16 | Koninklijke Kpn N.V. | System to detect behaviour in a telecommunications network |
| US9722918B2 (en) | 2013-03-15 | 2017-08-01 | A10 Networks, Inc. | System and method for customizing the identification of application or content type |
| US9912555B2 (en) | 2013-03-15 | 2018-03-06 | A10 Networks, Inc. | System and method of updating modules for application or content identification |
| US9838425B2 (en) | 2013-04-25 | 2017-12-05 | A10 Networks, Inc. | Systems and methods for network access control |
| US9294503B2 (en) | 2013-08-26 | 2016-03-22 | A10 Networks, Inc. | Health monitor based distributed denial of service attack mitigation |
| US9756071B1 (en) | 2014-09-16 | 2017-09-05 | A10 Networks, Inc. | DNS denial of service attack protection |
| US9537886B1 (en) | 2014-10-23 | 2017-01-03 | A10 Networks, Inc. | Flagging security threats in web service requests |
| US9621575B1 (en) | 2014-12-29 | 2017-04-11 | A10 Networks, Inc. | Context aware threat protection |
| US9584318B1 (en) | 2014-12-30 | 2017-02-28 | A10 Networks, Inc. | Perfect forward secrecy distributed denial of service attack defense |
| US9900343B1 (en) * | 2015-01-05 | 2018-02-20 | A10 Networks, Inc. | Distributed denial of service cellular signaling |
| US9848013B1 (en) | 2015-02-05 | 2017-12-19 | A10 Networks, Inc. | Perfect forward secrecy distributed denial of service attack detection |
| US10063591B1 (en) | 2015-02-14 | 2018-08-28 | A10 Networks, Inc. | Implementing and optimizing secure socket layer intercept |
| US9787581B2 (en) | 2015-09-21 | 2017-10-10 | A10 Networks, Inc. | Secure data flow open information analytics |
| JP6049841B1 (ja) * | 2015-11-19 | 2016-12-21 | 三菱電機株式会社 | 車載ネットワーク管理装置及び車載ネットワーク管理方法 |
| US10469594B2 (en) | 2015-12-08 | 2019-11-05 | A10 Networks, Inc. | Implementation of secure socket layer intercept |
| US10505984B2 (en) | 2015-12-08 | 2019-12-10 | A10 Networks, Inc. | Exchange of control information between secure socket layer gateways |
| US10116634B2 (en) | 2016-06-28 | 2018-10-30 | A10 Networks, Inc. | Intercepting secure session upon receipt of untrusted certificate |
| US10158666B2 (en) | 2016-07-26 | 2018-12-18 | A10 Networks, Inc. | Mitigating TCP SYN DDoS attacks using TCP reset |
| CN108076019B (zh) * | 2016-11-17 | 2021-04-09 | 北京金山云网络技术有限公司 | 基于流量镜像的异常流量检测方法及装置 |
| CN112448894B (zh) * | 2019-09-03 | 2022-08-19 | 华为技术有限公司 | 阻断信令风暴的方法、装置、设备及存储介质 |
| CN113727348B (zh) | 2020-05-12 | 2023-07-11 | 华为技术有限公司 | 用户设备ue用户数据的检测方法、设备、系统及存储介质 |
| WO2021234796A1 (ja) * | 2020-05-18 | 2021-11-25 | 株式会社日立国際電気 | 移動通信システム |
Family Cites Families (24)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP3801209B2 (ja) * | 1995-11-20 | 2006-07-26 | コーニンクレッカ フィリップス エレクトロニクス エヌ ヴィ | デジタル通信システム |
| JP3332221B2 (ja) | 1999-05-28 | 2002-10-07 | 株式会社エヌ・ティ・ティ・データ | モバイル端末の接続管理方法及び方式 |
| DE60135550D1 (de) * | 2000-05-12 | 2008-10-09 | Niksun Inc | Sicherheitskamera für ein netzwerk |
| US7707305B2 (en) | 2000-10-17 | 2010-04-27 | Cisco Technology, Inc. | Methods and apparatus for protecting against overload conditions on nodes of a distributed network |
| US7370358B2 (en) | 2001-09-28 | 2008-05-06 | British Telecommunications Public Limited Company | Agent-based intrusion detection system |
| US7092357B1 (en) * | 2001-11-13 | 2006-08-15 | Verizon Services Corp. | Anti-flooding flow-control methods and apparatus |
| CN100379201C (zh) | 2001-11-29 | 2008-04-02 | 上海交通大学 | 可控计算机网络的分布式黑客追踪的方法 |
| US7171493B2 (en) * | 2001-12-19 | 2007-01-30 | The Charles Stark Draper Laboratory | Camouflage of network traffic to resist attack |
| CA2414789A1 (en) * | 2002-01-09 | 2003-07-09 | Peel Wireless Inc. | Wireless networks security system |
| JP3923346B2 (ja) | 2002-03-29 | 2007-05-30 | 京セラ株式会社 | 無線通信機 |
| TW595140B (en) * | 2002-04-22 | 2004-06-21 | Cognio Inc | System and method for spectrum management of a shared frequency band |
| US7383577B2 (en) | 2002-05-20 | 2008-06-03 | Airdefense, Inc. | Method and system for encrypted network management and intrusion detection |
| US7050800B2 (en) * | 2002-07-31 | 2006-05-23 | Interdigital Technology Corporation | Method and apparatus for WLAN-UMTS interworking employing UMTS air interface |
| US7295831B2 (en) * | 2003-08-12 | 2007-11-13 | 3E Technologies International, Inc. | Method and system for wireless intrusion detection prevention and security management |
| US7464158B2 (en) | 2003-10-15 | 2008-12-09 | International Business Machines Corporation | Secure initialization of intrusion detection system |
| US20050213553A1 (en) | 2004-03-25 | 2005-09-29 | Wang Huayan A | Method for wireless LAN intrusion detection based on protocol anomaly analysis |
| JP4371905B2 (ja) | 2004-05-27 | 2009-11-25 | 富士通株式会社 | 不正アクセス検知装置、不正アクセス検知方法、不正アクセス検知プログラムおよび分散型サービス不能化攻撃検知装置 |
| US20060046761A1 (en) * | 2004-08-27 | 2006-03-02 | Motorola, Inc. | Method and apparatus to customize a universal notifier |
| US20060068761A1 (en) * | 2004-09-28 | 2006-03-30 | Lucent Technologies Inc. | System and method for prioritizing a store-and-forward message |
| EP1834466B1 (en) * | 2004-12-30 | 2009-05-06 | Telecom Italia S.p.A. | Method and system for detecting attacks in wireless data communication networks |
| US7515926B2 (en) * | 2005-03-30 | 2009-04-07 | Alcatel-Lucent Usa Inc. | Detection of power-drain denial-of-service attacks in wireless networks |
| US20060230450A1 (en) | 2005-03-31 | 2006-10-12 | Tian Bu | Methods and devices for defending a 3G wireless network against a signaling attack |
| US8364148B2 (en) * | 2005-07-07 | 2013-01-29 | Qualcomm Incorporated | Methods and devices for interworking of wireless wide area networks and wireless local area networks or wireless personal area networks |
| US20070070933A1 (en) | 2005-09-28 | 2007-03-29 | Mun-Choon Chan | Methods and systems for providing highly resilient IP-RANs |
-
2005
- 2005-12-19 US US11/303,915 patent/US8965334B2/en not_active Expired - Fee Related
-
2006
- 2006-12-15 EP EP06845546.8A patent/EP1964366B1/en not_active Not-in-force
- 2006-12-15 CN CN201510440938.XA patent/CN105025026A/zh active Pending
- 2006-12-15 JP JP2008547354A patent/JP5378799B2/ja not_active Expired - Fee Related
- 2006-12-15 CN CNA2006800478106A patent/CN101341715A/zh active Pending
- 2006-12-15 WO PCT/US2006/047929 patent/WO2007075423A2/en not_active Ceased
- 2006-12-15 KR KR1020087014804A patent/KR20080076960A/ko not_active Withdrawn
-
2012
- 2012-08-06 JP JP2012173597A patent/JP5506871B2/ja not_active Expired - Fee Related
-
2015
- 2015-01-14 US US14/596,758 patent/US20150215328A1/en not_active Abandoned
Also Published As
| Publication number | Publication date |
|---|---|
| WO2007075423A2 (en) | 2007-07-05 |
| JP5506871B2 (ja) | 2014-05-28 |
| KR20080076960A (ko) | 2008-08-20 |
| JP2009520447A (ja) | 2009-05-21 |
| EP1964366B1 (en) | 2017-04-12 |
| US8965334B2 (en) | 2015-02-24 |
| CN101341715A (zh) | 2009-01-07 |
| JP2012227964A (ja) | 2012-11-15 |
| EP1964366A2 (en) | 2008-09-03 |
| US20150215328A1 (en) | 2015-07-30 |
| US20070143769A1 (en) | 2007-06-21 |
| CN105025026A (zh) | 2015-11-04 |
| WO2007075423A3 (en) | 2007-09-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP5506871B2 (ja) | 3g無線ネットワークを悪意ある攻撃から防護するための方法および装置 | |
| CN110249603B (zh) | 用于检测无线网络中的分布式攻击的方法和装置 | |
| JP4994359B2 (ja) | 3g無線ネットワークをシグナリング攻撃から防御するための方法及び装置 | |
| KR101187720B1 (ko) | 무선 네트워크들에서 전력-소모 서비스 거부 공격들의 검출 | |
| Xue et al. | Linkscope: Toward detecting target link flooding attacks | |
| US8341724B1 (en) | Blocking unidentified encrypted communication sessions | |
| EP3404949B1 (en) | Detection of persistency of a network node | |
| Xue et al. | Towards detecting target link flooding attack | |
| CN104539595A (zh) | 一种集威胁处理和路由优化于一体的sdn架构及工作方法 | |
| Chhabra et al. | Research Article An Efficient Scheme to Prevent DDoS Flooding Attacks in Mobile Ad-Hoc Network (MANET) | |
| CA2983429C (en) | Network security analysis for smart appliances | |
| JP4259183B2 (ja) | 情報処理システム、情報処理装置、プログラム、及び通信ネットワークにおける通信の異常を検知する方法 | |
| Kumar et al. | An analysis of tcp syn flooding attack and defense mechanism | |
| Beitollahi et al. | A cooperative mechanism to defense against distributed denial of service attacks | |
| CN111431913B (zh) | 路由器通告防护机制存在性检测方法及装置 | |
| Tupakula et al. | Securing mobile devices from DoS attacks | |
| Sun et al. | SMART: a practical and robust client-side RAP detection approach | |
| Almufareh | IoT Wireless Intrusion Detection and Network Traffic Analysis | |
| Choudhary et al. | A survey of intrusion detection in mobile Adhoc network | |
| Choudhary et al. | A survey of intrusion detection in mobile Adhoc network | |
| KR20140028535A (ko) | 분산 서비스 거부 공격 대응 장치 |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| A621 | Written request for application examination |
Free format text: JAPANESE INTERMEDIATE CODE: A621 Effective date: 20091214 |
|
| A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20101214 |
|
| A977 | Report on retrieval |
Free format text: JAPANESE INTERMEDIATE CODE: A971007 Effective date: 20111121 |
|
| A131 | Notification of reasons for refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A131 Effective date: 20111124 |
|
| A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20120224 |
|
| A02 | Decision of refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A02 Effective date: 20120404 |
|
| A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20120806 |
|
| A911 | Transfer to examiner for re-examination before appeal (zenchi) |
Free format text: JAPANESE INTERMEDIATE CODE: A911 Effective date: 20120814 |
|
| A912 | Re-examination (zenchi) completed and case transferred to appeal board |
Free format text: JAPANESE INTERMEDIATE CODE: A912 Effective date: 20121102 |
|
| A601 | Written request for extension of time |
Free format text: JAPANESE INTERMEDIATE CODE: A601 Effective date: 20130313 |
|
| A602 | Written permission of extension of time |
Free format text: JAPANESE INTERMEDIATE CODE: A602 Effective date: 20130318 |
|
| A61 | First payment of annual fees (during grant procedure) |
Free format text: JAPANESE INTERMEDIATE CODE: A61 Effective date: 20130926 |
|
| R150 | Certificate of patent or registration of utility model |
Free format text: JAPANESE INTERMEDIATE CODE: R150 |
|
| R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
| R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
| LAPS | Cancellation because of no payment of annual fees |