Towards accurate accounting of cellular data for TCP retransmission

Go, Younghwan; Kune, Denis Foo; Woo, Shinae; Park, KyoungSoo; Kim, Yong‐Dae

doi:10.1145/2444776.2444779

Cited by 16 publications

(16 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Go et al highlighted that flawed accounting policies in the cellular ISP's in USA and South Korea can result in subscribers being wrongly charged for retransmitted TCP packets [5], and this vulnerability in the ISP's accounting mechanism can be exploited by adversaries to inflate the subscriber's bill by sending unnecessary retransmissions. Similarly, Kang et al discussed how an attacker with a cellular device can spoof the IP address of another subscriber in the same local network and send request packets to Internet servers [9].…”

Section: Related Workmentioning

confidence: 99%

“…They will be counted towards the subscriber's data quota. Go et al briefly mentioned the possibility of such an attack when they examined how subscribers can be overcharged by TCP retransmissions [5]. Because of the billing structure of mobile ISPs, an attacker can simply flood the victim with random packets at a very high rate, and the victim will have to pay for all the packets, even if they do not eventually reach the victim's device.…”

Section: Quota Drainmentioning

confidence: 99%

“…In recent years, significant amount of research efforts have been focused to demonstrate such attacks which particularly include over-billing attacks [5], battery depletion attacks [15,16], Denial of Service (DoS) attacks [8,17,19], IP spoofing and masquerading attacks [12].…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Unveiling the hidden dangers of public IP addresses in 4G/LTE cellular data networks

Leong

Kulkarni

et al. 2014

Proceedings of the 15th Workshop on Mobile Computing Systems and Applications

View full text Add to dashboard Cite

While it is often convenient for mobile cellular devices to have a public IP address, we show that such devices are vulnerable to stealthy malicious attacks. In particular, we show with experiments on three 4G/LTE cellular data networks in Singapore that it is easy for an attacker to initiate three different types of attacks on such mobile devices: (i) data quota drain, (ii) DoS flooding, and (iii) battery drain. Our experiments show that a potential attacker can completely exhaust the monthly data quota within a few minutes, completely choke the data connection of a mobile subscriber with a data stream of just 3 Mb/s, and increase the battery drain rate by up to 24 times. Finally, we argue that a simple proxy-based firewall with a secret IP address would be an effective and feasible defense against such potential attacks.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Quota Drainmentioning

confidence: 99%

See 1 more Smart Citation

Unveiling the hidden dangers of public IP addresses in 4G/LTE cellular data networks

Leong

Kulkarni

et al. 2014

Proceedings of the 15th Workshop on Mobile Computing Systems and Applications

View full text Add to dashboard Cite

show abstract

“…WiFi networks may have data loss rate up to 4-5 % in dynamically moving environment. Mobile data networks has less data loss rates, but still high enough to introduce decrease of live video stream QoS [8], [9].…”

Section: A Experimental Setupmentioning

confidence: 99%

Dynamic adaptation of the jitter buffer for video streaming applications

Jaseviciute

Plonis

Serackis

2014

2014 IEEE 2nd Workshop on Advances in Information, Electronic and Electrical Engineering (AIEEE)

View full text Add to dashboard Cite

Paper presents a new algorithm proposed to dynamically adapt jitter buffer, used in video transcoding applications. When the video content provider is moving continuously, the wireless network connectivity conditions changes in time. The resulting jitter should be compensated in video transcoder by selecting jitter buffer high enough to compensate all possible jitter variations. The algorithm, proposed in this paper updates the jitter buffer according to current jitter measurements and jitter prediction results in order to reduce the total latency of the video transcoding in live transmissions.

show abstract

“…To prevent unauthorized access, cellular operators also deploy firewalls and network address translators (NATs) to shield mobile devices from the traffic types of no interest. While recent studies [21,22,27,28,36] have reported various cases on accounting volume inaccuracy, the two aspects of authentication and authorization still look bullet-proof. They seem almost impossible to go wrong.…”

Section: [Authorization]mentioning

confidence: 99%

Real Threats to Your Data Bills

Peng

Wang

et al. 2014

Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security

View full text Add to dashboard Cite

Secure mobile data charging (MDC) is critical to cellular network operations. It must charge the right user for the right volume that (s)he authorizes to consume (i.e., requirements of authentication, authorization, and accounting (AAA)). In this work, we conduct security analysis of the MDC system in cellular networks. We find that all three can be breached in both design and practice, and identify three concrete vulnerabilities: authentication bypass, authorization fraud and accounting volume inaccuracy. The root causes lie in technology fundamentals of cellular networks and the Internet IP design, as well as imprudent implementations. We devise three showcase attacks to demonstrate that, even simple attacks can easily penetrate the operational 3G/4G cellular networks. We further propose and evaluate defense solutions.

show abstract

Towards accurate accounting of cellular data for TCP retransmission

Cited by 16 publications

References 13 publications

Unveiling the hidden dangers of public IP addresses in 4G/LTE cellular data networks

Unveiling the hidden dangers of public IP addresses in 4G/LTE cellular data networks

Dynamic adaptation of the jitter buffer for video streaming applications

Real Threats to Your Data Bills

Contact Info

Product

Resources

About