article

Location-Aware Mobile Intrusion Detection with Enhanced Privacy in a 5G Context

Authors:

Nils Ulltveit-Moe,

Vladimir A. Oleshchuk,

Geir M. KøienAuthors Info & Claims

Wireless Personal Communications: An International Journal, Volume 57, Issue 3

Pages 317 - 338

https://doi.org/10.1007/s11277-010-0069-6

Published: 01 April 2011 Publication History

Abstract

The paper proposes a location-aware mobile Intrusion Prevention System (mIPS) architecture with enhanced privacy that is integrated in Managed Security Service (MSS). The solution is envisaged in a future fifth generation telecommunications (5G) context with increased but varying bandwidth, a virtualised execution environment and infrastructure that allows threads, processes, virtual machines and storage to be migrated to cloud computing services on demand, to dynamically scale performance and save power. 5G mobile devices will be attractive targets for malicious software, and this threat will in some cases change with location. Mobile devices will store more sensitive information and will also be used to a larger extent for sensitive transactions than they typically do today. In addition, a distributed execution environment in itself gives raise to some new security challenges. In order to handle these security challenges, we have proposed the location-aware mIPS architecture, which benefits from a distributed execution environment where processor intensive services can be outsourced to Cloud hosting providers. The mIPS supports querying location threat profiles in a privacy-preserving way, and ensures that mIPS alerts sent to the the first-line MSS are anonymised. We finally perform an analysis of potential strengths and weaknesses of the proposed approach.

References

[1]

3GPP TS 31.101. (2009). 3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; UICC-terminal interface; Physical and logical characteristics (Release 9).3GPP, Sophia Antipolis, Valbonne, France, 12.

[2]

3GPP TS 33.401. (2009). 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3GPP System Architecture Evolution (SAE): Security architecture; (Release 9). 3GPP, Sophia Antipolis, Valbonne, France, 12.

[3]

3GPP TR 36.913. (2009). 3rd Generation Partnership Project; Technical Specification Group Radio Access Network; Requirements for further advancements for Evolved Universal Terrestrial Radio Access (E-UTRA) (LTE-Advanced) (Release 9). 3GPP, Sophia Antipolis, Valbonne, France, 12.

[4]

Alrodhan, W., & Mitchell, C. J. (2008). A delegation framework for liberty. In Proceedings: 3rd conference on advances in computer security and forensics, (ACSF 2008) (pp. 67-73). Liverpool, UK: Liverpool JMU.

[5]

Attrapadung, N., & Kobara, K. (2003). Broadcast encryption with short keys and transmissions. In Proceedings of the 3rd ACM workshop on digital rights management (pp. 55-66). Washington, DC, USA, ACM.

Digital Library

[6]

Büschkes, R., & Kesdogan, D. (1999). Privacy enhanced intrusion detection. In G. Müller & K. Rannenberg, Multilateral security in communications, information security (pp. 187-204). Reading, MA: Addison Wesley.

[7]

Büsckes, R. & Kesdogan D. (1999). Privacy enhanced intrusion detection. In Multilateral Security for Global Communication - Technology, Application, Business. Addison-Wesley-Longman.

[8]

Debar, H., Curry, D., & Feinstein, B. (2007). The intrusion detection message exchange format (IDMEF). http://www.ietf.org/rfc/rfc4765.txt.

[9]

Dolev, D., & Yao, A. (1983). On the security of public-key protocols. IEEE Transactions on Information Theory, 29(2), 198-208.

Digital Library

[10]

Feinstein, B., & Matthews, G. (2007). The intrusion detection exchange protocol (IDXP). http://www. ietf.org/rfc/rfc4767.txt.

[11]

Fischer-Hübner, S. (2007). IDA-An intrusion detection and avoidance system (in German). Aachen: Shaker.

[12]

Flegel, U. (2007). Privacy-respecting intrusion detection. Newyork: Springer.

Digital Library

[13]

Freedman, M. J., Nissim, K., Pinkas, B. (2004). Efficient private matching and set intersection. In Advances in Cryptology - EUROCRYPT 2004, volume 3027 of Lecture notes in computer science pp. (1-19). Springer.

[14]

Garfinkel, T., & Rosenblum, M. (2003). A virtual machine introspection based architecture for intrusion detection. In Proceedings network and distributed systems security symposium pp. (191-206).

[15]

Holz, T. (2004). An efficient distributed intrusion detection scheme. In COMPSAC Workshops pp. (39-40).

Digital Library

[16]

ITU-R (2008). REPORT ITU-R M.2133, Requirements, evaluation criteria and submission templates for the development of IMT-Advanced. Technical report, ITU, 12.

[17]

Kissner, L., & Song, D. (Aug 2005). Private and threshold set-intersection. In Proceedings of CRYPTO '05.

[18]

Køien, G. M. (2007). Subscriber privacy in cellular systems. Telektronikk ISSN, 0085-7130(103), 39-51.

[19]

Køien, G. M., & Oleshuck Vladimir, A. (2007). Personal privacy in a digital world. Telektronikk ISSN, 0085-7130(103), 4-19.

[20]

Køien, G. M., (Oct 2009). Entity authentication and personal privacy in future cellular systems. The River Publishers Series in Standardisation.

Digital Library

[21]

Lawrence Berkeley National Laboratory. Bro intrusion detection system. http://bro-ids.org.

[22]

Maier, G., Sommer, R., Dreger, H., Feldmann, A., Paxson, V., & Schneider, F. (2008). Enriching network security analysis with time travel. SIGCOMM Computer Communication Review, 38(4), 183-194.

Digital Library

[23]

Marchiori, M. (Ed). (2002). The platform for privacy preferences 1.0 specification. http://www.w3. org/TR/P3P.

[24]

MIT Kerberos Team (2009). Kerberos: The network authentication protocol. http://web.mit.edu/ Kerberos.

[25]

Moriarty K. M., & Trammell, B. H. (2008). IODEF/RID over SOAP. http://www.ietf.org/internet-drafts/ draft-moriarty-post-inch-rid-soap-05.txt.

[26]

Moses, T. (Ed). (2005). OASIS eXtensible Access Control Markup Language (XACML) Version 2.0. http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-core-spec-os.pdf.

[27]

Pang, R., & Paxson, V. (2003). A high-level programming environment for packet trace anonymization and transformation. In Proceedings of the 2003 conference on applications, technologies, architectures, and protocols for computer communications (pp. 339-351), Karlsruhe, Germany ACM.

Digital Library

[28]

Powers, C., & Schunter, M. (Ed) (2003). Enterprise privacy authorization language (epal 1.2). http:// www.w3.org/Submission/2003/SUBM-EPAL-20031110/ .

[29]

Reiss, F., & Joseph, M. H. (2004). Data triage: An adaptive architecture for load shedding in TelegraphCQ. In In ICDE pp. (155-156).

Digital Library

[30]

Schmidt, A.-D., Peters, F., Lamour, F., Scheel, C., Çamtepe Seyit, A., & Sahin, A. (2009). Monitoring smartphones for anomaly detection. Mobile Networks and Applications, 14(1), 92-106.

Digital Library

[31]

Sobirey, M., Richter, B., & König, H. (1996). The intrusion detection system AID - architecture and experiences in automated audit trail analysis. In Proceedings of the IFIP TC6/TC11 international conference on communications and multimedia security pp. (278-290).

Digital Library

[32]

Sobirey, M., Fischer-Hübner, S., & Rannenberg, K. (1997). Pseudonymous audit for privacy enhanced intrusion detection. In Proceedings of the IFIP TC11 13th international conference on information security (SEC'97) pp. (151-163).

Digital Library

[33]

Ulltveit-Moe, N., & Oleshchuk, V. (2009). Two tiered privacy enhanced intrusion detection system architecture. In IEEE International workshop on intelligent data acquisition and advanced computing systems: technology and applications, 2009. IDAACS 2009 (pp. 8-14).

Cited By

Saeed MHasan MObaid ASaeed RMokhtar RAli EAkhtaruzzaman MAmanlou SHossain A(2022)A comprehensive review on the users’ identity privacy for 5G networksIET Communications10.1049/cmu2.1232716:5(384-399)Online publication date: 1-Mar-2022
https://dl.acm.org/doi/10.1049/cmu2.12327
Ribeiro JSaghezchi FMantas GRodriguez JShepherd SAbd-Alhameed R(2020)An Autonomous Host-Based Intrusion Detection System for Android Mobile DevicesMobile Networks and Applications10.1007/s11036-019-01220-y25:1(164-172)Online publication date: 1-Feb-2020
https://dl.acm.org/doi/10.1007/s11036-019-01220-y
Ahmad IShahabuddin SKumar TOkwuibe JGurtov AYlianttila M(2019)Security for 5G and BeyondIEEE Communications Surveys & Tutorials10.1109/COMST.2019.291618021:4(3682-3722)Online publication date: 1-Oct-2019
https://dl.acm.org/doi/10.1109/COMST.2019.2916180
Show More Cited By

Location-Aware Mobile Intrusion Detection with Enhanced Privacy in a 5G Context
1. Networks
  1. Network types
2. Social and professional topics
  1. Computing / technology policy

Recommendations

Novel trust-aware intrusion detection and prevention system for 5G MANET–Cloud
Abstract
5G-based mobile ad hoc networks with cloud are a new paradigm that combines several real-world applications. Routing and security are current issues in MANETs. Security is highly important in MANET and cloud environments for preventing harmful ...
Enhancing byte-level network intrusion detection signatures with context
CCS '03: Proceedings of the 10th ACM conference on Computer and communications security

Many network intrusion detection systems (NIDS) use byte sequences as signatures to detect malicious activity. While being highly efficient, they tend to suffer from a high false-positive rate. We develop the concept of contextual signatures as an ...
SP 800-94. Guide to Intrusion Detection and Prevention Systems (IDPS)

Comments

Information & Contributors

Information

Published In

cover image Wireless Personal Communications: An International Journal

Wireless Personal Communications: An International Journal Volume 57, Issue 3

April 2011

182 pages

ISSN:0929-6212

Issue’s Table of Contents

Copyright © Copyright © 2011 Springer Science+Business Media, LLC.

Publisher

Kluwer Academic Publishers

United States

Publication History

Published: 01 April 2011

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

6
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 17 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Saeed MHasan MObaid ASaeed RMokhtar RAli EAkhtaruzzaman MAmanlou SHossain A(2022)A comprehensive review on the users’ identity privacy for 5G networksIET Communications10.1049/cmu2.1232716:5(384-399)Online publication date: 1-Mar-2022
https://dl.acm.org/doi/10.1049/cmu2.12327
Ribeiro JSaghezchi FMantas GRodriguez JShepherd SAbd-Alhameed R(2020)An Autonomous Host-Based Intrusion Detection System for Android Mobile DevicesMobile Networks and Applications10.1007/s11036-019-01220-y25:1(164-172)Online publication date: 1-Feb-2020
https://dl.acm.org/doi/10.1007/s11036-019-01220-y
Ahmad IShahabuddin SKumar TOkwuibe JGurtov AYlianttila M(2019)Security for 5G and BeyondIEEE Communications Surveys & Tutorials10.1109/COMST.2019.291618021:4(3682-3722)Online publication date: 1-Oct-2019
https://dl.acm.org/doi/10.1109/COMST.2019.2916180
Ferrag MMaglaras LArgyriou AKosmanos DJanicke H(2018)Security for 4G and 5G cellular networksJournal of Network and Computer Applications10.1016/j.jnca.2017.10.017101:C(55-82)Online publication date: 1-Jan-2018
https://dl.acm.org/doi/10.1016/j.jnca.2017.10.017
Panwar NSharma SSingh A(2016)A survey on 5GPhysical Communication10.1016/j.phycom.2015.10.00618:P2(64-84)Online publication date: 1-Mar-2016
https://dl.acm.org/doi/10.1016/j.phycom.2015.10.006
Biswash SKumar C(2013)An Index-Based Location Management Scheme for PCS NetworkWireless Personal Communications: An International Journal10.1007/s11277-012-0653-z69:4(1597-1614)Online publication date: 1-Apr-2013
https://dl.acm.org/doi/10.1007/s11277-012-0653-z

View Options

View options

Media

Figures

Other

Tables

View Issue’s Table of Contents