Mobile network threats are mounting, but security architecture lags


SAN FRANCISCO -- Threats against mobile networks are increasing in number and sophistication, but the underlying network security architecture has not been updated to keep pace with those threats, warned Selim Aissi, vice president for global information security at Visa, during a panel discussion at the RSA Conference this week.

Distributed denial-of-service (DDoS) attacks are particularly insidious. Aissi identified a number of DDoS attack methods targeting mobile networks. At the local level, attackers could launch low power jamming, base station saturation with SMS and protocol misbehavior attacks. At the core level, attacks could use botnets of mobile devices, amplification attacks, as well as home subscriber server (HSS) and evolved packet core (EPC) saturation attacks. At the global level, attacks could use a botnets of mobile devices or attacks against Internet nodes.

Aissi said that advanced data mining techniques could be used to mitigate DDoS attacks against mobile networks. Other mitigation measures include flexible/distributed load balancing, flexible/adaptive manager of the EPC, advanced anti-jamming techniques, distribution/optimization of EPC functions and optimization of radio resource management.

According to a recent report by Arbor Networks, DDoS attacks against mobile networks more than doubled last year. Nearly a quarter of the respondents offering mobile services said they had seen DDoS attacks against their mobile Internet infrastructure, more than double the proportion seen last year, according to Arbor's annual Worldwide Infrastructure Security Report based on a survey of 220 service providers.

For more:
- see the Arbor release

Related Articles:
7 deadly sins: The most dangerous new attack techniques for 2014
Banks should brace for massive DDoS attacks this year, warns Ovum
Infonetics: Mobile attacks fuel DDoS prevention appliance demand