In order to successfully demonstrate the vulnerability of LTE to cyber attacks during the long DRX period in the future, several issues need to be resolved.
First of all, algorithms for DRX at the UE, eNB and MME need to be developed and standardized. Currently, most of the Qualcomm based LTE handsets do not fully implement the connected mode DRX feature [20], but it is not known if they implement the idle mode DRX feature. The LTE standards have provided for the DRX parameters to be exchanged between the UE, eNB and MME, but have left it up to the device vendors to implement the algorithm themselves. No open source implementations of DRX algorithms were found, indicating that they will be proprietary algorithms developed by the vendors. Without standardization of the algorithms, one would have to take into account which vendor’s equipment is being used, complicating the simulations. There are currently a lot of researchers investigating efficient DRX algorithms [38].
mode command procedure would all need to be added. From discussions with the maintainers of ns-3, the conclusion was that it would take someone working full-time a couple of years to add all that code to the ns-3 simulator.
Finally, it would be worthwhile to investigate capturing actual traces of LTE packets for analysis using Wireshark’s dissectors for LTE medium access control, radio link control and packet data convergence protocol headers. Without those dissectors, trying to decode the packets is extremely difficult, if not impossible. The captured LTE traces are also needed to ensure validity of the LTE module in the ns-3 network simulator.
LIST OF REFERENCES
[1] “Digital government: Building a 21st century platform to better serve the American people.” (2012). Federal Chief Information Officers Council, Washington, DC. [Online]. Available:
http://www.whitehouse.gov/sites/default/files/omb/egov/digital- government/digital-government-strategy.pdf
[2] “Department of Defense mobile device strategy.” (2012). Department of Defense, Washington, DC. [Online]. Available:
http://www.defense.gov/news/dodmobilitystrategy.pdf
[3] “Implementing a Nationwide, Broadband, Interoperable Public Safety Network in the 700 MHz Band.” (2011). Federal Communications Commission, Washington, DC. [Online]. Available: http://www.gpo.gov/fdsys/pkg/FR-2011-08-
18/html/2011-20831.htm
[4] “Long term evolution protocol overview.” (2008). Freescale, Austin, TX, Whitepaper. [Online]. Available:
http://www.freescale.com/files/wireless_comm/doc/white_paper/LTEPTCLOVW WP.pdf
[5] D. Forsberg et al., “Enhancing security and privacy in 3GPP E-UTRAN radio interface,” in 18th International Symposium on Personal, Indoor and Mobile
Radio Communications, Athens, Greece, 2007.
[6] N. Seddigh et al., “Security advances and challenges in 4G wireless networks,” in
Eighth Annual International Conference on Privacy Security and Trust (PST),
Ottawa, Ontario, 2010.
[7] 3GPP System Architecture Evolution (SAE); Security architecture, 3GPP
Technical Specification 33.401, version 11.7.0, 2013.
[8] M. Nohrborg. (2013, September). “LTE overview.” [Online]. Available: http://www.3gpp.org/technologies/keywords-acronyms/98-lte
[9] F. Firmin. (2013, November). “The evolved packet core.” [Online]. Available: http://www.3gpp.org/technologies/keywords-acronyms/100-the-evolved-packet- core
[10] General Packet Radio Service (GPRS) enhancements for Evolved Universal Terrestrial Radio Access Network (E-UTRAN) access, 3GPP Technical
[11] Evolved Universal Terrestrial Radio Access Network (E-UTRAN); Architecture description, 3GPP Technical Specification 36.401, version 11.2.0, 2013.
[12] “LTE Tutorial.” (2013). [Online]. Available: http://www.tutorialspoint.com/lte/index.htm
[13] M. Lindström, “LTE-Advanced radio layer 2 and RRC aspects,” in 3GPP LTE-
Advanced Evaluation Workshop, Beijing, China, 2009.
[14] Evolved Universal Terrestrial Radio Access (E-UTRA); Physical channels and modulation, 3GPP Technical Specification 36.211 version 11.4.0, 2013.
[15] “3GPP LTE channels and MAC layer.” (2009). - -
[16] Evolved Universal Terrestrial Radio Access (E-UTRA); Medium Access Control (MAC) protocol specification, 3GPP Technical Specification 36.321 version
11.3.0, 2013.
[17] Evolved Universal Terrestrial Radio Access (E-UTRA); Physical layer procedures, 3GPP Technical Specification 36.213, version 11.4.0, 2013.
[18] “LTE identifiers.” (2011). NMC Consulting Group, Seoul, Korea. [Online]. Available:
http://www.nmcgroups.com/files/download/NMC.LTE%20Identifiers.v1.0.pdf [19] Evolved Universal Terrestrial Radio Access (E-UTRA) and Evolved Universal
Terrestrial Radio Access Network (E-UTRAN); Overall description; Stage 2,
3GPP Technical Specification 36.300, version 11.7.0, Sept. 2013.
[20] A. Basir. (2013). “3GPP Long Term Evolution (LTE).” [Online]. Available: http://4g-lte-world.blogspot.com/
[21] Evolved Universal Terrestrial Radio Access (E-UTRA); Radio Resource Control (RRC); Protocol specification, 3GPP Technical Specification 36.331, version
11.5.0, Sept. 2013.
[22] A. Roessler. (2013, September). “Test ANR functionality on your LTE devices.” [Online]. Available: http://electronicdesign.com/test-amp-measurement/test-anr- functionality-your-lte-devices
[23] Evolved Universal Terrestrial Radio Access (E-UTRA); Radio Resource Control (RRC); Protocol specification, 3GPP Technical Specification 36.331, version
[25] Shisenchi. (2012, February). “Random access procedure in LTE.” [Online]. Available: http://www.teletopix.org/4g-lte/random-access-procedure-in-lte/ [26] M. Lazhar Belhouchet and M. Hakim Ebdelli, “Session 6: LTE/SAE mobility and
session management,” in ITU/BDT Arab Regional Workshop on 4G Wireless
Systems, Tunisia, 2010.
[27] C. B. Sankaran, “Network access security in next-generation 3GPP systems: A Tutorial,” IEEE Communications Magazine, vol. 47, no. 2, Feb. 2009.
[28] J. Cao et al., “A survey on security aspects for LTE and LTE-A networks,” IEEE
Communications Surveys and Tutorials, vol. PP, no. 99, April 2013.
[29] C. Bontu and E. Illidge, “DRX mechanism for power saving in LTE,” IEEE
Communications Magazine, June 2009.
[30] P. Jodukallu. (2013, December). “Basic LTE.” [Online]. Available: http://lteshare.blogspot.com/2013/12/DRx.html
[31] Evolved Universal Terrestrial Radio Access (E-UTRA) and Evolved Packet Core (EPC); User Equipment (UE) conformance specification; Part 2: Implementation Conformance Statement (ICS) proforma specification, 3GPP Technical
Specification 36.523-2, version 8.5.0, 2010.
[32] “ns-3 web page.” (2014). [Online]. Available: http://www.nsnam.org/
[33] N. Baldo et al., “A new model for the simulation of the LTE-EPC data plane,” in
International Conference on Simulation Tools and Techniques (SIMUTools),
Desenzano, Italy, 2012.
[34] “The LENA ns-3 LTE module documentation release v8.” (2014, Jan.). Centre Tecnològic de Telecomunicacions de Catalunya. [Online]. Available:
http://networks.cttc.es/mobile-networks/software-tools/lena/ [35] “MAC.” (2014, May). [Online]. Available:
http://www.sharetechnote.com/html/MAC_LTE.html#DRX
[36] M. Aiash et al., “Providing security in 4G systems: Unveiling the challenges,” in
Sixth Advanced International Conference on Telecommunications (AICT),
Barcelona, May 2010.
[37] Y. Park and T. Park, “A survey of security threats on 4G Networks,” in Globecom
Workshops, Washington, DC, Nov. 2007.
[38] Y. Mihov et al., “Analysis and performance evaluation of the DRX mechanism for power saving in LTE,” in 26th Convention of Electrical and Electronics
INITIAL DISTRIBUTION LIST
1. Defense Technical Information Center Ft. Belvoir, Virginia
2. Dudley Knox Library Naval Postgraduate School Monterey, California