TY - JOUR
T1 - Random Packet Inspection Scheme for Network Intrusion Prevention in LTE Core Networks
AU - Sou, Sok Ian
AU - Lin, Chuan Sheng
N1 - Funding Information:
Manuscript received June 12, 2016; revised December 9, 2016; accepted February 22, 2017. Date of publication March 1, 2017; date of current version September 15, 2017. The review of this paper was coordinated by Prof. C. Zhang. The work of S.-I. Sou was supported in part by the Ministry of Science and Technology (MOST), Taiwan, under contract number NSC 102-2221-E-006-112-MY3 and MOST 105-2628-E-006-007-MY3.
Publisher Copyright:
© 2017 IEEE.
PY - 2017/9
Y1 - 2017/9
N2 - In Long-Term Evolution (LTE), the security threat posed by malicious users can be reduced by using the traffic detection function (TDF) in the policy and charging control (PCC) system to inspect the packets passing through the Packet Data Network Gateway. However, as the volume of global cellular data traffic continues to grow, it becomes impossible for the TDF to inspect all of the packets. Consequently, more efficient Intrusion Detection Systems (IDSs) are required. Accordingly, the present study proposes a random packet inspection scheme in which the inspection rate is dynamically adjusted based on the perceived intrusion period of the session. An analytical model is proposed to evaluate the effect of the inspection rate on the intrusion detection rate, inspection cost, and detection latency. The validity of the proposed model is demonstrated through numerical simulations. It is shown that the model provides an effective means of setting the inspection rate in such a way as to maximize the intrusion detection rate, while simultaneously achieving a satisfactory tradeoff between the inspection cost and the detection latency.
AB - In Long-Term Evolution (LTE), the security threat posed by malicious users can be reduced by using the traffic detection function (TDF) in the policy and charging control (PCC) system to inspect the packets passing through the Packet Data Network Gateway. However, as the volume of global cellular data traffic continues to grow, it becomes impossible for the TDF to inspect all of the packets. Consequently, more efficient Intrusion Detection Systems (IDSs) are required. Accordingly, the present study proposes a random packet inspection scheme in which the inspection rate is dynamically adjusted based on the perceived intrusion period of the session. An analytical model is proposed to evaluate the effect of the inspection rate on the intrusion detection rate, inspection cost, and detection latency. The validity of the proposed model is demonstrated through numerical simulations. It is shown that the model provides an effective means of setting the inspection rate in such a way as to maximize the intrusion detection rate, while simultaneously achieving a satisfactory tradeoff between the inspection cost and the detection latency.
UR - http://www.scopus.com/inward/record.url?scp=85029925499&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85029925499&partnerID=8YFLogxK
U2 - 10.1109/TVT.2017.2675454
DO - 10.1109/TVT.2017.2675454
M3 - Article
AN - SCOPUS:85029925499
VL - 66
SP - 8385
EP - 8397
JO - IEEE Transactions on Vehicular Communications
JF - IEEE Transactions on Vehicular Communications
SN - 0018-9545
IS - 9
M1 - 7866014
ER -