Please use this identifier to cite or link to this item:
標題: 2G/3G GPRS網路GOA攻擊及防範之探討
An investigation on GOA Attack & Prevention in 2G/3G GPRS Networks
作者: 賴正祥
Lai, Cheng-Shiang
關鍵字: 整合封包無線電服務;GPRS(General Packet Radio Service);GPRS服務支援節點;GPRS閘道支援節點;高速下行封包存取;全球式行動電信系統;寬頻分碼多工存取;GPRS溢費攻擊;SGSN(Serving GPRS Support Node);GGSN(Gateway GPRS Support Node);HSDPA(High Speed Downlink Packet Access);UMTS(Universal Mobile Telecommunication System);WCDMA(Wideband Code Division Multiple Access);GOA(GPRS Overbilling Attack)
出版社: 資訊科學系所
引用: [1] 中華電信行通分公司行動整合網管系統網站, [2] 中華電信, "GPRS IP Backbone技術文件”,"台中營運處行通維運科”,2001. [3] 中華電信, "SGSN維護及技術文件”,"台中營運處行通維運科”,2001. [4] 國立臺灣大學「台大工程」學刊,第九十期,”UMTS HSDPA 關鍵技術與議題之探討”,2004. [5] 黃通文, ”3G/UMTS HSDPA技術研習講義”, ” 中華電信訓練所”,2005. [6] NOKIA, ”TCPIP for Mobile Packet Core”,2003。 [7] NOKIA, ”NED for 2G GPRS SGSN、GGSN、CG、BG、FW、DNS”,2004. [8] NOKIA, ”NED for 3G UMTS SGSN、GGSN、CG、BG、FW、DNS”,2006. [9] Prakhyath Makam ,”Security Vulnerabilities in GPRS Network”, Wipro Technologies 2003. [10] Peter Rysavy, “GPRS Network Security”, AT&T Wireless Services Inc, Document Number 12199,Revision 0.4.5, 2004. [11] Cingular Wireless LLC , “Secure Application Deployment with GPRS/EDGE/UMTS”, Document Number 12792,Revision 6.0, 2005 [12] Kolding, T.E., Frederiksen, F., Mogensen, P.E., "High Speed Downlink Packet Access WCDMA Evolution", IEEE, Vehicular Technology Conference, 2002. Proceedings. VTC 2002-Fall. 2002 IEEE 56th , Volume 1, 24-28 Sept. 2002 Page(s):477 - 481 vol.1. [13] Alan Bavosa , “GPRS Security Threats and Solution Recommendations”, Juniper Networks Inc., Part Number: 200074-002, June 2004. [14] Ariff Premji, “Deploying Enhanced NAT Services in GPRS Networks, Mitigating Overbilling Attack”, Juniper Networks Inc., Part Number: 350076-001, 2004. [15] Ollie Whitehouse, Graham Murphy, “Attacks and Counter Measures in 2.5G and 3G Cellular IP Networks”, MARCH 2004. [16] Christos Xenakis, Lazaros Merakos, “Vulnerabilities and Possible Attacks against the GPRS Backbone Network”, Communication Networks Laboratory Department of Informatics & Telecommunications, University of Athens, Greece 2003. [17] Kavita Baratapre, “An Investgation of Security Threats to Cellular Data Network”, Electrical Engineering, India Institute of Tecnology Bombay 2005. [18] Gopal, R.L.; Tat Chan; Ti-Shiang Wang, “User plane Firewall for 3G Mobile Network”, Nokia Research Center, IEEE, Vehicular Technology Conference, 2003. VTC 2003-Fall. 2003 IEEE 58th, Volume 3, 6-9 Oct. 2003 Page(s):2117 - 2121 Vol.3. [19] Roman Weil, “3G UMTS Network Security”, Seimens Netrowks, 20.12.2006, [20] 3GPP網站, [21] “3G Mobile Network Security”, iGillott Research Inc, Jan 2007.
隨著各種網路技術與生活的結合,行動無線上網不受時空限制的便利,因行動業者3G及3.5G HSDPA高速服務的陸續推出而更趨熱絡,然而在以量計價的上網計費方式中,隱藏於GPRS網路中的惡意攻擊GOA(GPRS Overbilling Attack),不僅使得用戶之上網費用暴增,更引發使用者對業者的計費方式產生質疑與紛爭。本文主要介紹 2/3G GPRS 網路之系統架構包括網路架構及其網路設備元件, GOA 攻擊方式及防範 GOA 攻擊的方法等相關議題。然而,在現今 2G 與 3G GPRS 網路互聯運作之情況下,如何慎選防範機制且能相容運作於兩大系統之間,則是本文最後探討未來對 GOA 的防範工作與願景。

With the integration of various kinds of network technologies into our daily life, the convenience of mobile internet access is getting more and more popular with the launch of 3G and 3.5G HSDPA by operators. Nevertheless, the way of charging by quantity of packets for net surfing via GPRS network is vulnerable to intruders who attack the subscriber intentionally. The result of GOA attack makes the network expenses on users increase suddenly and violently. Furthermore, it can cause disputation and untrustworthy issue between subscribers and operators. In this paper, the architecture of 2G/3G GPRS network and the network elements will be introduced. The way of GPRS Overbilling Attack (GOA) in 2G/3G network and method of prevention are mainly discussed. We also need to consider that which way of prevention is better and suitable for both 2G and 3G networks. Whether the attacks against GPRS systems would become a problem in the future, how to prevent subscribers from the GOA attack is truly an urgent issue from now on.
其他識別: U0005-0507200711134700
Appears in Collections:資訊科學與工程學系所

Show full item record

Google ScholarTM


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.