Wireless cellular networks serve as an essential cyber-infrastructure for mobile users. Unlike the Internet, cellular networks have adopted usage-based charging, rather than the simpler flat-rate charging. Data-plan subscribers have to pay their data bills based on the consumed traffic volume in 3G/4G networks. Although this metered charging system has been operational and generally successful for years, the security study of such a system remains largely unaddressed. The objective of this research is to investigate the insecurity aspects of large-scale cellular network infrastructures, identify their security loopholes, sketch novel attacks that exploit such loopholes, devise defenses that protect from such attacks, and validate the attacks and the defenses via real experiments in operational carriers. The proposed study helps us to better understand how various forms of vulnerabilities exhibit in the cellular system, open new venue for secure system design and operations, and refine the networking design that makes both the infrastructure and the user devices more resilient against malicious threats.
By addressing the key security issues of mobile data charging, the proposed research helps to protect the multi-trillion dollar network operations. It not only secures revenues of global cellular operators, but also protects the monetary rights of billions of mobile users. The proposed solutions will help to renovate the existing network infrastructure, and shape the upcoming 5G cellular technology in its standardization. It will also train a new generation of engineers and students in this field. The PIs will interact closely with industry for possible technology transfer.
