Title: GUTI-Based Multi-Factor Authentication Protocol for De-synchronization Attack Prevention in LTE Handovers

Issue Number: Vol. 9, No. 1
Year of Publication: March - 2020
Page Numbers: 1-11
Authors: Vincent Omollo Nyangaresi, Silvance O. Abeka, Anthony J. Rodrigues
Journal Name: International Journal of Cyber-Security and Digital Forensics (IJCSDF)
- Hong Kong
DOI:  http://dx.doi.org/10.17781/P002642

Abstract:


The motivations behind the long term evolution (LTE) networks are low latency, high bandwidths and high data rates. The low latency requirement is tricky and cumbersome to achieve during handovers given that the communication process requires secure and privacy-preserving strategies and hence the introduction of authentication and encryption. Increased latency at cell boundaries leads to packet losses which results in denial of services, and is the reason behind lack of authentication during handover process in some cellular networks such as 2G. Unauthenticated handovers expose cellular communication to attacks such as eavesdropping, illicit modifications and traffic re- direction, all which compromise both confidentiality and integrity of the exchanged data. As such, a number of researchers have developed authentication strategies such as ticketing and group key security. However, these approaches concentrate on the security aspects of the handovers, ignoring the latency issues. In this paper, LTE tracking area partitioning is combined with advance figures of merit measuring and buffering to reduce latencies during the handover process, and hence permitted the incorporation of handover entities authentication. The simulation results indicated that our approach reduced the handover latency from 2.598 seconds for handovers without timing advance to an average latency of 0.048 seconds. In addition, a GUTI based authentication protocol was implemented that was observed to be resistant against attacks such as denial of service, de-synchronization, session hijacking, masquerade and network impersonation.