This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Exploiting and Defending Opportunistic Scheduling in Cellular Data Networks
May 2010 (vol. 9 no. 5)
pp. 609-620
ASCII Text
x 
 
Radmilo Racic, Denys Ma, Hao Chen, Xin Liu, "Exploiting and Defending Opportunistic Scheduling in Cellular Data Networks," IEEE Transactions on Mobile Computing, vol. 9, no. 5, pp. 609-620, May, 2010.
 
 
BibTex
x
 
@article{ 10.1109/TMC.2009.146,
author = {Radmilo Racic and Denys Ma and Hao Chen and Xin Liu},
title = {Exploiting and Defending Opportunistic Scheduling in Cellular Data Networks},
journal ={IEEE Transactions on Mobile Computing},
volume = {9},
number = {5},
issn = {1536-1233},
year = {2010},
pages = {609-620},
doi = {http://doi.ieeecomputersociety.org/10.1109/TMC.2009.146},
publisher = {IEEE Computer Society},
address = {Los Alamitos, CA, USA},
}
 
 
RefWorks Procite/RefMan/Endnote
x 
 
TY - JOUR
JO - IEEE Transactions on Mobile Computing
TI - Exploiting and Defending Opportunistic Scheduling in Cellular Data Networks
IS - 5
SN - 1536-1233
SP609
EP620
EPD - 609-620
A1 - Radmilo Racic,
A1 - Denys Ma,
A1 - Hao Chen,
A1 - Xin Liu,
PY - 2010
KW - Security
KW - opportunistic scheduling
KW - proportional fair
KW - temporal fair
KW - handoff.
VL - 9
JA - IEEE Transactions on Mobile Computing
ER -
 
Radmilo Racic, University of California Davis, Davis
Denys Ma, University of California Davis, Davis
Hao Chen, University of California Davis, Davis
Xin Liu, University of California Davis, Davis
Third Generation (3G) cellular networks take advantage of time-varying and location-dependent channel conditions of mobile users to provide broadband services. Under fairness and QoS constraints, they use opportunistic scheduling to efficiently utilize the available spectrum. Opportunistic scheduling algorithms rely on the collaboration among all mobile users to achieve their design objectives. However, we demonstrate that rogue cellular devices can exploit vulnerabilities in popular opportunistic scheduling algorithms, such as Proportional Fair (PF) and Temporal Fair (TF), to usurp the majority of time slots in 3G networks. Our simulations show that under realistic conditions, only five rogue device per 50-user cell can capture up to 95 percent of the time slots, and can cause 2-second end-to-end interpacket transmission delay on VoIP applications for every user in the same cell, rendering VoIP applications useless. To defend against this attack, we propose strengthening the PF and TF schedulers and a robust handoff scheme.

[1] H. Holma and A. Toskala, HSDPA/HSUPA for UMTS. John Wiley & Sons, 2006.
[2] V. Vanghi, A. Damnjanovic, and B. Vojcic, The CDMA2000 System for Mobile Communications. Prentice Hall, 2004.
[3] 3GPP, "3G Wlan—Trust Model," http://www.3gpp.org/ftp/tsg_sa/WG3_Security/ TSGS3_25_Munich/Docs/PDFS3-0205 23.pdf , 2008.
[4] Ericsson, "WCDMA Evolved—The First Step—HSDPA," http://www.ericsson.com/technology/whitepapers wcdma_ evolved.pdf , 2008.
[5] Qualcomm, "HSDPA for Improved Downlink Data Transfer," Oct. 2004.
[6] S. Bali, S. Machiraju, H. Zang, and V. Frost, "On the Performance Implications of Proportional Fairness (PF) in 3G Wireless Networks," Proc. Passive and Active Measurements Conf., 2007.
[7] S.Z. Asif, "Aligning Business and Technology Strategies—An Evolution of a Third Generation Wireless Technology," Proc. Eng. Management Conf., 2002.
[8] X. Liu, E.K.P. Chong, and N.B. Shroff, "Opportunistic Transmission Scheduling with Resource-Sharing Constraints in Wireless Networks," IEEE J. Selected Area in Comm., vol. 19, no. 10, pp. 2053-2064, Oct. 2001.
[9] S.S. Kulkarni and C. Rosenberg, "Opportunistic Scheduling Policies for Wireless Systems with Short Term Fairness Constraints," Proc. IEEE Global Telecomm. Conf. (Globecom), 2003.
[10] ITU-T, "One-Way Transmission Time," ITU-T Recommendation G.114, 1996.
[11] G. Varrall and R. Belcher, 3G Handset and Network Design. Wiley and Sons, 2004.
[12] HSDPA Mobile Broadband Data, Agere Systems, 2005.
[13] M. Grosslauser and D. Tse, "Mobility Increases the Capacity of Wireless Ad Hoc Networks," Proc. IEEE INFOCOM, Apr. 2001.
[14] A. Jalali, R. Padovani, and R. Pankaj, "Data Throughput of CDMA-HDR a High Efficiency-High Data Rate Personal Communication Wireless System," Proc. IEEE Vehicular Technology Conf., vol. 3, 2000.
[15] E.F. Chaponniere, P. Black, J.M. Holtzman, and D. Tse, Transmitter Directed Multiple Receiver System Using Path Diversity to Equitably Maximize Throughput, US Patent No. 6449490, 2002.
[16] H. Kushner and P. Whiting, "Convergence of Proportional-Fair Sharing Algorithms under General Conditions," IEEE Trans. Wireless Comm., vol. 3, pp. 1250-1259, 2004.
[17] P. Rysavy, "Data Capabilities: GPRS to HSDPA and BEYOND," http://www.cingular.com/b2b/content/downloads DataCapa bilities_beyond.pdf, 2009.
[18] T.E. Kolding, "Link and System Performance Aspects of Proportional Fair Scheduling in WCDMA/HSDPA," Proc. Vehicular Technology Conf., 2003.
[19] S. Nanda, K. Balachandran, and S. Kumar, "Adaptation Techniques in Wireless Packet Data Services," IEEE Comm. Magazine, vol. 38, no. 1, pp. 54-64, Jan. 2000.
[20] 3GPP, "Radio Resource Control (RRC): Protocol Specification, 3GPP TS 25.331 Version 7.00," http://3gpp.org/ftp/Specs/html-info25331.htm , 2009.
[21] 3GPP, "Physical Layer Procedures: Protocol Specification, 3GPP TS 25.214 Version 7.00 Release 7," http://3gpp.org/ftp/Specs/html-info25214.htm , 2009.
[22] F. Kelly, "Charging and Rate Control for Elastic Traffic," European Trans. Telecomm., vol. 8, pp. 33-37, 1997.
[23] D. Tse and P. Viswanath, Fundamentals of Wireless Communication, first ed. Cambridge Univ. Press, 2005.
[24] M. Assaad, B. Jouaber, and D. Zeghlache, "Effect of TCP on UMTS-HSDPA System Performance and Capacity," Proc. IEEE Global Telecomm. Conf., 2004.
[25] J.-H. Choi, J.-G. Choi, and C. Yoo, "Analyzing the Impact of Proportional Fair Scheduler on TCP Performance," Proc. Fourth IFIP Int'l Conf. Network Control and Eng. for QoS, Security, and Mobility, 2005.
[26] M. Andrews, "Instability of the pf Scheduling Algorithm for HDR," IEEE Trans. Wireless Comm., vol. 3, no. 5, pp. 1422-1426, Sept. 2004.
[27] T.E. Kolding, "Link and System Performance Aspects of Proportional Fair Scheduling in WCDMA/HSDPA," Proc. Vehicular Technology Conf. (VTC), 2003.
[28] J. Yang, Z. Yifan, W. Ying, and Z. Ping, "Average Rate Update Mechanism in PF Scheduler in HDR," Proc. Global Telecomm. Conf. (Globecom), 2004.
[29] T. Bu, L. Li, and R. Ramjee, "Generalized PF Scheduling in Third Generation Wireless Data Networks," Proc. IEEE INFOCOM, 2006.
[30] P. Bender, P. Black, M. Grob, R. Padovani, N. Sindhushayana, and A. Viterbi, "CDMA/HDR: A Bandwidth-Efficient High-Speed Wireless Data Service for Nomadic Users," IEEE Comm. Magazine, vol. 38, no. 7, pp. 70-77, July 2000.
[31] R. Racic, D. Ma, and H. Chen, "Exploiting MMS Vulnerabilities to Stealthily Exhaust Mobile Phones' Battery," Proc. IEEE SecureComm, 2006.
[32] "Homebrew Mobile Phone Club," http:/telefono.revejo.org, 2008.
[33] D. Ilett and M. Hines "Skulls Program Carries Cabir Worm into Phones," http://news.com.com/Skulls+program+carries+ Cabir+worm+into+phones 2100-7349_3-5469691.html , 2009.
[34] Novatel, "Novatel Merlin u870 PC Card," http://www. novatelwireless.com/ products/ merlinmerlin-u870.html, 2008.
[35] K. Tuna, "Hacking EVDO," Proc. Defcon 15, 2007.
[36] H. Suzuki, "Statistical Model for Urban Radio Propagation," IEEE Trans. Communications, vol. COM-25, no. 7, pp. 673-680, July 1977.
[37] B. Goode, "Voice over Internet Protocol (VoIP)," Proc. IEEE, vol. 90, no. 9, pp. 1495-1517, Sept. 2002.
[38] H. Zheng, G. Rittenhouse, and M. Recchione, "The Performance of Voice over IP over 3G Downlink Shared Packet Channels under Different Delay Budgets," Proc. Vehicular Technology Conf. (VTC), 2003.
[39] K.I Pedersen, P.E. Mogensen, and T.E. Kolding, "QoS Considerations for HSDPA and Performance Results for Different Services," Proc. IEEE Vehicular Technology Conf., 2006.
[40] B. Wang, K.I. Pedersen, T.E. Kolding, and P.E. Mogesen, "Performance of Voip on HSDPA," Proc. Vehicular Technology Conf. (VTC), 2005.
[41] S. Shakkottai and A. Stolyar, "Scheduling for Multiple Flows Sharing a Time-Varying Channel: The Exponential Rule," Analytic Methods in Applied Probability, Am. Math. Soc., 2001.
[42] S. Borst, "User-Level Performance of Channel-Aware Scheduling Algorithms in Wireless Data Networks," Proc. IEEE INFOCOM, 2003.
[43] K. Kotapati, P. Liu, Y. Sun, and T.F.L. Porta, "A Taxonomy of Cyber Attacks on 3G Networks," Technical Report NAS-TR-0021-2005, Network and Security Research Center, Dept. of Computer Science and Engineering, Pennsylvania State Univ., 2005.
[44] F. Ricciato, "Unwanted Traffic in 3G Networks," ACM SIGCOMM Computer Comm. Rev., vol. 36, no. 2, 2006.
[45] A. Bovosa, "Attacks and Counter Measures in 2.5G and 3G Cellular IP Networks," Juniper White Paper, 2004.
[46] A. Sridharan, R. Subbaraman, and R. Guerin, "Uplink Scheduling in the EV-DO Rev. A System: An Initial Investigation," Sprint ATL Research Report Nr. RR06-ATL-080139, 2006.
[47] N. Agarwal, L. Chandran-Wadia, and V. Apte, "Capacity Analysis of the GSM Short Message Service," Proc. Nat'l Conf. Comm., 2004.
[48] W. Enck, P. Traynor, P. McDaniel, and T.L. Porta, "Exploiting Open Functionality in SMS-Capable Cellular Networks," Proc. 12th ACM Conf. Computer and Comm. Security (CCS '05), Nov. 2005.
[49] P. Traynor, W. Enck, P. McDaniel, and T.L. Porta, "Mitigating Attacks on Open Functionality in SMS-Capable Cellular Networkss," Proc. ACM MobiCom, 2006.
[50] P. Traynor, P. McDaniel, and T.L. Porta, "On Attack Causality in Internet-Connected Cellular Networks," Proc. USENIX Security Symp. (SECURITY), 2007.
[51] R. Knopp and P. Humblet, "Information Capacity and Power Control in Single-Cell Multiuser Communications," Proc. Int'l Conf. Comm. (ICC), 1995.
[52] X. Liu, E.K.P. Chong, and N.B. Shroff, "A Framework for Opportunistic Scheduling in Wireless Networks," Computer Networks, vol. 41, no. 4, pp. 451-474, Mar. 2003.
[53] V. Vukadinovic and G. Karlsson, "Video Streaming in 3.5G: On Throughput-Delay Performance of PF Scheduling," Proc. 14th IEEE Int'l Symp. Modeling, Analysis, and Simulation, 2007.
[54] A. Sang, X. Wang, M. Madihian, and R.D. Gitlin, "Coordinated Load Balancing, Handoff/Cell-Site Selection, and Scheduling in Multi-Cell Packet Data Systems," Proc. ACM MobiCom, pp. 302-314, 2004.

Index Terms:
Security, opportunistic scheduling, proportional fair, temporal fair, handoff.
Citation:
Radmilo Racic, Denys Ma, Hao Chen, Xin Liu, "Exploiting and Defending Opportunistic Scheduling in Cellular Data Networks," IEEE Transactions on Mobile Computing, vol. 9, no. 5, pp. 609-620, May 2010, doi:10.1109/TMC.2009.146
Usage of this product signifies your acceptance of the Terms of Use.