A New Security Method for 4G LTE Networks
4G networks have been popular for a few years. There are different services that are offered by the service providers to the customers over the telecommunication networks. A large amount of data is transmitted over the network which includes sensitive personal information of the users. A new security method is proposed in this investigation that secures the network from threats and attacks. The proposed method includes two phases of security – authentication, and encryption. The devices are authenticated using digital certificates. The encryption algorithm, particularly AES algorithm, is used for securing the data that is transmitted over the network. The hardware of the mobile device and the unique identity numbers are used to assign security protocols to each device. The proposed method is designed using the proven techniques in the research literature. The solution is analyzed and found to be efficient. There are different ways to test the design. However, it is considered the future scope.
Keywords: 4G networks, authentication, network security, encryption.
Purpose of the Study
The purpose of the study is to secure the 4G LTE networks with a new method/approach. This project is related to network security. The interconnection of many machines/nodes can be termed as a network. The source and destination in a network could be machine to machine, vehicle to vehicle (Vehicular Ad-hoc Network), mobile to mobile (Mobile ad-hoc network), etc. The research project is mainly concentrated on telecommunication networks. Mobile Ad-hoc Network is the type of telecommunication network. The motivation of this research project is as follows. The utilization of telecommunication networks is drastically increasing day to day. Nowadays, telecommunication is one of the most popular network communication that almost every user has been using it. Real-time telecommunication network is facing some serious issues such as security, performance, traffic congestion. The research project is concentrated on traffic congestion issue. The research project proposes a novel method that uses AES encryption to enhance the performance of 4G networks.
The research for this project is based on the findings and proposed solutions from Tu, Li, Peng & Lu, (2015), D and Durga, (2017), and Kaul, Choudhari & S K, (2014). The proposed solution will be a new approach to handle the issues of security during data transmission and privacy protection. The design will be new and evidence from peer-reviewed articles will be used for analysis.
Justification/Significance of the Study.
Network security is the issue focused in this project. 4G networks are the most widely used new technologies in the telecommunication area. Millions of users use the networks for wireless connectivity. Such a network requires updated security for the users’ data. The increased number of reports on security attacks demand research on the security issues. This research is beneficial for the users of the networks and contributes to the research in this area. Thus justified.
New knowledge of this research project is a new system which uses an architecture based on public key generation and authentication, upon which a AES encryption algorithm is used for data security. The additional requirement of privacy protection is handled using digital certificates at SIM level.
The verification of the proposed methods is based on the knowledge of the existing research. Theoretical analysis method is used. The analysis focuses only on the security difference between the existing methods and the proposed method. The details of the simulations and implementation will be discussed with the available tools.
The traffic congestion issue is addressed using the proposed hybrid combination of the solution. The AES encryption method is planned to be tested using any existing online service. However, customization of the service would not be possible. Theoretical approach is used in that case.
The proposed solution follows the research method – Developing a new framework or hybrid/combined solution approach using two or more existing techniques, methods, or processes. The authentication and encryption method for data security are combined into one system that is an enhancement over the existing methods.
- Investigation of the literature
- Follow the standard methods to understand the current state of research in the field.
- List and study each method/technique used in the design of the solution
- Combine the techniques to create a new/original design.
- Study the outcomes and analyze – The proposed design is validated using the comparison methods. The results from the literature are compared with the proposed design and the simulation details are discussed.
Assumptions of the Study
It is assumed that the software tools available can be used to implement the proposed system. The AES encryption taken from available sources are assumed to be accurate.
Definitions of Terms and Concepts
- Long Term Evolution (LTE) – LTE is defined as a new generation telecommunication standard that has high speeds and better security compared to previous generation telecommunication standards.
Wireless telecommunication networks and 4G networks are the focus of this project. The security aspect of wireless networks is a much-debated topic. 4G networks are the latest entrant to the telecommunication standards which are extensively used by the users globally. 4G is the successor of 3G networks which uses ultra-broadband internet access for high-speed internet connectivity. The fundamental difference between 4G and its predecessors is that it uses IP based data transmission for data and telephonic services (Viswanathan, 2016). Telephonic services such as calls and messages are also sent over the data band and not separate channels. This reduces the costs of the services drastically. The use of such modern services needs strong security so that any attacks do not disturb the performance or steal the data.
Research in this field is available from the literature. Security methods, techniques, and approaches used for the design of the proposed solution has been taken from the literature studies. Tu, Li, Peng, and Lu, (2015) have described how voice call technology is a security threat for the latest 4G networks. The two technologies used in 4G LTE networks are Circuit-Switched FallBack(CSFB) and Voice Over LTE (VoLTE). These technologies work in different ways. VoLTE can pose a security threat by launching silent call attacks and draining the battery of the device sooner than expected. The CSFB method is vulnerable to the switch based attacks. Performance attacks, Denial of Service (DoS). The architecture of 4G network uses Random Access Network (RAN) which connects the user and the telephone network. The architecture of the network is such that it is vulnerable to attacks. The vulnerability of the architecture has been tested by designing the attacks and evaluating the performance. An attack has been designed so that the user device is forced to stay in the high-power RRC state for a long while. This state is continued by sending messages continuously to the device. Silent automatic calls will be placed using the VoLTE server which will indirectly control the device and deny any other legitimate operations. The evaluation of the process is carried out, and it was found the effect is same in case of both CSFB and VoLTE. This issue is located in the design of the system that controls the signaling. The proposed design solution addresses this issue by using a hybrid approach which modifies the architecture and network level approach.
The packet level security using encryption for securing the network and privacy of users is the next step in the design. The security methods used in 3G networks are not powerful to withstand the attacks in 4G networks (Ekene, Ruhl & Zavarsky, 2016). PKI method of encryption is used for authentication and encryption of the data using digital certificates. Trusted certificates which use advanced encryption standards are used in this method to secure the system. The IP nature of the 4G networks allows easy updating of the encryption based methods. This approach has been proven by the authors to be effective in securing the network level data and the user data for additional privacy. Thus, this method is adopted in the design of the proposed solution. The details of the method and the process involved will be explained in the design section of the project.
The architectural level, network level, and the data security aspects are covered. However, the data transmission process is ignored in the previously discussed methods. Kaul, Choudhari, and Narayankhedlkar, (2014) have proposed an enhancement for the data transmission. The encryption method is proposed with modifications to the standard AES algorithm. The concept of S-box is used in which the cipher key and the performance is secured using the algorithm. This system has been tested in comparison with the AES and is found to be effective. This method accurately fits in the design of the solution by filling the gap of data transmission. Key management is the primary module in this design which manages the encryption module and the channel before sending the data to the receiver. The modulation techniques used in the channel module are not discussed in detail, but the concentration is on the cipher text and hash algorithm.
The only connection left in the process of securing the 4G networks for complete security is the authentication at the user level. Niranjani and Durga, (2017) describe different levels of security – application security, network access security, and user security in the telecommunication networks. These levels are secured by the proposed design except for the authentication. The user authentication process uses encryption but with a different algorithm. It is thus possible to have one encryption module to secure most of the modules in the proposed design. Elliptic curve Diffie-Hellman and Neighbor Authentication are used for authentication. There are different stages in which the initiation messages are sent, encrypted at device and base-station level before the process is completed. This method does not discuss security at data transmission, network, or architecture level.
The literature clearly shows that the available methods are specific with no direct connection to other approaches. However, the proposed design uses these methods to create an overall solution for the security of the 4G LTE networks.
Overview of the Research Design and Methods
4G networks are enhanced in security aspect with the proposed hybrid network solution. There are different types of security approaches used in the literature. The design of the proposed solution uses AES-based encryption and packet system authentication together with clustering method to ensure that the security is addressed at all levels. The details of the proposed design solution include different phases in which the solution is explained. The security threats that are to be detected and mitigated by the proposed solution are also discussed. The evaluation process and the outcomes of the solution are discussed in the findings section.
Description of the Subject Matter
The chief attributes of 4G are radio traffic, quality of service, high dynamism, application adaptability. The 4G system should be able to deliver proficiencies defined by International Telecommunications Union (ITU) in International Mobile Communications (IMT) Advanced. The International Telecommunications Union -Radio communication sector (ITU-R) has stated a set of necessities of 4G standards, named the International Mobile Telecommunications Advanced (ITU-Advanced) requirement, mounting the top speed specifications for the 4G service for a flexible communication and 1 gigabit per second for (Gbit/s) for low flexibility communication at 100 megabits per second (Mbit/s) for high portability communication and 1 gigabit per second (Gbit/s) for low portability communication. A 4G system does not aid the conventional circuit-switched telephone service, contradictory to the earlier generation systems. The IP Core network has many more rigorous necessities; it is further evolved to aid high data rates, to provide progressive application services, to provision and organize itself and the radio network proficiently. The peak bit rate is further enhanced by intelligent antenna ranges for Multiple-Input Multiple-Output (MIMO) (Kumar Singh & Singh, 2016).
The use of 4G service is comparable with the 3G service providing a higher data transfer rate. Thereby, providing with more speed-intensive applications or more users to sophisticate a decent speed throughout the time only if it is connected to one carrier. The 4G system intends to provide 4G radical high-speed access to internet, Multiple User Video-conferencing, 4G Location-based-services, 4G Tele-medicines, develop the Mobile Network Architecture, allow short-range Ad Hoc networking amid wireless devices, develop the IMT-2000 Code Division Multiple Access (CDMA) technologies, and to make notable betterments in terms of safety and adaptability.
Network Architecture of 4G- The design of 4G network appears to be similar to the 3G design. However, there are substantial progressive deviations. The circuit-switched requirements are terminated in 4G and are left out. The Mobile Switching Center (MSC) used in the 2G network for voice traffic is considered as packet data at the Bast Station (BS). The in-reverse consonance is upheld by the subdivision of voice data into packets and by routing them over the IP backbone by means of Voice Over Internet Protocol (VOIP) technology. The Public Switched Telephone Network (PSTN) or Integrated Services Digital Network (ISDN) is connected by the VOIP Gateway. There is no requirement of a Control Module (CM) is all the interfaces are air interfaces in this structure. The architectural representation of the structure of 4G is given below.
Figure 1. Architecture of 4G Cellular Network (Kumar Singh & Singh, 2016)
The Advanced Encryption Algorithm practices are more often used owing to its high efficiency and minimalism. Presently, there are three cipher suites in 3rd Generation Partnership Project (3GPP) Universal Mobile Telecommunications System (UMTS) systems, which involve a block cipher Kasumi and two-stream ciphers SNOW 3G and ZUC.
In the Wireless 4G LTE network, the 128-bit AES algorithm is the favored choice as it has endured a secure observation compared to other encryption algorithms. The 168-bit Digital Encryption Standard is mostly used in WiMAX standards as it stipulates that, over-the-air transmissions must be encrypted (Kaul, Bharadi, Choudhari, Shah & Narayankhedkar, 2015).
General Background Information
A Network is a minimum of two liberated devices having the capability of communicating with one another. Without networks, there could be no communication between devices, sending/ receiving email, web browsing, download of files, etc. The automated transfer of data over distances is called as telecommunication. This transmission of data has become fundamentally indivisible from computers and other devices. Telecommunication networks are the communication systems that facilitate information that should be transmitted in the form electromagnetic or optical signals called carrier waves, which are modified into analog or digital form amid countless sites. This information transmitted/ to be transmitted can be in the form of text, images, video, etc. Telecommunication network his basically composed of five components namely: Terminals for network access; Computers for processing the information; Telecommunication links for the formation of a channel across which the information is conveyed from the device of a sender to the device of a receiver; Telecommunication equipment for the simplification of information that needs to be transmitted; Telecommunication software for supervising the transmission of information across the network (“Telecommunications”, n.d.).
The 4G LTE (Long Term Evolution) is the most recent cellular network technology that offers worldwide wireless access to devices like phones, laptops, etc. It is being designed for an increase in the security and maintaining the reliability in communication. It is completely Internet Protocol (IP) based as it exclusively functions on Transport Control Protocol/Internet Protocol (TCP/IP). Because of this, it offers ample high access speed. Unlike the 3G system, which aids dual modes of circuit-switched (CS) and packet-switched (PS) operations, the LTE uses only packet-switched operations. This resolution is partially stimulated by the success of Internet technology, and partially by the volatile insistence of cellular broadband services (Tu, Li, Peng & Lu, 2015).
The 4G systems aid the next generation of cellular phones as well as the static wireless networks. 4G technology endeavors to develop, assimilate and merge the current 2nd Generation (2G), 3rd Generation (3G), Wireless Local Area Network (WLAN), program, short-range and to fix the static wire systems into a single, and completely functional network. The 4G network is highly efficient, flexible, independent and secure to aid the mass of the current and the upcoming services and to incorporate with the various other networks. It provides complete congregated services at data rates of up to 100 Megabits Per Second and pervasive cellular access to various user devices independent networks. 4G is fundamentally an upgrade, and enhancement of several existing technologies which include IMT-2000, W-CDMA, GPRS, Bluetooth, Wireless LAN, etc.
The electronic transmission of data across distances is telecommunication. It is practically indivisible from workstations. This data can be in the form of telephonic calls, text messages, images or video. A telecommunication network is the classification of computing and telecommunication services for the purpose of communication of data between distant places. A telecommunication network comprises of the given modules- Terminals for obtaining the network, workstations that process the data and are linked by the network, Telecommunication links that create a channel across which the data is transferred from the device of the sender to the device of the receiver, Telecommunication equipment that expedites the transmission of data, Telecommunication software to regulate the transmission of messages over the network.
Wireless communication is one of the most significant modes of transference of data/information from one device to another. The information can be transmitted through air by electromagnetic waves such as Infrared, satellites, Radio-frequency, etc., and does not need cables, wires or other electronic instruments. Presently, wireless communication technology addresses a range of wireless communication devices and technologies extending from smart phones to PCs, tablets, printers etc. Wireless communication systems have become an integral part of several kinds of wireless communication devices that allow users to communicate with other devices even from remote areas. The various types of wireless communication mostly embrace Infrared wireless communication, Wi-Fi, broadcast radio, Microwave radio, Bluetooth, satellite communication, etc.
In the Infrared wireless communication, the transmission of information takes place through IR radiation. Infrared is an electromagnetic energy of a wavelength longer than that of red light. This is used for short range communications, Television remote controller, security control, etc. IR radiation lies between visible light and microwaves in the electromagnetic spectrum. Thereby, they can be used as a source of communication. A photo LED transmitter and photo diode receptors are needed for effective infrared communication. These LED transmitters transfers the IR signal in the form of invisible light that is grabbed and hoarded by the photoreceptor. In this way, the information is transferred between the source and the destined target.
Bluetooth technology allows users to connect several electronic devices to systems without wires or cables for transmission of data. It is also a low-power wireless connection used to transfer and broadcast data, stream audio, etc. Basic Rate/Enhanced Data Rate and Low Energy are the two zests of Bluetooth
Wi-Fi is a wireless communication with a low-power used by numerous electronic devices like PCs, smartphones, etc. In this system, a router works as a wireless communication hub. This network enables the users to connect to the network only within close vicinity to a router. Some of the advantages of Wireless communication are that data can be transmitted faster and at a high speed, maintenance and installation costs are relatively less. 4G networks provide relatively more coverage compared to other systems like Wi-Fi which powers users to rely on hotspots. They support voice calls, video streaming, multimedia transfers and several other broadband services. It also offers Quality of Service driven facilities, and has improved spectral competence.
Wireless technologies which are used in 4G are Orthogonal Frequency Division Multiplexing (OFDM), Ultra-wideband (UWB), Smart antennas, adaptive modulation and power control, etc. (Agarwal, 2014)
Detailed Description of the Problem/Design Solution
A detailed explanation of the security issues in 4G networks and the existing security measures to overcome the issues are required to understand and appreciate the proposed method. The inbuilt security architecture of the LTE networks allows IP interconnectivity with the networks available for public usage. This network architecture is based on the principles of GPRS infrastructure. An important component of LTE network is the Evolved Packet System (EPS) which is based on Evolved Packet Core (EPC). The architecture, arrangement of components and the interconnections are shown in figure 1. There were many evolutions in terms of the improvements for the architecture. The evolutions aimed at managing the load in an efficient manner and minimizing the latency of the network. The number of entity nodes were simplified and reduced to two network elements. They are NodeBs and EPC. Another major difference between 4G and its predecessors is the separation of the control plane and the signaling interface. The default architectural arrangement has also enabled vulnerabilities to the network.
Vulnerabilities and threats in LTE networks such as availability, confidentiality, and integrity are explained as relevant to the proposed research design. The security threats that affect the network target the
- User identity and privacy – This is the most common threat that steal the data and uses the user and mobile equipment identities to utilize network resources. This type of threats also gains illegal access and uses the security keys to modify the parameters.
- Base station, handover, and broadcast threats – The network signal could be forced to use a compromised network so that the data can be stolen. Also, a fake broadcast signal is transmitted to the network users to get instant access.
- Availability – The issue with the network is the ability to handle the number of users without performance degradation. This issue is prevalent in 4G networks as the number of users that use a particular network is not easily predictable. The load is also unpredictable. However, the machine learning techniques are able to predict the load to some extent but not accurately. It is possible that the availability of the network could be misused to launch a flooding attack such as DoS attack. These attacks flood the network with fake requests and utilize the resources and deny the network for legitimate users. It is required to stop these attacks and the proposed security design can be modified to stop DoS attacks.
Confidentiality – Among several security vulnerabilities, confidentiality is important because of the precious information that is transmitted over the network and the negative effects of the stolen data. Encryption is the most efficient method to prevent the attacks that affect the confidentiality parameter. Extensible Authentication Protocol for Authentication and Key Agreement (EAP-AKA) is used in the literature which uses symmetric key that is shared between the user equipment and the network architecture. There are a series of key that are generated to secure the information so that the attackers find it difficult to decode the data in its original form. The attacks are also advanced because the literature proves that the 128-bit encryption is also cracked. The proposed design is thus a new method which enhances the available security methods. (Bikos & Sklavos, 2013)
Figure 2. LTE architecture (Bikos & Sklavos, 2013)
The proposed security design for LTE networks is based on hybrid approach. There are a few approaches that are combined in the design of the proposed solution. This section is designed such that the individual techniques are explained, and then the final design solution is discussed. The evolution of the LTE architecture reveals that Non-Access Stratum and (NAS) and Access Stratum(AS) are the security protocols used in the technology (Ekene, Ruhl & Zavarsky, 2016).
The Evolved Packet System Authentication and key Agreement (EPS-AKA) uses advanced level of security protection for the networks. The 4G networks use the IP address of the phone to establish the communication of the system. The UE registration process which is necessary for the device to connect to the network is initiated before the request is sent to obtain the International Mobile Subscriber Identity (IMSI). The Mobile Management Entity(MME) forwards the access request and uses a pre-shared key that is used to secure the data in the first phase. The authentication process starts when the HSS is triggered, and a random number is generated for the authentication token. UE, MME, and HSS are the three components used in the authentication process. MME sends a user identity request in the first step. This is acknowledged, and a response is sent from the UE in the form of IMSI or GUTI. The third step is the authentication data request from MME to HSS. The details included in the data request are IMSI, SN identity, and network type. At this point, authentication data response is sent back to the MME. The user authentication request and the response are exchanged between UE and MME. The comparison of the message and the response is used to as the security method. If there is any difference in the data packet sent after valid authentication. The data is suspicious, and the details are computed.
Figure 3. PKI security method and certificate distribution (Ekene, Ruhl & Zavarsky, 2016)
The design of the proposed solution is dependent on the security enhancement solution proposed by Kaul, Choudhari, and Narayankhedlkar, (2014). The data transmission step of the previous method does not use any specific encryption algorithm. AES encryption is used in this step to enhance the solution. This method is used in the following method in the design solution. A combination of key length and data, both 256-bit long, is used as the input for the AES module used. The standard AES encryption is used in the for both encryption and decryption process. The concept of S-box is used in this process which processes the dynamic data and sends it to the encryption module. The input data of 256 bits is split into two blocks of equal length. The AES section and round structure are each given the 128-bit data sequence. The output data is sent to the next block until they are finally combined to form 256 bits cipher.
The output of the encrypted data is clustered using self-organized optimization method. The literature evidence on the hybrid approach of the proposed solution is taken from the work of Tu, Li, Peng, and Lu (2015) and Niranjani and Durga (2017).
Figure 4. Mechanism of Dynamic S-box with AES (Kaul, Choudhari, & Narayankhedlkar, 2014).
The proposed design is based on the solutions proposed and proven in the literature. The Evolved Packet System Authentication method has been tested for its efficiency and found that there is significant improvement in the detection of attacks such as the attacks that steal location data. The security threats and attacks related to data privacy are addressed in the implementation of AES based security method. The proposed solution could be validated using similar experimental setup used in the research literature. The individual results are the basis upon which the solution is simulated and tested.
A. Findings Overview
The results of the research project are a hybrid security method for 4G LTE networks. The data in the LTE networks are prone to threats and attacks. The proposed solution works sequentially using different components. Authentication, encryption, and privacy preserving methods are used in this design. Authentication prevents access by the unauthorized users, encryption secures the data transmitted over the network, and the privacy-preserving methods secure the sensitive personal data.
B. Description and Explanation of the Results
The security method proposed uses authentication for the security of the data. The first block of the design is the module which uses encryption for authentication. The authentication method uses public keys for security. The public key generation mechanism uses mobile node that receives the details of the public key on broadcast channels. The first step is to encrypt the data packet, send data and the public key to the base station. The base station then decrypts the data and validates it. There are other parameters that are used such as response token, cipher, key, and public keys of the base station and mobile nodes. The authentication process used in the proposed solution offers user authentication, hop by hop authentication and a new scheme called neighbor authentication. These keys are used appropriately at each stage. Upon validation, the mobile node generates its public key which is sent to the base station after encryption.
The Elliptic curve Diffie–Hellman (ECDH) protocol used in the design authenticates the nodes such as mobile node and base station. This method secures the overall network and the data transmitted. The validation is carried out by the user equipment. Cell phones or smartphones are the user equipment in this case. The hop to hop authentication is the next step in the process where the first hop broadcasts different parameters. The Master Information Block (MIB), System Information Block (SIB), Broadcast Channel(BCH) are broadcasted. Each of these parameters are used for different steps in the encryption process. The mobile node which requests the connection between itself and the base station must use a public key that was generated in the previous step. A RAP message is used for the transmission which uses base station’s public key. This step marks the first step in which the initial transactions are complete. The user equipment monitors the messages that are transmitted. The RAP message is encrypted, this time, with the mobile node’s public key. The security of the data transmission is verified by matching the ID of the sent and received messages. The UE rejects the data if the keys and ID do not match. When the base station and mobile node have established communication between each other, the channel is open for data transmission using a secure pathway.
The privacy-preserving method of the proposed design works on public key infrastructure. The encryption method used in authentication of the previous method is extended for the privacy method. The only difference is the digital certificates that are used for additional security. The root authority and the network operator exchange the private key that is a certificate signed. This message is authenticated using the previously discussed method, and the device is finally authorized, the difference is that the privacy method.
The data transmission security uses AES standard to secure the data. Multiple stages of AES algorithm are used at 128 bits and 256 bits which secures the data to a higher level. The final design solution of this project is, thus, a three-stage security method. Authentication, privacy-preserving using certificates, and data security using certificates and AES mechanism.
C. Verification and Validation of the Findings
The verification of the findings is carried out with the base from literature. There are several software tools that could be used to check the results. Also, websites offer the encrypted values of the data.
The verification of the findings is compared with the results in the literature for the following types of data.
1. Plain text.
Size – 82 bytes, Number of bits – 656, Key – “enhanced aes key”
Results – Encryption times for AES, AES with dynamic S-box, and AES in Round structure with dynamic S-box were 0.015781, 0.020823, and 0.117755 seconds respectively.
The decryption times for AES, AES with dynamic S-box, and AES in Round structure with dynamic S-box (256 bit) were 0.007095, 0.015011, and 0.058868 respectively.
Size – 2.35 KB, Number of bits – 19328, Key – “enhanced aes key”
Results – Encryption times for AES, AES with dynamic S-box, and AES in Round structure with dynamic S-box (256 bit) were 0.143448, 0.131587, and 0.117755 seconds respectively.
The decryption times for AES, AES with dynamic S-box, and AES in Round structure with dynamic S-box (256 bit) were 0.149601, 0.031739, and 0.058868 seconds respectively.
3. Audio file
Size – 3.54 KB, Number of bits – 29040, Key – “enhanced aes key”
Results – Encryption times for AES, AES with dynamic S-box, and AES in Round structure with dynamic S-box (256 bit) were 0.303072, 0.262021, and 0.249222 seconds respectively.
The decryption times for AES, AES with dynamic S-box, and AES in Round structure with dynamic S-box (256 bit) were 0.051795, 0.043913, and 0.22978 seconds respectively.
The results show that the availability and the size of the file plays an important role in the encryption timing and the proposed design solution if simulated using the required tools could show significant improvement in the results.
D. Implementation Requirements
The implementation of the project solution requires computer with a minimum configuration of Windows 7, Intel i5, 4GB RAM and Matlab 2013a. These requirements are for the data transmission security method. The AES algorithm could be implemented using the online or offline tools available. Different version of AES could be tested for verification. AES, AES with dynamic S-box, AES in Round structure with dynamic S-box algorithms with 128, 128, and 256 bits respectively are used for the simulations.
Different types of data such as image, audio, and video files are encrypted and transmitted over the secure channel. The results are checked and compared for each version of AES. The network simulations could require simulators such as Opnet and telecommunication channel specifications.
Restatement of the Problem
4G networks have been used throughout the world for high-speed wireless data transmission. The widespread use of the technology attracted the hacking community to steal and misuse data. The amount of personal and sensitive data transmitted over the network increases the security risks. The research loophole of encryption and authentication based security method for 4G networks is the issue addressed in this research project. The user level and data level security are the hybrid security approach of this research project.
New Knowledge Discovered
A hybrid solution is proposed. Authentication and data security are used in the design of the solution. Additionally, a privacy-preserving method is part of the solution. The public key authentication method is used in which the base station and mobile node exchange the keys. The data that is sent from the mobile device is accompanied by a public key. The validation of data takes place, and then the base station authorizes the transmission. A standard protocol called Elliptic curve Diffie-Hellman (ECDH) is used in the design. This protocol uses hop to hop authentication.
To preserve the private data, private key and digital certificates were used. Since the private data required an additional layer of security, the private key exchange is used. The sensitive data uses public key encryption like the rest of the information encrypted and uses private key encryption for private data only. This data security method has not used a hybrid approach in the literature. The proposed solution uses AES encryption algorithm for data encryption. The use of 218 and 256 bits data encryption in multiple stages offer an advanced level of security.
Significance of the Findings
The proposed security method covers most of the issues that are prevalent in the 4G networks. Public data and private data are transmitted over the 4G networks. These data are sent to the users over a network channel. The security of the data is offered separately for both private and public data. The findings of this project are significant because the solution addresses the issues with a standard set of solutions identified and combined in a specific way. There are several advantages and applications of the proposed design.
The digital certificate method module exchanges information between the authority and the device using the subscriber identity module. Unique keys and acknowledgments are used for each user. The encryption module uses several iterations until the final key is generated. This set of security methods and the flow provides an enhanced solution in the field of wireless networks.
Limitations of the Study
128-bit and 256-bit encryption require high-end hardware for encryption and transmission.
The overall outcome of the project is not tested. The results and the incompatibility between protocols should be rectified.
Recommendations for Further Investigation
The security method requires being simulated after modeling and derivation of the parameters. Implementation is the next step in the process.
Agarwal, T. (2014) Wireless Communication Technologies Types and Advantages. Retrieved 4 December 2017, from http://ww.efxkits.us/different-types-of-wireless-communication-technologies.
Bikos, A., & Sklavos, N. (2013). LTE/SAE Security Issues on 4G Wireless Networks. IEEE Security & Privacy, 11(2), 55-62. http://dx.doi.org/10.1109/msp.2012.136
D, N., & Durga, G. (2017). Distributed security architecture for authentication in 4G networks. 2016 IEEE International Conference on Advances in Computer Applications (ICACA). http://dx.doi.org/10.1109/ICACA.2016.7887967
Ekene, O., Ruhl, R., & Zavarsky, P. (2016). Enhanced User Security and Privacy Protection in 4G LTE Network. 2016 IEEE 40th Annual Computer Software and Applications Conference (COMPSAC). http://dx.doi.org/10.1109/compsac.2016.108
Kaul, V., Bharadi, Choudhari, Shah, D., & Narayankhedkar. (2015). Security Enhancement for Data Transmission in 3G/4G Networks. 2015 International Conference on Computing Communication Control and Automation. http://dx.doi.org/10.1109/iccubea.2015.25
Kaul, V., Choudhari, P., & S K, N. (2014). Security enhancement for data transmission in 4G networks. 2014 5th International Conference – Confluence the Next Generation Information Technology Summit (Confluence). http://dx.doi.org/10.1109/CONFLUENCE.2014.6949278
Kumar Singh, R., & Singh, R. (2016). 4G LTE Cellular Technology: Network Architecture and Mobile Standards. Ermt.net. Retrieved 9 November 2017, from https://www.ermt.net/docs/papers/Volume_5/12_December2016/V5N12-118.pdf
Niranjani., & Durga, G. (2017). Distributed security architecture for authentication in 4G networks. 2016 IEEE International Conference on Advances in Computer Applications (ICACA). http://dx.doi.org/10.1109/ICACA.2016.7887967
Tu, G., Li, C., Peng, C., & Lu, S. (2015). How voice call technology poses security threats in 4G LTE networks. 2015 IEEE Conference on Communications and Network Security (CNS). http://dx.doi.org/10.1109/CNS.2015.7346856
Viswanathan, P. (2016). What is a 4G Mobile Network?. Lifewire. Retrieved 3 November 2017, from https://www.lifewire.com/what-is-a-4g-mobile-network-2373351