To provide a mobile device wireless last hop access to packet switched networks, authentication is a necessary pre-requisite for most charging and billing solutions. A lot of work has already been done to establish an initial user and device authentication both within a single administrative domain and across several administrative domains. Unfortunately, initially authenticating the mobile device and even ensuring mutual authentication with the involved access-router does not prevent all types of fraud. Similar to the well-known IMSI-Catcher attack in GSM networks, a malicious mobile node in IP-based networks may spy on the IP-address of a node with access to the wired part of the network. Such an attack is of considerable advantage for a malicious node since it can send traffic free of charge, masquerading as the mobile node by spoofing its IP-address. In this paper, we evaluate different existing protocols to prevent such fraud and finally propose, by presuming an initial device authentication, a new low-cost packet originator verification for accessrouters. Such an approach suits realtime-responsive traffic and is even extendable to support the metering of traffic per device over different access technologies. © Springer-Verlag Berlin Heidelberg 2003.
CITATION STYLE
Lamparter, B., & Westhoff, D. (2003). A low-cost packet originator verification for metering at access-routers. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2816, 287–297. https://doi.org/10.1007/978-3-540-39405-1_26
Mendeley helps you to discover research relevant for your work.