DoS Attacks in UMTS Equipped with GAA as a Security Service for Multimedia Applications

The Universal Mobile Telecommunication System (UMTS) security architecture is acknowledged as an example of the principle of ‘good enough’ security, because of the right balance among cost-effectiveness, security and usability, but UMTS has weaknesses that can lead to security incidents in the multimedia applications. In this paper, we study the security architecture of UMTS network and the structure of Generic Authentication Architecture (GAA) as a security service. Then the vulnerabilities of both UMTS security architecture as well as GAA are investigated to present the Denial of Service (DoS) attack scenarios. These vulnerabilities can be used by an attacker to trig DoS attack scenarios. The attack scenarios in UMTS and GAA are based on signaling attacks. Finally, DoS scenarios are applied to a web shopping plan which has used GAA.