Research On Security Framework Of 3G Mobile Communication Network

With the development of the mobile communication technology, the mobile communication network has been to a crucial network system to the information communication now. The third generation of the mobile communication (3G) is a new technology carried out recently and will replace the current mobile communication network step by step. The 3G mobile network is more open, and can provide much more services and contents than before. It can bring people the most exciting experience, as never before, at the same time the information security challenges, which 3G mobile network faces, also occur.The 3G mobile network is a public network which develops towards all-IP. This leads to much more threats includes some only exist in the internet before and makes it easy to be attacked by hackers. Therefore, the research on the information security of 3G mobile network is necessary and significant.Base on the developed static evaluating method, this dissertation has proposed a novel security framework of 3G mobile network which is applicable to guide the construction of the security system of 3G mobile network, and to select the security measures. At the same time, a dynamic evaluating module is adopted in this dissertation to make the security framework adapt to the dynamic security circumstance of 3G mobile network.The main research of this dissertation can be summarized as follows:(1) The features and requirements of the mobile communication operating network have been deeply analyzed, and a security framework of 3G mobile network has been proposed. There are seven modules in this framework, including the static evaluating module, the dynamic evaluating module, the circumstance security evaluating module, the risk and cost assessing module, the threat library, the optional security measures library and the implemented security measures library. The seven modules are combined via the two strategies of the static evaluating strategy and the dynamic evaluation strategy. In the static evaluating strategy, the threats and vulnerability are focused and the optional security measures library is built, the reasonable implemented security measures are selected through the assessing of the risk and cost. In the dynamic evaluating strategy, the conception of the dynamic evaluation based on the anomaly detection and analysis is introduced, and the detection threshold of the dynamic evaluation module can be adjusted to find the anomaly behavior.(2) Towards the 3G mobile communication network, the actual implementation plan to construct the security framework is proposed based on the security framework proposed in this dissertation. According to the static evaluating strategy, each security dimension request in various networks territory is produced, the network and terminal user's threats are analyzed in detail, the threat library and the optional security measures library have been built, and the reasonable implemented security measures are selected through the assessing of the risk and cost. And according to the dynamic evaluating strategy, the adjusting and the designing plans of the dynamic evaluating module are proposed according to the network security circumstance. Finally, the whole implementation plan towards the 3G mobile communication network has been presented.(3) Towards the dynamic evaluating module the security framework, an anomaly detection method based on the statistical analysis is proposed in this dissertation which can be applied in the unknown malicious script detection. The experiments have been done on the Internet script viruses, the results of the experiment proved that this anomaly detection method is efficient for the detection of the unknown and various script viruses. This method can be used in the dynamic evaluating module to detect the unknown mobile script viruses in the 3G mobile communication network.(4) Towards the dynamic evaluating module the security framework, a negative selection algorithm with variable length detector is proposed in this dissertation. This algorithm is a general anomaly detection method, and is applicale in the anomaly detection in 3G mobile communication network. Compared with the traditional negative selection algorithm, this algorithm has eliminated the "holes", optimized the detectors, and enhanced the algorithm's performance. The results of the concrete simulation experiments showed that the performance of the negative selection algorithm with variable length detector is better than the traditional negative selection algorithm.Now, the security system's building of 3G mobile communication network is an important problem need to be solved soon. The research of this dissertation is focused on the security framework of 3G mobile communication network, and it is very significant to to construct the secure 3G information system in our country.