Location-based early detection and prevention of DDoS attacks in mMTC networks

The Random Access (RA) procedure of the current 3GPP cellular network has been adopted for small data packet transmissions by massive Machine Type Communication Devices (MTCDs). However, the initial steps of the RA procedure lack an authentication mechanism, making it susceptible to Distributed Denial of Service (DDoS) attacks, particularly in massive access scenarios. In these cases, attackers can hide among a large number of legitimate stationary devices with limited processing capabilities, such as installed sensors or smart meters. To address this issue, this paper proposes an early DDoS attack detection and prevention method that leverages the Timing Advance (TA) information from stationary MTCDs. The proposed method detects the approximate location of malicious devices sending consecutive preamble codes and blocks them by withholding Resource Blocks (RBs) during the RA procedure. Numerical results from a simulated Physical Random Access Channel (PRACH) for Machine Type Communications (MTC), considering noise and multipath effects, demonstrate the effectiveness of the proposed method in detecting and mitigating DDoS attacks. Under intense attack scenarios, the proposed method effectively identifies network attackers while reducing RA delay and RB consumption for MTCDs by approximately 50% compared to the baseline. This improvement enhances overall network performance and sustainability.