Scribd Logo
Upload

Welcome to Scribd!

  • UE Signaling Control

    Uploaded by

    Ahmed
    47 views12 pages

    Original Title

    UE Signaling control

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    47 views12 pages

    UE Signaling Control

    Uploaded by

    Ahmed

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 12

    UE Signaling Control

    Technical Product Description

    57/221 02-AXB 250 05/8 Uen AU


    Copyright

    © Ericsson AB 2012–2018. All rights reserved. No part of this document may be


    reproduced in any form without the written permission of the copyright owner.

    Disclaimer

    The contents of this document are subject to revision without notice due to
    continued progress in methodology, design and manufacturing. Ericsson shall
    have no liability for any error or damage of any kind resulting from the use of this
    document.

    57/221 02-AXB 250 05/8 Uen AU | 2020-11-30


    Contents

    Contents

    1 UE Signaling Control Overview 1

    2 High Message Rate Detection 4

    3 UE Signaling Control Modes 5


    3.1 Measurement Only Mode 5
    3.2 Measurement and Control Mode 5

    4 Operation and Maintenance 7


    4.1 Parameters 7
    4.2 Counters 7
    4.3 Logs 7
    4.4 Toolbox 7
    4.5 EBM 8

    57/221 02-AXB 250 05/8 Uen AU | 2020-11-30


    UE Signaling Control

    57/221 02-AXB 250 05/8 Uen AU | 2020-11-30


    UE Signaling Control Overview

    1 UE Signaling Control Overview

    The license-controlled feature UE Signaling Control in the SGSN-MME for the


    GSM, WCDMA, and LTE access types UE Signaling Control is used for measuring
    and optionally controlling request messages of high rates from the same UE.

    The SGSN-MME identifies whether a request is from the same UE based on the
    UE identity, which can be permanent or temporary, see page 1.

    The messages are measured and controlled according to configured rules. A rule
    is configured per message type and access type, and can be performed for all UEs
    served by the SGSN-MME or the UEs in one or more specified UE device groups.

    Table 1 UE Identity
    GSM WCDMA LTE
    Permanent UE IMSI IMSI IMSI
    identity
    IMEI/IMEISv
    (only for
    Emergency
    Attach).
    Temporary UE P-TMSI and RAI P-TMSI and RAI GUTI
    identity

    Note: The SGSN-MME can receive a different temporary UE identity for the
    same UE in the inter-node Attach Request, Inter-RAU Request, and
    inter-TAU Request messages. In this case, the SGSN-MME regards the
    UE a different UE and does not trigger the control action when the
    number of request messages exceeds the threshold.

    Controlling messages from many UE devices that are sending messages at an


    extreme rate reduces the CPU load on the SGSN-MME. UE Signaling Control can
    also protect other Network Elements from a high load, for example, the HSS.

    Information about UE devices that generate a high rate of messages is written


    into a log file.

    The control actions include ignoring messages of the same type, rejecting
    requests, and detaching the UE.

    For ignoring messages of the same type, the UE Signaling Control feature
    supports the measuring of the following message types:

    — Activate Primary PDP Context Request (GSM and WCDMA)

    — SMS-MO Service (GSM and WCDMA)

    — Service Request (WCDMA and LTE)

    57/221 02-AXB 250 05/8 Uen AU | 2020-11-30 1


    UE Signaling Control

    — Control Plane Service Request (LTE)

    — Intra-RAU Request (excluding Inter-System Change)

    — Inter-RAU Request (including Inter-System Change)

    — Attach Request

    — PDN Connectivity Request (LTE)

    — Intra-TAU Request

    — Inter-TAU Request (including Inter-System Change)

    For rejecting requests, the UE Signaling Control feature supports the controlling
    of the following message types (excluding Emergency messages):

    — Attach Request (WCDMA and LTE)

    — Service Request (WCDMA and LTE)

    — Control Plane Service Request (LTE)

    — PDN Connectivity Request (LTE)

    — Activate Primary PDP Context Request (WCDMA)

    — Intra-RAU Request (WCDMA)

    — Inter-RAU Request (WCDMA, including Inter-System Change)

    — Intra-TAU Request (LTE)

    — Inter-TAU Request (LTE, including Inter-System Change)

    Note: For mobility management message types, the cause code of rejecting is
    configurable. For session management message types, the cause code
    of rejecting is always #26 INSUFFICIENT_RESOURCES.

    For detaching the UE, the UE Signaling Control feature supports the controlling of
    the following message types (excluding emergency messages):

    — Service Request (WCDMA and LTE)

    — Control Plane Service Request (LTE)

    — PDN Connectivity Request (LTE)

    — Activate Primary PDP Context Request (WCDMA)

    — Intra-RAU Request (WCDMA)

    2 57/221 02-AXB 250 05/8 Uen AU | 2020-11-30


    UE Signaling Control Overview

    — Intra-TAU Request (LTE)

    Note: Based on the control action of detaching, the SGSN-MME sends the
    Detach Request message with the re-attach not required detach
    type and the configured cause code.

    The following are examples of causes for a high message rate:

    — Faulty software running on the UE

    — Faulty configuration of the software running on the UE

    — UE not conforming to the standard

    — Malicious UE deliberately flooding the network with messages to cause a


    DoS effect

    For information about logging, see UE Signaling Control Log.

    For instructions on configuring UE Signaling Control, see Configuring UE


    Signaling Control.

    57/221 02-AXB 250 05/8 Uen AU | 2020-11-30 3


    UE Signaling Control

    2 High Message Rate Detection

    The following methods are used for detecting situations with a high message
    rate:

    — KKPIs can be monitored to detect unusually high failure rates.

    — Counters providing the number of UE originated attempts for certain


    procedures can be monitored.

    — EBM can be used to log events for completed procedures. The EBM data
    must be thoroughly analyzed.

    If UE devices are suspected of sending messages at a high rate, UE Signaling


    Control rules can be configured for identifying these UE devices and optionally
    for controlling messages.

    4 57/221 02-AXB 250 05/8 Uen AU | 2020-11-30


    UE Signaling Control Modes

    3 UE Signaling Control Modes

    UE Signaling Control can be performed in either of the following two modes:

    — Measurement Only mode

    — Measurement and Control mode

    When a UE Signaling Control rule is created, if the control period is set to 0, the
    rule is configured for the Measurement Only mode. If the control period is set to a
    value greater than 0, the rule is configured for the Measurement and Control
    modes.

    3.1 Measurement Only Mode


    The Measurement Only mode is started after a UE Signaling Control rule is
    created with UscControlPeriod set to 0. This mode can be used for detecting UEs
    sending messages at a high rate.

    In the Measurement Only mode, messages of the specified message type and
    access type are measured per UE. A log record is generated if the SGSN-MME
    receives ThresholdNumber messages of the specified type from one UE within
    one measurement interval. The log record is written to a log file after a
    measurement duration ends. For more information, see UE Signaling Control Log.

    3.2 Measurement and Control Mode


    In the Measurement and Control mode, messages are measured per UE and are
    possibly controlled. This mode can be used for protecting the SGSN-MME from
    UEs sending messages at a high rate. The Measurement and Control mode is
    started after the action_usc_control_start or the create_usc_control_execution
    CLI command is run for a rule configured for the Measurement and Control mode.

    57/221 02-AXB 250 05/8 Uen AU | 2020-11-30 5


    UE Signaling Control

    Note: Data configured through the create_usc_control_execution CLI


    command is configuration data, which takes effect after consistency
    checking and activation. The data becomes permanent after a
    checkpoint is performed. With the create_usc_control_execution CLI
    command, the Measurement and Control mode is automatically
    restarted after an upgrade or node restart.

    The action_usc_control_start CLI command starts the Measurement and


    Control mode immediately. When using the action_usc_control_start CLI
    command, the Measurement and Control mode must be manually
    restarted after an upgrade or node restart.

    Operators cannot use both create_usc_control_execution and


    action_usc_control_start CLI commands. For more information, see
    Configuring UE Signaling Control.

    The UE Signaling Control rules specify a measurement interval, a threshold


    number, a control period, a control action, and the control cause code. A control
    period starts if the SGSN-MME receives ThresholdNumber messages of the
    specified message type and access type from one UE within one measurement
    interval.

    If the control action is ignore or reject, subsequent messages are ignored or


    rejected until the control period ends.

    If the control action is detach, upon receiving the subsequent message of the
    specified message type, the SGSN-MME initiates a Detach procedure. The control
    period terminates when the Detach procedure is finished.

    A counter is increased each time a message is controlled. Information about the


    UEs under UE signaling control is written into a log file. For more information, see
    UE Signaling Control Log.

    Note: For the Attach, Inter-SGSN RAU, and Inter-MME TAU procedures, if the
    UE sends the SGSN-MME a message including an unknown identity, the
    SGSN-MME cannot identify if the message rate is already measured for
    the UE. An unknown identity means that the UE has no record of this
    identity, for example, an old GUTI. The SGSN-MME thus cannot include
    the message in the rate measurement or take the configured control
    action.

    6 57/221 02-AXB 250 05/8 Uen AU | 2020-11-30


    Operation and Maintenance

    4 Operation and Maintenance

    4.1 Parameters
    To display the configuration classes and parameters related to UE Signaling
    Control, use the get_config_area CLI command for the UESignalingControl
    configuration area.

    4.2 Counters
    The following counters and PmGroup are valid for UE Signaling Control:

    — SGSN-MME_Mobility_ISYSC

    — SGSN-MME_Mobility_ISYSC_E

    — SGSN-MME_Mobility_MM_E

    — SGSN-MME_Mobility_MM_G

    — SGSN-MME_Mobility_MM_U

    — SGSN-MME_Mobility_U

    — SGSN-MME_Session_SM_E

    — SGSN-MME_Session_SM_G

    — SGSN-MME_Session_SM_U

    — SGSN-MME_SMS_G

    — SGSN-MME_SMS_U

    4.3 Logs
    The UE Signaling Control Log is valid for UE Signaling Control.

    For descriptions of the log files, see Operation and Maintenance Description.

    4.4 Toolbox
    The usc_report.pl Toolbox command is used to query UE Signaling Control logs
    and print a log report for analyzing potential UE attacks on the network.

    57/221 02-AXB 250 05/8 Uen AU | 2020-11-30 7


    UE Signaling Control

    For more information about the command, see Toolbox Description.

    4.5 EBM
    For descriptions of Sub-Cause Codes and EBM Events, see EBM Cause Codes and
    EBM Events and Parameters.

    8 57/221 02-AXB 250 05/8 Uen AU | 2020-11-30

    You might also like