DDoS attacks on 9-1-1 emergency services

Yisroel Mirsky, Mordechai Guri

IEEE Transactions on Dependable and Secure Computing 18 (6), 2767-2786, 2020

The 911 emergency service belongs to one of the 16 critical infrastructure sectors in the United States. Distributed denial of service (DDoS) attacks launched from a mobile phone botnet pose a significant threat to the availability of this vital service. In this article we show how attackers can launch several types of DDoS attacks from mobile phone botnets. In one of the attacks, which we demonstrate, the attacker has the botnet randomize all cellular identifiers while issuing emergency calls repeatedly. Since there exists legitimate unidentified emergency calls, and since the FCC requires such calls to be forwarded, the network and the emergency call centers cannot block these calls (technically and legally). To understand and verify the threat of DDoS attacks on 911, we explore the 911 infrastructure and implement different forms of the attack on a small cellular network. Finally, to quantify the threat, we simulate and …