Geographical Location of DDoS based on Mobile Networks - can be DDoS Geolocation-based Mobile Operators is a very Interesting Concept ?

The concept is based on usability of the software on mobile phones located in a geographic area to generate large amount of traffic. This traffic can possibly create DDoS on the mobile operator.
We decided to deepen and conducted a basic analysis of the possible impacts of DDoS based on the geographic location.

ITU pointed out that there are 4.6 billion mobile phones worldwide. This number is truly formidable and able to carry out a DDoS attack on a mobile network.
But creating a DDoS attack is not as simple as it sounds - especially DDoS based geolocation. To do a DDoS attack, you need the following ingredients

Software that will do the attack - the software will use the geographic location (to find out where the phone is) and telecommunications function (to create DoS) portable. Variants of software are available and may be developed relatively easily for any platform of the device. Examples of applications that use geolocation and telecommunications functions are GPS tracking applications for monitoring (child or employee monitoring) and 'Cheating Spouse Spy "applications. They allow access to geolocation and send data stream or SMS messages. Attacking software distribution facilities - to a DDoS attack to be successful, you need a high volume attack craft ("zombies"). In a geographical location DDoS attacking something that is in a geographic area, and the zombies phones need to be in or around the target location. This means you have to convince a lot of people to install the application needs to attack on their phones. Also, you need to develop this application for many platforms, as there are a large number of phone manufacturers and each has different operating system platforms. Autodistribution (such as viruses) request - is a set of challenges: A virus can self-distribute through a vulnerability in the operating system, or user action (such as sending an SMS with the instructions to install an application). Phone users are not easy to install new applications, simply because an SMS asked them, and good luck finding vulnerabilities in a sufficient quantity of platforms and versions of OS phone.

Sufficient concentration of zombies geolocation enabled phones in specific areas - now this is a set of real numbers with many interesting results. Specific areas will be large metropolitan areas, which are the subject of large companies - which have the highest concentration of zombie phones, and where most of the damage to the reputation of the mobile service provider may be done.

To estimate the number of zombie phones in one area, we need some starting parameters. We will use the worst case scenarios for each percentage geographical location parameter compatible phone to the total phone population (between 24% and 95%) - Gartner estimates that smart phones occupy 18% of the total number of mobile phones. Suppose that every smart phone has Geo Location ability, and we will use higher percentages of 18% from the target area will have a larger population with the means and the need to have a smart phone. Phone app that will target attack percentage (51%) - as there are several manufacturers and platforms, the attacker must attack the population with the greatest probability of success - the largest phone population with similar characteristics. We will use the percentage of penetration platform - Symbian, which according to Gartner had 51% of all smartphone platforms on the market. Zombies phones success (20%) - the target population of cell phones may not be fully controlled. That is 4 million square meters. Concentration of zombies phones (50% in the target area) - a weekday, we assume that 50% of zombie phones will be in the strike zone
Based on these parameters, we create a table that calculates the number of zombie phones in major cities worldwide.

Analysis table
Assuming that the analysis parameters can be met (in particular the number of phones that are zombified), here are the numbers results
Overload the network - very unlikely: The maximum number of zombie phones represent from 2.41 to 9.7 percent of the total phone population in urban areas. Mobile network switches are designed to handle traffic spikes, so they will be able to cope with the 10% increase of the total population of the city.

Overloading the central area - Possible: Long before the DDoS attack can overwhelm network switches, it will hit a bottleneck: mobile radio cells have a technical limit on the number of active calls, therefore, on a DDoS scenario mobile cells where most resident zombie phones will be affected.

Hot spots overwhelming - very likely: Even within the target area of ​​the attack, there are hot spots with high concentrations of mobile phones - large office buildings and business parks. These hot spots are often treated with a dedicated set of cells, and DDoS attacks will likely overwhelm the available cells.

In simpler terms, on a business day, the cells in the city's business district will have more service requests and available channels, so there will be many No service or out of the network in the striking area central.

Detection and treatment - at least several hours: The mobile operator will immediately identify overcrowded cells, but it will take hours to identify the model that is creating congestion. Even so, the remedy will not be simple, and descend disabling services for each identified zombie phone. The future may be darker - start using a common mobile platform, similar to the prevalence in the Windows PC world, and Geo Location feature or become a commodity or even a mandate, analysis parameters may change dramatically - and make them vulnerable mobile networks DDoS attacks