A New Secure Algorithm for Upcoming Sensitive Connection between Heterogeneous Mobile Networks

One of the most important concepts in the heterogeneous mobile networks is Vertical Handover (VHO). The VHO is a vital process taken place by Mobile Users (MUs) in order to satisfy their preferences of security and cost, in addition to the rest of parameters of network and terminal such as latency and velocity, respectively. However, a proactive security for upcoming sensitive connection and performing VHO between heterogeneous mobile networks have not been considered. This paper therefore comes up with a new secure algorithm to address this issue: Proactive Security for Upcoming Sensitive Connection (PSUSC). Analysis of the PSUSC algorithm proves reducing potential attacks extremely compared with previous works which rely on using less secure RAT. Keywords—Vertical handover security; mobile networks; wireless networks; heterogeneous wireless


I. INTRODUCTION
The Mobile Users (MUs) are always keen for using all available communication services anywhere, anytime regardless of any potential technical issue and/or technological constraint might associated with the different Radio Access Technologies (RATs): Wi-Fi, 2G (GSM), 3G (UMTS), 4G (WiMAX and LTE) and 5G.
In fact, a RAT itself is not able to satisfy MUs' preferences all the time as each RAT has its own restricted capabilities in terms of security, data rate, coverage, etc. For example, the 5G itself is not sufficient for providing ubiquitous wireless access without cooperating with the rest of RATs [1].
The VHO performance is measured by different factors such as latency, packet loss, cost signaling, connection failure and security. However, this paper focuses on the security as one of the most crucial factors for the MU to secure upcoming sensitive connection.
Although there are hundreds VHO approaches have been proposed in the literature, it is noticed that a proactive security for upcoming sensitive connection and performing VHO between heterogeneous mobile networks have not been considered. Therefore, this paper presents a new secure algorithm to address this issue: Proactive Security for Upcoming Sensitive Connection (PSUSC).
The rest of the paper is organized as follows: Section II presents related works in securing roaming issues. In Section III, a design of the proposed algorithm is presented. Section IV presents an analysis of the proposed algorithm. Finally, a conclusion and future work are given in Section V.

II. RELATED WORK
In [2], 132 VHO approaches have been reviewed and classified into two categories: VHO security based category and VHO non-security based category for which their characteristics have been discussed. It has been concluded in [2] that the VHO non-security based category takes a large portion of previous works (93%) compared with the VHO security based category (7%). Where, the majority works of this modest percentage of VHO security based category have mainly focused on the role of security parameter in selecting the best available RAT [3].
However, a proactive security for upcoming sensitive connection and performing VHO between heterogeneous mobile networks has not been considered.

III. DESIGN OF PSUSC ALGORITHM
The VHO consists of three phases: Initiation (Collecting Information), Decision and Execution [12][13][14][15][16][17][18][19]. The proposed secure algorithm takes into account the critical phases of decision and execution in order to secure upcoming sensitive connection between heterogeneous mobile networks. This is shown in Fig. 1.

A. Decision Phase
Unlike previous works which only focus on the role of security parameter in selecting the best available RAT for an imminent VHO, this proactive phase is responsible for selecting the best available secure RAT for the upcoming sensitive connection. Hence, it extremely reduces any potential attack might be launched due to using a current less secure RAT.
Based on Table I, the PSUSC algorithm descendingly orders all available RATs in terms of security into two levels  Once the VHO is triggered for a security session, the algorithm's precedence is to secure the upcoming sensitive session and it therefore selects the best available secure RAT, taking into account that the sole VHO to 5G (L1) is automatically taken place without MUs' confirmation. Otherwise, the MU could confirm whether proceeding VHO from available L2's RATs or not. Finally, when the VHO ongoing sensitive session is successfully performed, the MU is returned back to a previous RAT as long as it is still available. Otherwise, the MU is connected to the best available secure RAT.

B. Execution Phase
This phase is responsible for securing roaming between heterogeneous mobile networks. The critical moment during the phase is that the VHO between any two RATs (from a source RAT to a destination RAT) might face attackers who exploit such a process for achieving their malicious goals.
MIPv4 and MIPv6 are the best mobility management protocols used to maintain VHO ongoing sessions [20]. However, the MIPv6 is more secure than MIPv4 as it provides Internet Protocol Security (IPSec) for all security requirements [21].

IV. ANALYSIS OF PSUSC ALGORITHM
In this analysis, there are five available RATs: 5G, LTE, UMTS, GSM and Wi-Fi, as shown in Fig. 2. The MU is currently connected with Wi-Fi at office and intending to make online bank transactions. Once the MU proceeds to fill sensitive information, the VHO is triggered in order to secure the upcoming sensitive session by selecting the best available secure RAT. It is obvious in this scenario that the transactions' session is handovered to the most available secure RAT and therefore the security is effectively improved compared with using Wi-Fi as a less secure RAT.
Where the PSUSC algorithm guarantees ordering all available RATs descendingly in terms of security: higher security for 5G, high security for LTE, less high security for UMTS, medium security for GSM and low security for Wi-Fi. This is shown in Fig. 3 to Fig. 6.

V. CONCLUSION
This paper has presented design and analysis of new proactive security algorithm for upcoming sensitive connection and performing VHO between heterogeneous mobile networks. The analysis has noticeably showed reducing potential attacks compared with previous works which rely on using less secure RAT. However, we intend to perform more analysis as well as simulation on the proposed algorithm to address security issues, which might face the execution phase as a result of using mobility management protocols during VHO.