353
Issue 13(48), Volume 1 | ISSN 3030-377X | 5.06.2025
SCIENCE SHINE
INTERNATIONAL SCIENTIFIC JOURNAL
IMPACT OF DOS ATTACKS ON RTRC IP-RADIO NETWORKS
Khurramov Asliddin, Obidov Diyorbek
Tashkent State Transport University, 100067, Tashkent,
Temiryulchilar st. 1, Uzbekistan
Annotation:
in this article, a digital radio broadcast was organized on the same
railway site, providing all railway stations in
“
Pop-Namangan-Andijan
”
railway
station of Uzbekistan Railways JSC with DMR radio stations. Analysis of the factors
affecting the RTRC (rapid technological radio communication) networks in the
railway section
“
Pop-Namangan-Andijan
”
was carried out. Security is one of the
main issues in the functioning of any information exchange system. In general, a set
of potential threats to the communication network, as well as influence factors, are
given recommendations for their occurrence and their elimination.
Keywords:
IP-radio, RTRC, computer attacks (CA), natural and artificial
threats, internal and external violators, potential threats.
Introduction
There are many questions and problems that are both technical and legal for IP-
radio technology to become a ready-made solution and be able to functionally
provide full service. These aspects can be roughly divided into three groups:
- development of technology and equipment;
- legal aspects of management;
- ensure safety.
Improving the equipment of information exchange systems is carried out in
different directions, first of all, it is the development of the concept of border
connection controllers (Session Boarder Controller SBC). These are software and
hardware tools that solve the problems of logical separation of networks and ensuring
their functionality. Mechanisms for connecting IP radio networks are being
developed, the set of interfaces and parameters is being standardized, the procedures
for setting and using are being simplified. The models developed in the field of IP
radio mainly characterize the quality of Service and its, that is, the mechanisms for
ensuring the quality of service (Quality of Services
–
QoS), which should allow to
standardize and characterize all the parameters and norms of the quality of services
offered by IP radio technology.[1]
354
Issue 13(48), Volume 1 | ISSN 3030-377X | 5.06.2025
SCIENCE SHINE
INTERNATIONAL SCIENTIFIC JOURNAL
Factors affecting the RTRC network.
Security is one of the main issues in the
functioning of any information exchange system. IP is a direct relative of the radio
network and IP radio technology, which has not only its advantages, but also its
disadvantages. In general, the set of potential threats to the communication network,
as well as influence factors, are divided into two classes according to the nature of
their occurrence: natural and artificial (Figure 1). Damage or death of elements of
RTRC networks occurs as a result of the influence of factors of natural and artificial
origin [2].
Factors affecting the RTRC
Natural
Artificial
Intentionally
Unexpected
Figure 1. Factors affecting the RTRC network
Natural threats
are threats to the RTRC network and its elements of objective
physical processes, or from the effects of natural disasters that are not under human
control.
Artificial threats
are threats caused by human activity, among which, based on
the motivation of actions, we can distinguish:
- Involuntary (unintentional, random) threats caused by errors in the design of
RTRC and its elements, errors in software, errors in employee behavior, etc.;
- Intentional threats associated with selfish aspirations of people (violators).
Factors of natural origin include earthquakes, thunderstorms and other types of
natural phenomena, which are almost impossible to predict before they begin. It is
also difficult to predict (predict) the damage caused by them to elements of RTRC
networks.
Systems that are affected by artificial origin factors can be said, for example, rail
transport communication networks, powerful radio stations, high-voltage power lines,
mechanical influences, as well as computer attacks on the RTRC network (CA) today
are the most potential threats.
355
Issue 13(48), Volume 1 | ISSN 3030-377X | 5.06.2025
SCIENCE SHINE
INTERNATIONAL SCIENTIFIC JOURNAL
The degree of destructive exposure of each factor to elements of RTRC
networks determines the degree of inactivity of the element, and it depends on the
type of impact, its strength, scale and accuracy.
Information security threats to an IP-radio (technology) [3] based RTRC
network are caused by the formation of a channel that creates conditions for
disrupting information security between a threat source and an information source. It
is determined by the relevance of the information security threat, the threat of
information security, the type of its source, the vulnerability of the information
source and the information signal dissemination environment.
According to the type of source of threat of exposure to information, we can
distinguish:
- threats related to the activities of organizations with high potential, equipment
and motivation, based on the political, economic and other objectives of the railway
company;
- threats associated with the activities of organizations that are motivated due to
their economic, information and other goals;
- threats related to the activities of individual persons (elements of crime).
Methods
Methods of influencing the RTRC network are determined by the capabilities of
the source of the threat. The source of threats that are taking action or preparing to
take action on unauthorized exposure to information is a violation of Information
Security. An individual who, accidentally or intentionally, in the interests of his own
interests or organizations, committed actions that lead to a violation of information
security and its processing by technical means in RTRC networks is considered a
violator. It is recommended to consider violators in terms of having permanent or
one-time access to RTRC networks, there are two types of violators:[4]
- Violators who do not have access to RTRC networks - external
violators(aggressors);
- Intruders with access to RTRC networks - domestic violators(aggressors).
External violators attackers may refer to:
- representatives of the intelligence services of foreign countries;
- representatives of criminal structures;
- strangers with economic interests.
Domestic violators may refer to:
- radio communications and alarm, centralization and blocking devices
personnel (operators);
356
Issue 13(48), Volume 1 | ISSN 3030-377X | 5.06.2025
SCIENCE SHINE
INTERNATIONAL SCIENTIFIC JOURNAL
- Developers and suppliers of technical units of RTRC networks.
Possible threats to the RTRC network: the main problem of any radio
communication systems (networks) is equipment failure. This threat can be carried
out in different ways, the simplest of which is to delete communication channels.
Another threat is listening to conversations, which, while requiring certain equipment
and appropriate skills, allows you to obtain voice information from radio
communication channels outside the unprotected area of the company. It is very
difficult to do this outside the station building (enterprise) switchboard, but it should
be borne in mind that there is such a threat. Like traditional RTRC, RTRC-IP is
subject to various threats, but due to the nature of digital technologies, there are more
opportunities for intruders ' attacks. There have not yet been cases of violations of IP-
radio systems in Uzbekistan, but various schemes for carrying out attacks and fraud
are common in other countries, often leading to serious economic losses or the
cessation of the technological process [5].
Speaking of RTRC-IP threats, it is worth noting that they are also vulnerable to
attacks on ordinary IP networks, which can be redirected to digitized voice networks
with almost no change. For the IP component of digital radio communication, the
following types of attacks are possible [6]:
- data capture;
- denial of Service;
- change the number;
- theft of services and spam.
Data capture
- for RTRC-IP, this risk is much higher, since the attacker no
longer needs physical access to the network line. Here, the attacker may have some
difficulty selecting the desired packets, as in addition to IP-radio communication,
other practical layer protocol packets are also captured. However, this problem is
easily solved by filtering suspended traffic. By capturing IP-voice traffic
(unencrypted between switches by default), the attacker can easily recover initial
conversations. For this, there are even automated tools, for example, the VOMIT
(Voice over Misconfigured Internet Telephones) utility translates the data obtained
by trapping traffic using the tcpdump protocol analyzer, which is included in most
Linux distributions. The received data is converted into a simple WAV-file, which
can be listened to in any player.
Denial of Service (DoS)
- traditional RTRC radio communication guarantees the
quality of radio communication even when a large load falls on its equipment, which
is not always suitable for an IP network. High load on a numbered voice data
357
Issue 13(48), Volume 1 | ISSN 3030-377X | 5.06.2025
SCIENCE SHINE
INTERNATIONAL SCIENTIFIC JOURNAL
transmission network leads to significant disruption and even loss of some messages,
which is typical of IP networks in general, since packets can be lost under any load.
Therefore, one of the attacks on IP broadcasting can be sending a large number of
“noise” packets to the IP radio server [7].
Attacks such as service hijacking and communication spam
- service
hijacking, as a rule, are a set of several actions, first of all, it is the finding of IP-radio
communication devices, listening to traffic to obtain the necessary information about
the protocols used on the network. Later, if any technical information is needed, there
may be an attack on the dispatcher. After these initial actions, as a rule, a real theft of
services is carried out. In practice, it is about calling a country other than a fake
number or gaining control over certain services, such as voicemail, etc. Another goal
that can be achieved when services are stolen is to distribute incoming voicemail, that
is, actually the same spam [8]. In practice, this may seem like this: the attacker
automatically calls subscribers, and everyone who answers is invited to listen to the
recording of the advertising voice message. there is a special terminal for network
spam
–
SPIT (Spamming over Internet Telephony) [9].
Simulation of DoS Attacks on IP-Radio Networks: Theory, Impact, and
Mitigation Measures
Denial of Service (DoS) [10] attacks aim to disrupt the normal operation of a
network or server by overwhelming resources, typically through excessive requests.
In IP-radio networks, these attacks lead to increased packet loss and latency due to
vulnerabilities such as unencrypted traffic and limited resources. For RTRC networks
used in the “Pop
-Namangan-
Andijan” railway section, this poses a significant threat
to security and train traffic safety.
A simulation was conducted using MATLAB, comparing the performance of
1000 packets under normal and DoS conditions [11]:
- Normal Conditions: Packet loss at 5%, average latency ~20 ms.
- DoS Conditions: Packet loss at 30%, average latency ~100 ms. Random
probabilities and noise were added to mimic real network conditions.
Simulation results showed:
- Normal Conditions: Approximately 50 packets lost (5%), 950 successfully
delivered, average latency ~20 ms.
- DoS Conditions: Approximately 300 packets lost (30%), 700 successfully
delivered, average latency ~100 ms. This indicates a threefold increase in packet loss
and a fivefold increase in latency during a DoS attack.
358
Issue 13(48), Volume 1 | ISSN 3030-377X | 5.06.2025
SCIENCE SHINE
INTERNATIONAL SCIENTIFIC JOURNAL
Figure 1. DoS attack
Based on these findings, the following mitigation measures are recommended
[12]:
1. Traffic Encryption: Encrypt IP-radio traffic to reduce the risk of data theft by
attackers.
2. Strengthen QoS Mechanisms: Develop tools (e.g., SBC) to manage network
load and ensure service quality.
3. Real-Time Monitoring: Implement dedicated monitoring systems to detect
DoS attacks.
4. Optimize Network Resources: Enhance server and network capacity to
withstand DoS attacks.
The simulation confirms the significant impact of DoS attacks on IP-radio
networks, with increased packet loss and latency compromising railway
communication security. Implementing these measures is crucial for protecting
RTRC networks from cyber threats and ensuring stable communication in the “Pop
-
Namangan-
Andijan” section.
Conclusion:
Factors affecting the TTRA network, Crows, natural and artificial threats
negatively affect the quality of radio communication. Since radio communication
directly depends on train traffic safety, failure of the devices can cause severe
consequences. Therefore, the requirements for radio communication devices on the
plot were applied taking into account such possible attacks, threats.
References:
359
Issue 13(48), Volume 1 | ISSN 3030-377X | 5.06.2025
SCIENCE SHINE
INTERNATIONAL SCIENTIFIC JOURNAL
1. A.A. Kornienko, M.A. Eremeev, V.N. Kustov va boshqalar. “Information
Security and Information Protection in Railway Transport”. 2014. –
448 pp.
2. Khalikov A.A., Urakov O.X. “Mathematical Model of the Implemented
Impairer of the Information Impact Process on the Operative-Technological
Communication Network Based on IP-
Technologies”. International Scientific and
Technical Journal Chemical Technology. Control and Management. Tashkent-2019,
№4
-5 (88-89).
–
pp. 119-125.
3. Khalikov A.A., Urakov O.X. “A Mathematical Model of the Process of
Functioning of the OTC-IP Network During the Transmission of a Rare Subsequent
Data Stream”. UNIVERSUM Engineering. Section Radio Engineering and
Communication. Moscow-2020. -
№. 3(72). –
pp. 56-61.
4. Khalikov A.A., Urakov O.X. et al. “A Mathematical Model of the Operation
Process of a Radio Communication Network Based on IP Technologies in the
Conditions of Information Impact During the Transmission of a Non-Repetitive Data
Stream”.
E3S Web of Conference 420, 03022 (2023).
5. “Securing the Future of Railway Systems: A Comprehensive Cybersecurity
Strategy for Critical On-Board and Track-
Side Infrastructure”. PMC. 2024.
6. “Information Security and Privacy in Railway Transportation: A Systematic
Review”. PMC. 2024.
7. “Railway Cybersecurity (ENISA): The New Challenges”. www.railway
-
cybersecurity.com. 2023.
8. “Understanding Railway Cybersecurity”. gca.isa.org. 2022.
9. “Railway Cyber
-
Security in the Era of Interconnected Systems: A Survey”.
www.researchgate.net. 2024.
10. “EU Cybersecurity Agency Reports on Threat to Rail”. International
Railway Journal. www.railjournal.com. 2023.
11. “A Survey on Wireless
-Communication Vulnerabilities of ERTMS in the
Railway Sector”. www.oaepublish.com. 2024.
12. “Securing Rail Networks: Cyber Risk Scenarios & Defense Strategies”.
www.nozominetworks.com. 2023.
