DDoS Attacks on 9-1-1 Emergency Services

Research output: Contribution to journalArticlepeer-review

5 Scopus citations


The 911 emergency service belongs to one of the 16 critical infrastructure sectors in the United States. Distributed denial of service (DDoS) attacks launched from a mobile phone botnet pose a significant threat to the availability of this vital service. In this article we show how attackers can launch several types of DDoS attacks from mobile phone botnets. In one of the attacks, which we demonstrate, the attacker has the botnet randomize all cellular identifiers while issuing emergency calls repeatedly. Since there exists legitimate unidentified emergency calls, and since the FCC requires such calls to be forwarded, the network and the emergency call centers cannot block these calls (technically and legally). To understand and verify the threat of DDoS attacks on 911, we explore the 911 infrastructure and implement different forms of the attack on a small cellular network. Finally, to quantify the threat, we simulate and analyze DDoS attacks on a model of current 911 infrastructure in the US. We found that with less than 6K bots (or 100K hardware), attackers can block emergency services in an entire state for days. We believe that this article will assist the respective organizations in preventing possible 911-DDoS attacks in the future.

Original languageEnglish
Pages (from-to)2767-2786
Number of pages20
JournalIEEE Transactions on Dependable and Secure Computing
Issue number6
StatePublished - 1 Jan 2021


  • 911
  • DDoS
  • botnet
  • emergency services
  • malware
  • threat analysis

ASJC Scopus subject areas

  • General Computer Science
  • Electrical and Electronic Engineering


Dive into the research topics of 'DDoS Attacks on 9-1-1 Emergency Services'. Together they form a unique fingerprint.

Cite this