Document Type



Master of Science


Computer Science

First Adviser

Chuah, Mooi Choo


Zero-rating services allow mobile users to access contents from contracted CP free of data charge. In this thesis, we introduce attacks against the zero rating service which allows extra non-contracted traffic to be transported free of charge. We call this types of attack the 'free-riding' attack. Specifically, we create two types of free-riding attacks: 1) masquerade zero-rating CP attack; 2) response packets modification attack. We conducted multiple experiments on several major commercial cellular and WiFi ISPs in the United States and China. The experimental results show that all these ISPs are vulnerable to free-riding attacks.In this thesis, we also propose a secure and backward compatible zero-rating framework, called ZFree. ZFree authorizes network traffic from valid CP to be zero-rated. Next, we perform a formal security verification using ProVerif on ZFree. The formal verification results show that ZFree is secure in preserving packet integrity and CP server authenticity. Our evaluation shows that ZFree is lightweight, scalable and secure.