1 / 20

Smart-phone Attacks and Defenses

Smart-phone Attacks and Defenses. Chuanxiong Guo, Helen J. Wang, Wenwu Zhu. Outline. Smart-Phone background Telecom networks assumptions Motivation Attacks Defenses Conclusions. Smart-phones. Rich functionalities & features

paul
Télécharger la présentation

Smart-phone Attacks and Defenses

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Smart-phoneAttacks and Defenses Chuanxiong Guo, Helen J. Wang, Wenwu Zhu

  2. Outline • Smart-Phone background • Telecom networks assumptions • Motivation • Attacks • Defenses • Conclusions

  3. Smart-phones • Rich functionalities & features • Combine portability of cell-phones with the computation and networking power of PCs • 700M units will be shipped in 2007 • Likely exceed the user population of PCs’ O2 XDA mini S

  4. Common OS • OS: Symbian, Windows Mobile, Palm, embedded Linux • Access to cellular network (GSM/CDMA, UMTS) • Access to Internet (infrared, Bluetooth, GPRS/CDMA1X, 802.11) • Use standard TCP/IP protocol stack • Multi-tasking • Data synchronization with desktop PCs • Open API for application development • Ease and low cost of introducing new integrated Internet and telecom services • Create common ground for security breaches and threats

  5. Smart-phones Become end-points of both the Internet and telecom networks.

  6. Telecom Design Assumptions • Traffic is highly predictable • Telecom carriers plan network capacity according to the predicted traffic model • Radio spectrum sharing schemes includes TDMA, FDMA, or logical “channels” • User identities are tightly coupled with their telephone numbers or SIM cards • Telephone number or SIM (Subscriber Identity Module) cards are used for accounting purposes

  7. Motivation • Telecom network was relatively safe • Smart-phone worms, viruses, Trojan horses appeared • Cabir, June 14, 2004 (worm) • Duts, July 17, 2004 (virus) • Mosquito dialer, August 6, 2004 (trojan horse) • The source code of the Cabir has been posted online by a Brazilian Programmer • Various attacks to telecom infrastructures and users become reality

  8. Compromising smart-phones • Attacks from the Internet • Internet worms, viruses, and Trojan horses • Infection from sync desktop • Attack pc first, then infect smart-phone through synchronization process • Peer smart-phone attack or infection • Smart-phone is a mobile device • Able to infect victims at different locations

  9. Possible smart-phone attacks • DoS to base stations • DDoS to call centers and switches • Remote wiretapping • Phone blocking • SMS spamming • Identity theft and spoofing • Physical attack • National Crisis

  10. DoS to base stations Compromised smart-phones use up radio resource at a base station Even a handful of zombies can increase call blocking rate (0.01% required) dramatically or put the system out of service Smart-phone zombies

  11. Possible smart-phone attacks • DoS to base stations • DDoS to call centers and switches • Remote wiretapping • Phone blocking • SMS spamming • Identity theft and spoofing • Physical attack • National Crisis

  12. DDoS to call centers and switches A 110 PLMN PSTN Call Center B C N PLMN: Public land mobile network PSTN: Public switched telephone network

  13. Possible smart-phone attacks • DoS to base stations • DDoS to call centers and switches • Remote wiretapping • Phone blocking • SMS spamming • Identity theft and spoofing • Physical attack • National Crisis

  14. Remote wiretapping GSM WLAN Voice stream Internet User A GSM PSTN voice packet User B wiretapper

  15. Possible smart-phone attacks • DoS to base stations • DDoS to call centers and switches • Remote wiretapping • Phone blocking • SMS spamming • Identity theft and spoofing • Physical attack • National Crisis

  16. Defenses • Internet side protection • NIDS, Firewalls, Patching, Shielding, … • Base station performs shielding for users • Make seamless handoff challenging • Difficult to change deployed 802.11 APs • Telecom side protection • Abnormal behavior detection • Reactions (Rate limiting, Call filtering, Blacklist) • Advantage to take: Behavior of telecom users is highly predictable and most of the reaction building blocks already exist • Smart-phone side protection • Cooperation among the three parties

  17. Smart-phone hardening • Feature reduction • E.g., turn off bluetooth when not active • OS hardening • E.g., always display callee number when making a phone call • Lighting up LCD display when dialing • Hardware hardening • SIM card to authenticate OS and applications

  18. Cooperation among the three parties • Cellular carriers enforce smart-phones patching and shielding, and OS authentication • When smart-phone attacks are detected from the Internet • The Internet can inform telecom to prepare in advance • When telecom detects smart-phone attacks • Inform Internet to reject zombies on the black list • Need to judge if a device is a smart-phone • IP address to SIM ID or telephone number mapping

  19. Discussion • Broken assumptions • Telecom networks assume dumb terminals and intelligent core • More Internet security reduction • Networks or systems being bridged into the Internet • Sensor networks • RFID-based inventory systems • Home networks • More specified functioning systems assumption are being violated

  20. Conclusions • Alert the community of the imminent dangers of smart-phone attacks • A framework for defenses • Future work: • Detailed defense solutions • Study other systems and networks that also face Internet security reduction • Home networks • Sensor networks

More Related