Abstract:Cellular networks are a critical component of the economic and social infrastructures in which we live. In addition to voice services, these networks deliver alphanumeric text messages to the vast majority of wireless subscribers. To encourage the expansion of this new service, telecommunications companies offer connections between their networks and the Internet. The ramifications of such connections, however, have not been fully recognized.
In this talk, we evaluate the security impact of the SMS interface on the availability of the cellular phone network. Specifically, we demonstrate the ability to deny voice service to cities the size of Washington, D.C., and Manhattan with little more than a cable modem. Moreover, attacks targeting the entire United States are feasible with resources available to medium-sized zombie networks. This analysis begins with an exploration of the structure of cellular networks. We then characterize network behavior and explore a number of reconnaissance techniques aimed at effectively targeting attacks on these systems. We conclude by discussing counter-measures that mitigate or eliminate the threats introduced by these attacks, and identify opportunities and requirements for the security infrastructure of the next generation cellular networks. This work was reported in CCN, MSNBC, New York Times, Reuters, The Associated Press, and many other venues of the popular press.
For more detail: SMS Analysis
Fraud, Waste, and Abuse Hotline
© 2007–17 Indiana University of Pennsylvania
1011 South Drive, Indiana, Pa. 15705 | 724-357-2100