Journal in Computer Virology

, Volume 2, Issue 2, pp 121–133 | Cite as

Malicious actions against the GPRS technology

  • Christos XenakisEmail author
Original Paper


This paper presents the malicious actions (attacks), which threaten the general packet radio services (GPRS) network, the GPRS mobile users, and the data that either reside at the network or are transferred through it. These attacks may be performed by malicious third parties, mobile users, network operators or network operator personnel, which exploit the security weaknesses of the GPRS security architecture. Moreover, the attackers take advantage of the lack of adequate security measures that should protect certain parts of the GPRS architecture. The possible attacks against GPRS targets the equipment of mobile users, the radio access network, the GPRS backbone network, and the interfaces that connect the latter to other GPRS networks or the public Internet. The results of these attacks might be the compromise of end-users security, the users over billing, the disclosure or alteration of critical information, the services unavailability, the network breakdown, etc. The analyzed attacks and their consequences increase the risks associated with the usage of GPRS, and, thus, influence its deployment that realizes the concept mobile Internet. In order to defeat certain attacks and enhance the level of security provided by GPRS, specific security measures are proposed.


Mobile Station Mobile User Smart Card General Packet Radio Service Visitor Location Register 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    3GPP TS 03.6 (V7.9.0) GPRS Service Description, Stage 2. (2002)Google Scholar
  2. 2.
    Pagliusi, P. A Contemporary Foreword on GSM Security. In: Proceedings of the Infrastructure Security International Conference (InfraSec 2002), LNCS 2437, pp. 129–144. Springer, Berlin Heidelberg New York (2002)Google Scholar
  3. 3.
    Mitchell, C. The security of the GSM air Interface protocol. Technical Report, Royal Holloway University of London, (2001)Google Scholar
  4. 4.
    3GPP TS 09.60 (V7.10.0) GPRS Tunneling Protocol (GTP) across the Gn and Gp Interface (2002)Google Scholar
  5. 5.
    GSM 03.20: Security Related Network Functions (1999)Google Scholar
  6. 6.
    ETSI TS 100 922 (v7.1.1): Subscriber Identity Modules (SIM) Functional Characteristics (1999)Google Scholar
  7. 7.
    3GPP TS 03.03 (v7.8.0): Numbering, Addressing and Identification (2003)Google Scholar
  8. 8.
    3GPP TS 01.61 (v7.0.0): GPRS Ciphering Algorithm Requirements (2001)Google Scholar
  9. 9.
    3GPP TS 09.02 (v7.15.0): Mobile Application Part (MAP) specification. (2004)Google Scholar
  10. 10.
    Srisuresh, P., Holdrege, M. IP Network Address Translator (NAT) Terminology and Considerations. RFC 2663 (1999)Google Scholar
  11. 11.
    Gleeson, B., Lin, A., Heinanen, J., Armitage, G., Malis, A. A Framework for IP Based Virtual Private Networks. RFC 2764 (2000)Google Scholar
  12. 12.
    Bjaen, G.S., Kaasin, E. Security in GPRS. Master Thesis, Agder University College, Norway, (2001)Google Scholar
  13. 13.
    Barkan, E., Biham, E., Neller, N. Instant Ciphertext-Only Cryptanalysis of GSM Encrypted Communication. In: Proceedings of the Advances in Cryptology (CRYPTO 2003), LNCS 2729, pp. 600–616. Springer, Berlin Heidelberg New York (2003)Google Scholar
  14. 14.
    Hulton, D. Smart card security: from GSM to parking meters. http://dachb0den.comGoogle Scholar
  15. 15.
    Briceno, M., Goldberg, I., Wagner, D. GSM cloning. Scholar
  16. 16.
    Handschuh, H., Paillier, P. Reducing the collision probability of alleged Comp128. In: Proceedings of the International Conference on Smart Card Research and Applications, LNCS 1820, pp. 366–371. Springer, Berlin Heidelberg New York (2000)Google Scholar
  17. 17.
    F-Secure Virus Description: Scholar
  18. 18.
    Rao, J., Rohatgi, P., Scherzer, H., Tinguely, S. Partitioning attacks: or how to rapidly clone some GSM cards. In: Proceedings of the IEEE Symposium on Security and Privacy, Oakland, California, USA (2002)Google Scholar
  19. 19.
    Nikishin A. (2004) Malicious software – past, present and future. Inf. Secur. Tech. Rep. 9(2): 6–18CrossRefGoogle Scholar
  20. 20.
    Skorobogatov, S., Anderson, R. Optical fault induction attacks. In: Proceedings of CHES ’02, LNCS 2523, pp. 2–12. Springer, Berlin Heidelberg New York (2002) sps32/ches02-optofault.pdfGoogle Scholar
  21. 21.
    Ekdahl P., Johansson T. (2003) Another attack on A5/1. IEEE Trans. Inf. Theory 49(1): 284–289zbMATHMathSciNetCrossRefGoogle Scholar
  22. 22.
    Xenakis C., Merakos L. (2004) Security in third generation mobile networks. Comput. Commun. 27(7): 638–650CrossRefGoogle Scholar
  23. 23.
    Kent, S., Atkinson, R. Security architecture for the internet protocol. RFC 2401 (1998)Google Scholar
  24. 24.
    3GPP TS 33.200 (v4.3.0): 3G security; network domain security; MAP application layer security (2002)Google Scholar
  25. 25.
    Gupta V., Gupta S. (2001) Securing the wireless internet. IEEE Commun. Mag. 39(12): 68–74CrossRefGoogle Scholar
  26. 26.
    Xenakis, C., Gazis, E., Merakos, L. Secure VPN deployment in GPRS mobile network. In: Proceedings of the European Wireless 2002, Florence Italy, pp. 293–300 (2002)Google Scholar
  27. 27.
    Xenakis, C., Merakos, L. Dynamic network-based secure VPN deployment in GPRS. In: Proceedings of the PIMRC 2002, Lisboa, Portugal, pp. 1260–1266 (2002)Google Scholar
  28. 28.
    Xenakis C., Merakos L. (2002) On demand network-wide VPN deployment in GPRS. IEEE Netw. 16(6): 28–37CrossRefGoogle Scholar

Copyright information

© Springer-Verlag France 2006

Authors and Affiliations

  1. 1.Communication Networks Laboratory, Department of Informatics and TelecommunicationsUniversity of AthensAthensGreece

Personalised recommendations