Introduction: Confidentiality, Integrity, and Availability Threats in Mobile Phones

  • Iosif I. Androulidakis
Chapter
Part of the SpringerBriefs in Electrical and Computer Engineering book series (BRIEFSELECTRIC)

Abstract

In this introductory chapter, we will briefly describe and group as many as possible of the threats in confidentiality, integrity, and availability that mobile phones are facing. As such, it will be the basis for the discussions that will follow in the next chapters.

Keywords

Mobile phone threats Mobile phone security Mobile phone confidentiality Mobile phone integrity Mobile phone availability GSM security SMS security Mobile phone interception Mobile phone eavesdropping 

References

  1. 1.
    Suominen M. GSM security, Helsinki University of TechnologyGoogle Scholar
  2. 2.
    Lord S (2003) Modern GSM insecurities. X-Force Security. Assessments White Paper. www.iss.net
  3. 3.
    Huynh T, Nguyen H. Overview of GSM and GSM security. Department of Electrical Engineering and Computer Science Oregon State UniversityGoogle Scholar
  4. 4.
    Quirke J (2004) Security in the GSM system. AusMobileGoogle Scholar
  5. 5.
    Gadaix E (2001) GSM and 3G security. Black Hat Asia 2001Google Scholar
  6. 6.
    Gadaix E (2006) NGN Security, Bellua Cyber Security 2006Google Scholar
  7. 7.
    Gadaix E (2003) GSM operators security, xconGoogle Scholar
  8. 8.
    Preneel B. Mobile network security. Katholieke Universiteit LeuvenGoogle Scholar
  9. 9.
    Lord S (2003) Trouble at the Telco: when GSM goes bad. Network Security 2003(1):10–12CrossRefGoogle Scholar
  10. 10.
    Yousef P. GSM-security: a survey and evaluation of the current situation. ISY, Linköping Institute of TechnologyGoogle Scholar
  11. 11.
    Androulidakis I (2009) Security in GSM and in mobile phones. IT Security Professional Magazine, Issue 9, pp 35–41Google Scholar
  12. 12.
    Androulidakis I (2006) This is how hackers hack into our cell phones. Sunday Newspaper “To proto thema” Issue 90, pp 40–41Google Scholar
  13. 13.
    Androulidakis I (2006) Security issues in cell phones. Defence and Diplomacy Magazine, Issue 187, pp 100–102Google Scholar
  14. 14.
    Nohl K, Krißler S (2009) Subverting the security base of GSM. HAR2009Google Scholar
  15. 15.
    Nohl K, Paget C (2009) GSM—SRSLY? 26C3, BerlinGoogle Scholar
  16. 16.
    Pesonen L (1999) GSM interception. Department of Computer Science and Engineering, Helsinki University of TechnologyGoogle Scholar
  17. 17.
    Shoghi Communications Limited, Interception and monitoring of SMS & voice communications on GSM 850/900/1800/1900 MHz networksGoogle Scholar
  18. 18.
    Cryptome.org (2005) Interception of GSM cellphonesGoogle Scholar
  19. 19.
    Patel S, Eavesdropping without breaking the GSM encryption algorithm. 3GPP TSG SA WG3 Security — SA3#33 S3-040360. 10–14 May 2004. Beijing, ChinaGoogle Scholar
  20. 20.
    Fernandez-Iglesias MJ (2002) On the application of formal description techniques to the design of interception systems for GSM mobile terminals. J Syst Softw 60:51–58CrossRefGoogle Scholar
  21. 21.
    Androulidakis I (2009) Intercepting mobile phones. IT security Professional Magazine, Issue 8, pp 42–48Google Scholar
  22. 22.
    Androulidakis I (2011) Intercepting mobile phone calls and short messages using a GSM Tester. In: Proceedings of CN2011, Springer CCIS 160, pp 281–288Google Scholar
  23. 23.
    Rieger F (2005) New interception threats from non-state actors and software-based voice encryption. IEE Secure Mobile CommunicationsGoogle Scholar
  24. 24.
    ETTUS USRP. www.ettus.com
  25. 25.
  26. 26.
  27. 27.
  28. 28.
  29. 29.
  30. 30.
  31. 31.
    Hulton D, Mueller S (2008) Intercepting mobile phone/GSM traffic. BlackHat Europe2008Google Scholar
  32. 32.
  33. 33.
  34. 34.
  35. 35.
    Biryukov A, Shamir A, Wagner D (2000) Real time cryptanalysis of A5/1 on a PC. In: Fast Softward Encryption, Springer-Verlag, pp 1–18Google Scholar
  36. 36.
    Barkan E, Biham E, Keller N (2008) Instant ciphertext-only cryptanalysis of GSM encrypted communication. Journal of cryptology archive, Springer, New York, Inc. Secaucus, NJ, USA, vol 21(3), March 2008. doi 10.1007/s00145-007-9001-yGoogle Scholar
  37. 37.
    Golic J (1997) Cryptanalysis of alleged A5 stream cipher. http://cryptome.org/jya/a5-hack.htm
  38. 38.
    Briceno M, Goldberg I, Wagner D. A pedagogical implementation of the GSM A5/1 and A5/2 voice privacy encryption algorithms. http://www.cryptome.org/gsm-a512.htm
  39. 39.
    Vodafone Griechenland im Visier der Ermittler, dsltarife.net/news, 2006Google Scholar
  40. 40.
    Prevelakis V (2007) The Athens affair. IEEE SpectrumGoogle Scholar
  41. 41.
    Laitinen H (2001) Cellular location technology. CELLO-WP2-VTT-D03-007-Int Deliverable of IST-2000-25382-CELLO, Cellular Network Optimisation Based on Mobile LocationGoogle Scholar
  42. 42.
    Warnock M, Geolocation via cell tower data. http://www.warnockinc.com/. Accessed Dec 2011
  43. 43.
    Engel T (2008) Locating mobile phones using signaling system #7. In: 25th Chaos communication congress, 2008Google Scholar
  44. 44.
    Androulidakis I (2011) Locating a GSM phone in a given area without user consent. In: Presentation in hack.lu 2011 conference, Luxembourg, 19 Sept 2011Google Scholar
  45. 45.
    Welte H (2009) Report of OpenBSC GSM field test, HAR2009Google Scholar
  46. 46.
    Hynninen H (2000) Experiences in mobile phone fraud, HUT TML 2000Google Scholar
  47. 47.
    Müller M (1999) Intruder scenarios in telecom networks, Faculty of Computer Science, Helsinki University of Technology. http://www.niksula.cs.hut.fi/∼mmuller/NETSEC/paper.html. Accessed Dec 2011
  48. 48.
    Shawe-Taylor J, Howker K (1999) Detection of fraud in mobile telecommunications information security technical report, vol 4(1)Google Scholar
  49. 49.
    Androulidakis I (2011) Combating telecommunications cybercrime, 3hour course. High-Tech Crime Department of the National Bureau of Investigation of Hungary, BudapestGoogle Scholar
  50. 50.
    Androulidakis I (2010) Detecting cybercrime in modern telecommunication systems. In: European Police College (CEPOL), Seminar 64/2010, Cyber Crime & High Tech, Athens, 18–21 May 2010Google Scholar
  51. 51.
    Androulidakis I (2011) Cybercrime in mobile telephony systems. In: European Police College (CEPOL), Seminar 62/2011, High Tech & Cyber Crime, Brdo near Kranj, Slovenia, 20 Oct 2011Google Scholar
  52. 52.
    Cadonau J (2008) OTA and secure SIM lifecycle management smart cards, tokens, security and applications. Springer, New YorkGoogle Scholar
  53. 53.
    Bocan V, Cretu V (2006) Mitigating denial of service threats in GSM networks. ARES 2006Google Scholar
  54. 54.
    Bocan V, Cretu V (2004) Security and denial of service threats in GSM networks. Periodica Politechnica, Trans Autom Control Comput Sci 49(63) 2004, ISSN 1224-600xGoogle Scholar
  55. 55.
    Miller C, Mulliner C (2009) Fuzzing the phone in your phone. http://www.blackhat.com/presentations/bh-usa-09/MILLER/BHUSA09-Miller-FuzzingPhone-SLIDES.pdf
  56. 56.
    Mulliner C, Golde N, Seifert J-P (2011) SMS of death: from analyzing to attacking mobile phones on a large scale. In: 20th USENIX security symposiumGoogle Scholar
  57. 57.
    Windows phone sms attack discovered reboots device and disables messaging hub, 2011. http://www.winrumors.com/windows-phone-sms-attack-discovered-reboots-device-and-disables-messaging-hub
  58. 58.
    Engel T (2008) Remote SMS/MMS denial of service—“curse of silence” for Nokia S60 phones. http://berlin.ccc.de/~tobias/cursesms.txt
  59. 59.
    Morreeuw J (2002) Securite des mobiles GSM. http://jf.morreeuw.free.fr/security/gsm.html. Accessed Dec 2011
  60. 60.
    Hypponen M (2005) Mobile phone threats. In: HITBSecConf2005, Kuala Lumpur, MalaysiaGoogle Scholar
  61. 61.
    Grand J (2004) Introduction to mobile device insecurity. Black Hat EuropeGoogle Scholar
  62. 62.
    Sima C. Security for handhelds and cell phones attacks and theories. Interop Las Vegas, 2004Google Scholar
  63. 63.
    Greene K (2007) Securing cell phones. MIT Technology Review. http://www.technologyreview.com/communications/19130/
  64. 64.
    Bickford J, O’Hare R, Baliga A, Ganapathy V, Iftode L (2010) Rootkits on smart phones: attacks, implications and opportunities. HotMobile’10Google Scholar
  65. 65.
    Miller C, Honoroff J, Mason J (2007) Independent Security Evaluators, July 19, 2007Google Scholar
  66. 66.
    Mulliner C (2005) Exploiting PocketPC. What the hack, July 2005Google Scholar
  67. 67.
    Mulliner C (2006) Security of smart phones. University of CaliforniaGoogle Scholar
  68. 68.
    Mulliner C (2006) Using labeling to prevent cross-service attacks against smart phones. DIMVA2006Google Scholar
  69. 69.
    Mulliner C (2008) Attacking NFC mobile phones. EUSecWest, 2008Google Scholar
  70. 70.
    Mulliner C (2006) Advanced attacks against PocketPC phones. DEFCON 14, 2006Google Scholar
  71. 71.
    de Haas J (2005) Symbian phone Security. Blackhat 2005Google Scholar
  72. 72.
    Spaar D (2009) Playing with GSM RF interface. 26C3, BerlinGoogle Scholar
  73. 73.
    The Spyphone Guy. http://www.spyphoneguy.com/

Copyright information

© Springer Science+Business Media New York 2012

Authors and Affiliations

  • Iosif I. Androulidakis
    • 1
  1. 1.PapagouGreece

Personalised recommendations