Taming Mr Hayes: Mitigating signaling based attacks on smartphones

Mulliner, Collin; Liebergeld, Steffen; Lange, Matthias; Seifert, Jean-Pierre

doi:10.1109/dsn.2012.6263943

Cited by 13 publications

(12 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Mulliner et al [15] introduce a software architecture for smartphones that can mitigate threats against the cellular network even in the event of a full compromise of the smartphone operating system. Client-side solutions that require custom firmwares are unlikely to find much adoption because of costs for certification needed for admission to cellular networks, which have to be done again for every new type of device.…”

Section: Related Work and Backgroundmentioning

confidence: 99%

Cellpot: A Concept for Next Generation Cellular Network Honeypots

Liebergeld¹,

Lange²,

Borgaonkar³

2014

Proceedings 2014 Workshop on Security of Emerging Networking Technologies

Self Cite

View full text Add to dashboard Cite

Smartphones have been shown to be vulnerable. Similarly, cellular networks have been shown to be vulnerable to denial of service attacks through signaling. Attackers can use compromised smartphones to remotely attack the cellular network. Therefore the mobile network operator requires measures to detect and mitigate attacks as they emerge. In the past honeypots proved to be a valuable tool to detect ongoing attacks. Several designs for honeypots on smartphones have been proposed. However, their utility is hampered as they are unlikely to achieve a sufficient coverage. In this paper we introduce Cellpot as a novel honeypot concept for threat detection and defence directly inside the cellular network. Cellpot comprises an army of honeypots that are deployed on small cell base stations and is under full control of the operator. We show that Cellpot provides a cost-effective and scalable way for operators to detect and mitigate threats to their core network by reducing signaling overhead. We also present selected applications such as prevention of SMS spam, mobile theft and mobile malware. Permission to freely reproduce all or part of this paper for noncommercial purposes is granted provided that copies bear this notice and the full citation on the first page. Reproduction for commercial purposes is strictly prohibited without the prior written consent of the Internet Society, the first-named author (for reproduction of an entire paper only), and the author's employer if the paper was prepared within the scope of employment.

show abstract

Section: Related Work and Backgroundmentioning

confidence: 99%

Cellpot: A Concept for Next Generation Cellular Network Honeypots

Liebergeld¹,

Lange²,

Borgaonkar³

2014

Proceedings 2014 Workshop on Security of Emerging Networking Technologies

Self Cite

View full text Add to dashboard Cite

show abstract

“…In order to understand this attack vector, we need to comprehend how a modern smartphone works. A modern smartphone is built with two OSs, running in two very different environments [4]. On one hand we have the AP, Application Processor, where the android OS and all the applications with which the user interacts run.…”

Section: At Commandsmentioning

confidence: 99%

USB Connection Vulnerabilities on Android Smartphones: Default and Vendors’ Customizations

Pereira

Correia

Brandão

2014

Advanced Information Systems Engineering

View full text Add to dashboard Cite

We expose an USB vulnerability in some vendors' customization of the android system, where the serial AT commands processed by the cellular modem are extended to allow other functionalities. We target that vulnerability for the specific vendor system and present a proof of concept of the attack in a realistic scenario environment. For this we use an apparently inoffensive smartphone charging station like the one that is now common at public places like airports. We unveil the implications of such vulnerability that culminate in flashing a compromised boot partition, root access, enable adb and install a surveillance application that is impossible to uninstall without re-flashing the android boot partition. All these attacks are done without user consent or knowledge on the attacked mobile phone.

show abstract

“…In wireline networks, malicious botnets are used to generate various forms of spam, phishing, and distributed denial-of-service (DDoS) attacks. Mobile botnets extend such capability to cellular networks, give cybercriminals the advantages of control and adaptability, and pose a significant threat to the mobile core network as they could be used to launch debilitating signaling-based DDoS attacks [25]- [28].…”

Section: A Mobile Malwarementioning

confidence: 99%

Security for smart mobile networks: The NEMESYS approach

Gelenbe

Görbil

Tzovaras

et al. 2013

2013 IEEE Global High Tech Congress on Electronics

Self Cite

View full text Add to dashboard Cite

Abstract-The growing popularity of smart mobile devices such as smartphones and tablets has made them an attractive target for cyber-criminals, resulting in a rapidly growing and evolving mobile threat as attackers experiment with new business models by targeting mobile users. With the emergence of the first large-scale mobile botnets, the core network has also become vulnerable to distributed denial-of-service attacks such as the signaling attack. Furthermore, complementary access methods such as Wi-Fi and femtocells introduce additional vulnerabilities for the mobile users as well as the core network. In this paper, we present the NEMESYS approach to smart mobile network security. The goal of the NEMESYS project is to develop novel security technologies for seamless service provisioning in the smart mobile ecosystem, and to improve mobile network security through a better understanding of the threat landscape. To this purpose, NEMESYS will collect and analyze information about the nature of cyber-attacks targeting smart mobile devices and the core network so that appropriate counter-measures can be taken. We are developing a data collection infrastructure that incorporates virtualized mobile honeypots and honeyclients in order to gather, detect and provide early warning of mobile attacks and understand the modus operandi of cyber-criminals that target mobile devices. By correlating the extracted information with known attack patterns from wireline networks, we plan to reveal and identify the possible shift in the way that cyber-criminals launch attacks against smart mobile devices.

show abstract

Taming Mr Hayes: Mitigating signaling based attacks on smartphones

Cited by 13 publications

References 22 publications

Cellpot: A Concept for Next Generation Cellular Network Honeypots

Cellpot: A Concept for Next Generation Cellular Network Honeypots

USB Connection Vulnerabilities on Android Smartphones: Default and Vendors’ Customizations

Security for smart mobile networks: The NEMESYS approach

Contact Info

Product

Resources

About