Thursday, January 5, 2012

GSM Security Features, Threats and Solution

GSM Security Features

Security methods for GSM system is very secure for the current standard available. It has moderate level of service security and it was designed to authenticate the subscriber using a pre-shared key and
challenge-response. Communications are encrypted between the subscriber and base station and it uses a longer authentication key to provide better security. Calls within the network must be anonymity and private for the customer. It is to ensure the correct bills to the right customer and making sure no interference with each other accidentally or intentionally.

GSM Security Threats
  • Eavesdropping
    • The intruder is able to intercept traffic and signal information from other users. Required a modified mobile phone.
  • Impersonation of a user 
    • The ability to send fake data or messages to the network and trick the user making them think that it is from another user. Required a modified mobile phone.
  • Impersonation of the network
    • The ability to send fake data or messages to the network and trick the user making them think that it is from the real network. Required equipment is modified BTS.
  • Man-in-the-middle 
    • The capability whereby the intruder puts itself in between the target user and a genuine network and has the ability to eavesdrop, modify, delete, re-order, replay, and spoof signalling and user data messages exchanged between the two parties. Required equipment is modified BTS in conjunction with a modified MS.
  • Network Authentication Compromise 
    • The intruder possesses a compromised authentication vector such as challenge-response pairs, cipher keys, integrity keys.

GSM Security Solution

Authentication is needed from subscriber so as to protect unauthorized user from entering the network. Using a stronger key encryption is recommended as it is harder to crack.

References
  1. http://www.google.com.sg/url?sa=t&rct=j&q=gsm%20threats&source=web&cd=4&sqi=2&ved=0CD8QFjAD&url=http%3A%2F%2Fojs.academypublisher.com%2Findex.php%2Fjnw%2Farticle%2Fdownload%2F010618%2F655&ei=ob0FT9mLMI-yrAeNg8nWDw&usg=AFQjCNEsrXQwYigy8Q-ZrffzUEmwPdRPXw&cad=rja 
  2. http://uib.academia.edu/toorani/Papers/146481/Solutions_to_the_GSM_Security_Weaknesses
  3. http://www.hackcanada.com/blackcrawl/cell/gsm/gsm-secur/gsm-secur.html
Posted by at

2 comments:

  1. Jeremy_LimJanuary 6, 2012 at 1:05 AM

    In my post I also had eavesdropping as one of my threats. It is indeed one of the most common threats in GSM. Another one is also Cloning.
    The most common threat is still eavesdropping and cloning.

    - Cloning
    Another threat is cloning. This threat allows imposters to easily pick up someone’s phone identity over the air. Imposters can then reprogram their own phone with the person’s identity
    and cause all the imposters’ calls to be charged to the victim’s bill.

    jeremy lim 1005983K

    ReplyDelete
  2. aSiDiKJanuary 6, 2012 at 1:56 PM

    Hi yibing, i like the simple web layout. But there are no pictures nor videos in your blog. I feel that you should have included at least one to help us understand your idea better. On the whole i feel that your contents are sufficient and relevant. So, nice job!

    ReplyDelete

Subscribe to: Post Comments (Atom)