Widyatama.lecture.applied Networking.iv Week06 Mobile Security 2
-
Upload
djadja-sardjana -
Category
Documents
-
view
214 -
download
0
Transcript of Widyatama.lecture.applied Networking.iv Week06 Mobile Security 2
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week06 Mobile Security 2
1/23
Applied Networking-IV (2231114)
Lecture Week-5
Mobile Security-1
1818--MarMar--1010 WidyatamaWidyatama UniversityUniversity--InformaticsInformatics 11
Lecture by:Lecture by: Djadja.SardjanaDjadja.Sardjana, S.T., M.M., S.T., M.M.www.slideshare.net/djadjawww.slideshare.net/djadja
[email protected]@widyatama.ac.id
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week06 Mobile Security 2
2/23
Mobile SecurityMobile Security--22
1818--MarMar--1010 Widyatama UniversityWidyatama University--InformaticsInformatics 22
MobileSecurity
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week06 Mobile Security 2
3/23
ContentsContents
Introduction to WirelessIntroduction to Wireless Wireless WorldWireless World
Wireless ThreatsWireless Threats
Wireless Security Protocols and CryptographyWireless Security Protocols and Cryptography Security Considerations for Wireless DevicesSecurity Considerations for Wireless Devices
Wireless Technologies and ApplicationsWireless Technologies and Applications Cellular NetworksCellular Networks
Wireless Data NetworksWireless Data Networks
Wireless Standards and TechnologiesWireless Standards and Technologies
-- 33 --
Implementing Wireless LANs : Security ConsiderationsImplementing Wireless LANs : Security Considerations Enabling Secure Wireless Access to DataEnabling Secure Wireless Access to Data
Real Examples from the Wireless WorldReal Examples from the Wireless World
The Wireless FutureThe Wireless Future
Accessing Wireless LANsAccessing Wireless LANs
1818--MarMar--1010 Widyatama UniversityWidyatama University--InformaticsInformatics
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week06 Mobile Security 2
4/23
Wireless World (1/2)Wireless World (1/2)
History of Wireless TechnologiesHistory of Wireless Technologies Transmitting the 1Transmitting the 1stst wireless radio signal in 1894 by G. Marconiwireless radio signal in 1894 by G. Marconi
AM radio sets in 1920s by GE, AT&T, RCAAM radio sets in 1920s by GE, AT&T, RCA TV, radio, phone took 20TV, radio, phone took 20--30 years to reach 25% of US population30 years to reach 25% of US population
After world war IIAfter world war II 1970s : 11970s : 1stst wireless networkswireless networks
analog, operated in a limited frequency range, only a low volume of simultaneous callsanalog, operated in a limited frequency range, only a low volume of simultaneous calls
AT&TAT&Ts Advanced Mobile Phone Service in 1979s Advanced Mobile Phone Service in 1979
GSM (Global System for Mobile Communications) standardGSM (Global System for Mobile Communications) standard
1980s : wireless markets start to evolve1980s : wireless markets start to evolve
1990s : wireless networks mature1990s : wireless networks mature 11stst commercial GSM networks in 1991 (2001, 800 M users)commercial GSM networks in 1991 (2001, 800 M users)
2G networks2G networks TDMA, CDMA, Personal Digital CommunicationsTDMA, CDMA, Personal Digital Communications
Wireless LAN standard (IEEE 802.11) in 1990Wireless LAN standard (IEEE 802.11) in 1990
-- 44 --
, , , ,, , , ,
Wireless Internet, WAP in 1997Wireless Internet, WAP in 1997 ObstaclesObstacles
Economics : e.g. wirelessEconomics : e.g. wireless--internetinternet--capable cell phones, high price Bluetooth chipsetscapable cell phones, high price Bluetooth chipsets
User experience : slow and inconvenienceUser experience : slow and inconvenience
Security : stock trading, access to corporate networksSecurity : stock trading, access to corporate networks
Market forecastMarket forecast Wireless LAN (more than $3B) vs. Bluetooth (less than $1B) in 2005Wireless LAN (more than $3B) vs. Bluetooth (less than $1B) in 2005
1818--MarMar--1010 Widyatama UniversityWidyatama University--InformaticsInformatics
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week06 Mobile Security 2
5/23
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week06 Mobile Security 2
6/23
Wireless Threats (1/2)Wireless Threats (1/2)
Uncontrolled TerrainUncontrolled Terrain Anonymous, uncontrolled coverage areasAnonymous, uncontrolled coverage areas
EavesdroppingEavesdropping Anonymous attacker passively intercepting radio signals and decoding the data beingAnonymous attacker passively intercepting radio signals and decoding the data being
transmittedtransmitted
Sensitive data such as username and password inSensitive data such as username and password in cleartextcleartext Password encryption algorithms such as MS NTLM can be easily brokenPassword encryption algorithms such as MS NTLM can be easily broken Active eavesdroppingActive eavesdropping ARP spoofing : manARP spoofing : man--inin--thethe--middle attackmiddle attack
Communications JammingCommunications Jamming DoSDoS jammingjamming Client jamming : jammed client loses connectivity and cannot access the applicationClient jamming : jammed client loses connectivity and cannot access the application Base station jamming : a rogue stands in for the legitimate base stationBase station jamming : a rogue stands in for the legitimate base station
Injection and Modification of DataInjection and Modification of Data Inserting commands (control messages) to a base stationInserting commands (control messages) to a base station ManMan--inin--thethe--Middle attackMiddle attack
-- 66 --
Rogue ClientRogue Client Rogue Network Access PointsRogue Network Access Points Attack AnonymityAttack Anonymity searching network to gain free anonymous accesssearching network to gain free anonymous access ClientClient--toto--Client AttacksClient Attacks Infrastructure Equipment AttacksInfrastructure Equipment Attacks bypassing virtual LAN security : switch, MAC, routingbypassing virtual LAN security : switch, MAC, routing
attacks (Open Shortest Path First, Enhanced Interior Gateway Routing Protocol)attacks (Open Shortest Path First, Enhanced Interior Gateway Routing Protocol)
1818--MarMar--1010 Widyatama UniversityWidyatama University--InformaticsInformatics
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week06 Mobile Security 2
7/23
Wireless Threats (2/2)Wireless Threats (2/2)
Attacker EquipmentAttacker Equipment Wireless Network InterfaceWireless Network Interface
Wireless Ethernet NICWireless Ethernet NIC
General Packet Radio Service / Cellular Digital Packet Data cellular telephony handsetGeneral Packet Radio Service / Cellular Digital Packet Data cellular telephony handset
Jammer and specialized softwareJammer and specialized software Omnidirectional antennas (unity cainOmnidirectional antennas (unity cain --> collinear), yagi antenna, parabolic> collinear), yagi antenna, parabolic
Covert Wireless ChannelsCovert Wireless Channels Bridge airBridge air--gap networksgap networks
Roaming IssuesRoaming Issues Mobile IPMobile IP location registration and packet redirectionlocation registration and packet redirection
Replay attacks to capture outbound traffic from the networkReplay attacks to capture outbound traffic from the network
-- 77 --
CDMA/GSM cellular network, wireless Ethernet networksCDMA/GSM cellular network, wireless Ethernet networks
Wired Equivalent Privacy (WEP)Wired Equivalent Privacy (WEP) cryptographic mechanism for 802.11cryptographic mechanism for 802.11 Implementation flaws, key management issues (single static key for all users)Implementation flaws, key management issues (single static key for all users)
1818--MarMar--1010 Widyatama UniversityWidyatama University--InformaticsInformatics
Wi l S it P t l &Wi l S it P t l &
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week06 Mobile Security 2
8/23
Wireless Security Protocols &Wireless Security Protocols &Cryptography (1/5)Cryptography (1/5)
Removing the FUD (Fear, Uncertainty, Doubt) inRemoving the FUD (Fear, Uncertainty, Doubt) insolutionsolution
I m lI m l
Internet modelInternet model simplification of the OSIsimplification of the OSI
Wireless LAN security protocolsWireless LAN security protocols To improve 802.11 security mechanismsTo improve 802.11 security mechanisms
Most using security protocols that exist in the network layer andMost using security protocols that exist in the network layer andaboveabove
Cr to ra hCr to ra h
-- 88 --
Caesar Cipher (Plain text Cipher text)Caesar Cipher (Plain text Cipher text) Primary areas where cryptography is usedPrimary areas where cryptography is used
AuthenticationAuthentication
EncryptionEncryption
IntegrityIntegrity
1818--MarMar--1010 Widyatama UniversityWidyatama University--InformaticsInformatics
Wi l S it P t l &Wi l S it P t l &
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week06 Mobile Security 2
9/23
Wireless Security Protocols &Wireless Security Protocols &Cryptography (2/5)Cryptography (2/5)
Secure Sockets Layer / Transport Layer SecuritySecure Sockets Layer / Transport Layer Security SSLSSL
solution to the security problems with web browserssolution to the security problems with web browsers
successor of Ssuccessor of S}}
Other security protocolsOther security protocols Microsoft's Private Communications TechnologyMicrosoft's Private Communications Technology
Secure Transport Layer ProtocolsSecure Transport Layer Protocols
Wireless Transport layer SecurityWireless Transport layer Security
ApplicationsApplications SSL/TLS HTTP connectionSSL/TLS HTTP connection
-- 99 --
, , ., , .
SSL/TLS relies on TCP for the connection and the addition of the SSL/TLS does notSSL/TLS relies on TCP for the connection and the addition of the SSL/TLS does notchange the HTTP communication.change the HTTP communication.
HTTP over SSL/TLS is implemented over TCP port (443) not 80HTTP over SSL/TLS is implemented over TCP port (443) not 80
used to authenticate and encrypt a connectionused to authenticate and encrypt a connection
The authentication is accomplished by using publicThe authentication is accomplished by using public--key cryptography and is referred to askey cryptography and is referred to asa handshake.a handshake.
The actual communications using SSL/TLS use a symmetrical encryption algorithmThe actual communications using SSL/TLS use a symmetrical encryption algorithm
1818--MarMar--1010 Widyatama UniversityWidyatama University--InformaticsInformatics
Wireless Security Protocols &Wireless Security Protocols &
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week06 Mobile Security 2
10/23
Wireless Security Protocols &Wireless Security Protocols &Cryptography (3/5)Cryptography (3/5)
Secure Shell (SSH)Secure Shell (SSH) designed to replace Unix programs (telnet, rlogin,designed to replace Unix programs (telnet, rlogin, rshellrshell,, rcprcp))
much like SSL/TLSmuch like SSL/TLS
ublic ke to set u and s mmetric ke for data transferublic ke to set u and s mmetric ke for data transfer
implementation of SSH protocolimplementation of SSH protocol -- UnixUnix sshssh programprogram eliminate security concerns (sniffing, hijacking, injection) witheliminate security concerns (sniffing, hijacking, injection) with telenettelenet
port forwarding featureport forwarding feature
if not (SSH server + SSH tunnel to user), firewall is configured to only allow trafficif not (SSH server + SSH tunnel to user), firewall is configured to only allow traffic
from the insecure network to the SSH server (and then to Efrom the insecure network to the SSH server (and then to E--mail Server)mail Server) ManMan--inin--thethe--Middle of SSL/TLS and SSHMiddle of SSL/TLS and SSH
attackattack
intercept the handshake and replace the public keys exchanged with counterfeitsintercept the handshake and replace the public keys exchanged with counterfeits
-- 1010 --
keyskeys
solutionsolution
Public Key Infrastructure with Certificate Authority (holding keyPublic Key Infrastructure with Certificate Authority (holding key--signing parties)signing parties)
testingtesting
''dsniffdsniff' can be used for testing applications using SSL/TLS and SSH for MITM' can be used for testing applications using SSL/TLS and SSH for MITM
attacksattacks
1818--MarMar--1010 Widyatama UniversityWidyatama University--InformaticsInformatics
Wireless Security Protocols &Wireless Security Protocols &
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week06 Mobile Security 2
11/23
Wireless Security Protocols &Wireless Security Protocols &Cryptography (4/5)Cryptography (4/5)
WTLSWTLS based on SSL/TLS, used by WAP devices (handsets, PDAs)based on SSL/TLS, used by WAP devices (handsets, PDAs)
while SSL relies on TCP for reliability function (e.g., retransmission of lostwhile SSL relies on TCP for reliability function (e.g., retransmission of lostpackets), WAP devices using WTLS cannot use TCP; WAP devices only usepackets), WAP devices using WTLS cannot use TCP; WAP devices only use
..
3 classes negotiated during the handshake process3 classes negotiated during the handshake process
WTLS class 1 : No certificatesWTLS class 1 : No certificates
no authentication takes place, simply used to set up an encrypted channelno authentication takes place, simply used to set up an encrypted channel
WTLS class 2 : Server certificate onlyWTLS class 2 : Server certificate only
client (handset) authenticates the server (by firmware of the handset)client (handset) authenticates the server (by firmware of the handset) WTLS class 3 : Client and server certificatesWTLS class 3 : Client and server certificates
both; implementation of a PKIboth; implementation of a PKI
WTLS similar to SSL/TLS, as WML to HTML, for WAP devicesWTLS similar to SSL/TLS, as WML to HTML, for WAP devices
-- 1111 --
WEP (Wired Equivalent Privacy)WEP (Wired Equivalent Privacy) included in 802.11included in 802.11
packet encrypted by generating an RC4 stream with a combination of 24packet encrypted by generating an RC4 stream with a combination of 24--bitbitinitialization vector and shared keyinitialization vector and shared key
WEP key can be compromised in a few hours.WEP key can be compromised in a few hours.
common key for all users on a given wireless networkcommon key for all users on a given wireless network
1818--MarMar--1010 Widyatama UniversityWidyatama University--InformaticsInformatics
Wireless Security Protocols &Wireless Security Protocols &
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week06 Mobile Security 2
12/23
Wireless Security Protocols &Wireless Security Protocols &Cryptography (5/5)Cryptography (5/5)
802.1x802.1x layer 2 protocollayer 2 protocol
to authenticate users and can optionally be used to establish encryption keysto authenticate users and can optionally be used to establish encryption keys
IP SecIP Sec lower in the protocol stack than SSL/WTLS, SSH, or WTLS : IP layerlower in the protocol stack than SSL/WTLS, SSH, or WTLS : IP layer
tunnel modetunnel mode
enable all IP traffic to be encrypted and optionally authenticated inside a single sessionenable all IP traffic to be encrypted and optionally authenticated inside a single session
enabling technology behind VPNenabling technology behind VPN
ImplementationImplementation
Encapsulated Security Payload, Authentication HeaderEncapsulated Security Payload, Authentication Header
-- 1212 --
, ,, ,
authentication algorithm for AH : Message Digest 5, Secure Hash Algorithmauthentication algorithm for AH : Message Digest 5, Secure Hash Algorithm ModesModes
Transport mode : only encrypt data of the IP packetTransport mode : only encrypt data of the IP packet
Tunnel mode : encrypt entire packet including the headersTunnel mode : encrypt entire packet including the headers
IPSec VPN tunnel : VPN gateway + IPSec tunnel + remote userIPSec VPN tunnel : VPN gateway + IPSec tunnel + remote user
1818--MarMar--1010 Widyatama UniversityWidyatama University--InformaticsInformatics
Security ConsiderationSecurity Consideration
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week06 Mobile Security 2
13/23
Security ConsiderationSecurity Considerationfor Wireless Devices (1/2)for Wireless Devices (1/2)
Security IssuesSecurity Issues DevicesDevices
laptop, PDA, wireless infrastructure (AP, bridge) mobile phone handsetlaptop, PDA, wireless infrastructure (AP, bridge) mobile phone handset
Physical securityPhysical security
oss o ev ceoss o ev ce --> oc> oc Information leakageInformation leakage
Device security featuresDevice security features
factory or master passwordsfactory or master passwords
Application securityApplication security
embedding passwords or keys into an applicationembedding passwords or keys into an application --> reverse> reverse--engineeringengineering
sensitive applicationsensitive application
Detailed Device AnalysisDetailed Device Analysis
-- 1313 --
ap opap op
loss of data encryption keys (e.g., wired equivalent privacy keys, soft tokens, passwords)loss of data encryption keys (e.g., wired equivalent privacy keys, soft tokens, passwords)
not store the keys on the machine; HIDS, personal firewall software; disabling boot up with CDnot store the keys on the machine; HIDS, personal firewall software; disabling boot up with CD
PDAPDA
poor password protection; input mechanisms (e.g., wireless, infrared port, USB, Bluetooth)poor password protection; input mechanisms (e.g., wireless, infrared port, USB, Bluetooth)
encrypt sensitive data (Elliptic Curve Cryptography)encrypt sensitive data (Elliptic Curve Cryptography)
1818--MarMar--1010 WidyatamaWidyatama UniversityUniversity--InformaticsInformatics
Security ConsiderationSecurity Consideration
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week06 Mobile Security 2
14/23
Security ConsiderationSecurity Considerationfor Wireless Devices (2/2)for Wireless Devices (2/2)
Detailed Device Analysis (cont.)Detailed Device Analysis (cont.)
Wireless InfrastructureWireless Infrastructure
disable security features (EAP, WEP) or reveal networkdisable security features (EAP, WEP) or reveal networkconfiguration informationconfiguration information
use secure protocols (SSH, SSL, SNMPv3); disable insecureuse secure protocols (SSH, SSL, SNMPv3); disable insecureprotocols (HTTP, SNMPv1)protocols (HTTP, SNMPv1)
HandsetHandset SMS handler vulnerable to attackSMS handler vulnerable to attack -->> DoSDoS or execution ofor execution of
commands; DES key for SIMcommands; DES key for SIM
-- 1414 --
WTLSWTLS
1818--MarMar--1010 Widyatama UniversityWidyatama University--InformaticsInformatics
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week06 Mobile Security 2
15/23
Cellular Networks (1/4)Cellular Networks (1/4)
3 Methods for Spectrum Allocation : provides access to a given3 Methods for Spectrum Allocation : provides access to a givenfrequency for multiple usersfrequency for multiple users Frequency Division Multiple Access (FDMA)Frequency Division Multiple Access (FDMA) Time Division Multiple Access (TDMA)Time Division Multiple Access (TDMA)
FDMAFDMA used on the initial analog Advanced Mobile Phone System (AMPS)used on the initial analog Advanced Mobile Phone System (AMPS) available spectrum divided into channels; each channel used for a singleavailable spectrum divided into channels; each channel used for a single
conversationconversation FDMA assigns channels even if no conversations are taking placeFDMA assigns channels even if no conversations are taking place -- less efficientless efficient only for voice transmissiononly for voice transmission 2G wireless technologies2G wireless technologies
GSM : 80%, CDMA : 11%, PDC : 5%, traditional TDMA : 2%,GSM : 80%, CDMA : 11%, PDC : 5%, traditional TDMA : 2%, iDENiDEN : 1%: 1%
-- 1515 --
digitizes the voice signal and turns the signal into a series of short packetsdigitizes the voice signal and turns the signal into a series of short packets uses a singleuses a single--frequency channel for a very short time and migrates to anotherfrequency channel for a very short time and migrates to another
channelchannel voice packets can occupy different time slots in different frequency ranges at thevoice packets can occupy different time slots in different frequency ranges at the
same timesame time digital signal, better frequency allocation, support for multiple data typesdigital signal, better frequency allocation, support for multiple data types Global System for Mobile Communications (GSM) basisGlobal System for Mobile Communications (GSM) basis
1818--MarMar--1010 Widyatama UniversityWidyatama University--InformaticsInformatics
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week06 Mobile Security 2
16/23
C ll l N k ( / )C ll l N k ( / )
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week06 Mobile Security 2
17/23
Cellular Networks (3/4)Cellular Networks (3/4)
Security ThreatsSecurity Threats Network Operator's Security GoalsNetwork Operator's Security Goals Authentication, Privacy, Data and voice integrity, PerformanceAuthentication, Privacy, Data and voice integrity, Performance
Security Risks and ThreatsSecurity Risks and Threats Network and systems availability (Network and systems availability (DoSDoS), Physical protection, Fraud (cloned or pirated handsets)), Physical protection, Fraud (cloned or pirated handsets)
Types of Cellular FraudTypes of Cellular Fraud theft of handsets, sign up for services using false id, handset cloning,theft of handsets, sign up for services using false id, handset cloning,
Combating FraudCombating Fraud encryption (Electronic Serial Number), blacklist (track the ESNs of stolen phones), traffic analysis, legislationencryption (Electronic Serial Number), blacklist (track the ESNs of stolen phones), traffic analysis, legislation
General Security PrinciplesGeneral Security Principles EncryptionEncryption -- size of key : 56size of key : 56--bit in DESbit in DES
GSMGSM handsets with SIM card (smart card with 32K/64K EEPROM)handsets with SIM card (smart card with 32K/64K EEPROM) base transceiver stationbase transceiver station base station controllerbase station controller mobile switching centermobile switching center
-- 1717 --
home location register / visitor location registerhome location register / visitor location register operating and maintenance centeroperating and maintenance center
GSM securityGSM security authentication algorithm for handset (A3)authentication algorithm for handset (A3) block cipher algorithm to encrypt voice and data (A5/1 or A5/2)block cipher algorithm to encrypt voice and data (A5/1 or A5/2) key generation algorithm (A8)key generation algorithm (A8)
1818--MarMar--1010 Widyatama UniversityWidyatama University--InformaticsInformatics
C ll l N k (4/4)C ll l N k (4/4)
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week06 Mobile Security 2
18/23
Cellular Networks (4/4)Cellular Networks (4/4)
CDMACDMA a 64a 64--bit symmetric key (called Abit symmetric key (called A--Key) for authentication, no SIM cardKey) for authentication, no SIM card why not public keyswhy not public keys -- hardware limitation, infrastructure requirementshardware limitation, infrastructure requirements AuthenticationAuthentication
encryption algorithm CAVE (cellular authentication and voice encryption)encryption algorithm CAVE (cellular authentication and voice encryption) ---- ,,
stepssteps commence a call; MSC retrieve subscriber info from HLR, MSC generates 24commence a call; MSC retrieve subscriber info from HLR, MSC generates 24--bit random number for unique challengebit random number for unique challenge
(RANDU); RANDU is transmitted to the phone, phone generate 18(RANDU); RANDU is transmitted to the phone, phone generate 18--bit AUTHU, MSC calculates AUTU which shouldbit AUTHU, MSC calculates AUTU which shouldmatchmatch
ConfidentialityConfidentiality 6464--bit Signaling Message Encryption Key (SMEKEY)bit Signaling Message Encryption Key (SMEKEY)
ShortcomingsShortcomings no mutual authenticationno mutual authentication poor security algorithms (replacing CAVE with SHApoor security algorithms (replacing CAVE with SHA--1)1) no consistent SIM card mechanism on handset for key storageno consistent SIM card mechanism on handset for key storage voice encryption not alwaysvoice encryption not always
-- 1818 --1818--MarMar--1010 Widyatama UniversityWidyatama University--InformaticsInformatics
Wi l D t N t k (1/3)Wi l D t N t k (1/3)
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week06 Mobile Security 2
19/23
Wireless Data Networks (1/3)Wireless Data Networks (1/3)
General DemandsGeneral Demands faster throughputfaster throughput more global roaming capabilitiesmore global roaming capabilities interoperability with internetinteroperability with internet
Wireless Data NetworksWireless Data Networks Cellular Digital Packet Data (CDPD)Cellular Digital Packet Data (CDPD) MobitexMobitex General packet Radio Service (GPRS)General packet Radio Service (GPRS)
Cellular Digital Packet Data (CDPD)Cellular Digital Packet Data (CDPD) standard developed in US in 1990sstandard developed in US in 1990s
offering wireless data services using AMPS (Advanced Mobile Phone Service) infrastructureoffering wireless data services using AMPS (Advanced Mobile Phone Service) infrastructure
advantagesadvantages speed (19.2 Kbps), TCP/IP based (compatible with Internet), quick call setupspeed (19.2 Kbps), TCP/IP based (compatible with Internet), quick call setup
architecturearchitecture similar to wireless voice networkssimilar to wireless voice networks mobile end system ... mobile database stationsmobile end system ... mobile database stations -- mobile data intermediate systemmobile data intermediate system -- Internet (firewall)Internet (firewall)
-- 1919 --
similar to wireless voice network (CDMA) : unique id called NEI (Network Entity Identifier)similar to wireless voice network (CDMA) : unique id called NEI (Network Entity Identifier) no tamperno tamper--resistant hardware such as SIMresistant hardware such as SIM DiffieDiffie--Hellman key exchangeHellman key exchange vulnerabilitiesvulnerabilities
no mutual authentication, local key storage (no SIM to store NEI)no mutual authentication, local key storage (no SIM to store NEI)
1818--MarMar--1010 Widyatama UniversityWidyatama University--InformaticsInformatics
Wi l D t N t k (2/3)Wi l D t N t k (2/3)
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week06 Mobile Security 2
20/23
Wireless Data Networks (2/3)Wireless Data Networks (2/3)
MobitexMobitex wireless data technology developed by Ericsson inwireless data technology developed by Ericsson in
1980s1980s operate n one o 4 requency am es 80 z, 400 z, 800 z, 900 zoperate n one o 4 requency am es 80 z, 400 z, 800 z, 900 z
8Kbps rate, 5128Kbps rate, 512--bytpe block transmissionbytpe block transmission royaltyroyalty--free licensefree license
architecturearchitecture peerpeer--toto--peer ... base stationpeer ... base station -- local switchlocal switch -- regional switchregional switch -- national switch /national switch /
InternetInternet
application of the network : Blackberry wireless eapplication of the network : Blackberry wireless e--mail pager offered by Canadianmail pager offered by Canadian--based Research inbased Research inMotion (RIM)Motion (RIM)
-- 2020 --
RIM device (32RIM device (32--bit Intel 386 processor, 2MB flashbit Intel 386 processor, 2MB flash memmem, 304Kb static RAM) security, 304Kb static RAM) security
model focused on MS outlook & Lotus cc:Mailmodel focused on MS outlook & Lotus cc:Mail
RIM security architectureRIM security architecture desktopdesktop -- mail servermail server -- firewallfirewall -- InternetInternet -- mobile network ... RIM handheldmobile network ... RIM handheld
MobitexMobitex vs. CDPD (vs. CDPD (MobitexMobitex will outlast CDPD)will outlast CDPD)
network infrastructure (eliminating AMPS hardware), strong industry associationnetwork infrastructure (eliminating AMPS hardware), strong industry association((MobitexMobitex Operators Association led by Ericsson), greater coverageOperators Association led by Ericsson), greater coverage
1818--MarMar--1010 Widyatama UniversityWidyatama University--InformaticsInformatics
Wi l D t N t k (3/3)Wi l D t N t k (3/3)
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week06 Mobile Security 2
21/23
Wireless Data Networks (3/3)Wireless Data Networks (3/3)General Packet Radio Service (GPRS)General Packet Radio Service (GPRS) GSM developed in 1990sGSM developed in 1990s
packetpacket--basedbased compatibility with the Internetcompatibility with the Internet alwaysalways--on connectionon connection
higher throughputhigher throughput use many time slots in paralleluse many time slots in parallel data split into chunks and sent simultaneously on multiple channels to a handsetdata split into chunks and sent simultaneously on multiple channels to a handset
handsetshandsets Class A terminal (support GPRS and GSM and the simultaneousClass A terminal (support GPRS and GSM and the simultaneous operation)operation)
Class B terminal (support GPRS and GSM but not simultaneously)Class B terminal (support GPRS and GSM but not simultaneously) Class C terminal (only GPRS)Class C terminal (only GPRS)
architecturearchitecture base stationbase station -- base station controllerbase station controller -- SGSNSGSN -- HLR / GGSNHLR / GGSN -- InternetInternet
-- 2121 --
GGSN : gateway GPRS Support NodeGGSN : gateway GPRS Support Node other network components : charging gateway, border gateway, DNSother network components : charging gateway, border gateway, DNS,, firewall andfirewall and NMSNMS
security issuessecurity issues DDoSoS against GGSNagainst GGSN IP address spoofingIP address spoofing GGSNGGSN -- InternetInternet -- VPN serverVPN server -- corporate LANcorporate LAN
not endnot end--toto--end security(SGSNend security(SGSN--GGSN), added cost(VPN), trust issue (enterpriseGGSN), added cost(VPN), trust issue (enterprise -- mobilemobileoperator)operator)
1818--MarMar--1010 Widyatama UniversityWidyatama University--InformaticsInformatics
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week06 Mobile Security 2
22/23
Conclusion & Final WordsConclusion & Final Words
1818--MarMar--1010 Widyatama UniversityWidyatama University--InformaticsInformatics 2222
MobileSecurity
Demo
-
8/9/2019 Widyatama.lecture.applied Networking.iv Week06 Mobile Security 2
23/23
ConclusionConclusion
Threats to organizations are real andThreats to organizations are real and
ncreas ng, seam ess mo y requ resncreas ng, seam ess mo y requ rescareful security planningcareful security planning
Security incidents involving mobile andSecurity incidents involving mobile andwireless environment are increasingwireless environment are increasing
holistic approach that address people,holistic approach that address people,processprocess andand technologytechnology
1818--MarMar--1010 2323Widyatama UniversityWidyatama University--InformaticsInformatics