Confidentiality
Protects voice, data and sensitive signalling information (e.g. dialled digits) and prevent them against eavesdropping on the radio path
Protects voice, data and sensitive signalling information (e.g. dialled digits) and prevent them against eavesdropping on the radio path
Anonymity
Protects against someone tracking the location of the user or identifying calls made to or from the user by eavesdropping on the radio path
Protects against someone tracking the location of the user or identifying calls made to or from the user by eavesdropping on the radio path
Authentication
Network operator can verify the identity of the subscriber making it tougher to clone someone else’s mobile phone.
Network operator can verify the identity of the subscriber making it tougher to clone someone else’s mobile phone.
GSM security threats
Unilateral authentication and vulnerability to man-in-the-middle-attack
Happens to the network that authenticate users. User’s network is not authenticated so the user can use a false BTS with the same mobile network code as the subscribers network to impersonate himself and perform a man-in-the-middle-attack. This allows the attackers to perform several scenarios to modify the exchanged data.
Denial of service attack
This happens when a single attacker is capable of disabling the entire GSM cell
Vulnerability to replay attacks
This allows the attacker to misuse the previously exchanged messages between subscriber and network.
GSM security Solutions
Enabling User authentication
User authentication mechanisms generally available on most devices are PINs and passwords. While such knowledge-based authentication mechanisms are not foolproof, they are not the first barrier toward deterring unauthorized access to cell phones.
Avoid questionable actions
Malicious programs are spread to mobile phones mainly through communications channels such as multimedia messages or Bluetooth connections. Any messages or contacts received on a mobile phone from an unknown number or device should be treated with suspicion.
Reference
Enabling User authentication
User authentication mechanisms generally available on most devices are PINs and passwords. While such knowledge-based authentication mechanisms are not foolproof, they are not the first barrier toward deterring unauthorized access to cell phones.
Avoid questionable actions
Malicious programs are spread to mobile phones mainly through communications channels such as multimedia messages or Bluetooth connections. Any messages or contacts received on a mobile phone from an unknown number or device should be treated with suspicion.
Reference
1.
1.
Hello, I have read through your post. It would be more suitable to write the briefly of GSM before starting the following through. The diagram you post is ok.The security features and threats you mentions are also interesting.However, the information for solutions is not enough to cover the security threat solutions. Overall, I am happy to read you post through with interesting.
ReplyDeleteHey kelly, simple post but yet a basic understanding of GSM and GPRS. Not much image and video are inserted to the post to make it more lively. This is a good start to understand the surface of the topic. On the other hand, some information are not much delivered. In conclusion, it is still a good post. good job.
ReplyDeletezameerul
1001010F