Skip to main content
SpringerLink
Log in

Malicious actions against the GPRS technology

  • Original Paper
  • Published:
Journal in Computer Virology Aims and scope Submit manuscript

Abstract

This paper presents the malicious actions (attacks), which threaten the general packet radio services (GPRS) network, the GPRS mobile users, and the data that either reside at the network or are transferred through it. These attacks may be performed by malicious third parties, mobile users, network operators or network operator personnel, which exploit the security weaknesses of the GPRS security architecture. Moreover, the attackers take advantage of the lack of adequate security measures that should protect certain parts of the GPRS architecture. The possible attacks against GPRS targets the equipment of mobile users, the radio access network, the GPRS backbone network, and the interfaces that connect the latter to other GPRS networks or the public Internet. The results of these attacks might be the compromise of end-users security, the users over billing, the disclosure or alteration of critical information, the services unavailability, the network breakdown, etc. The analyzed attacks and their consequences increase the risks associated with the usage of GPRS, and, thus, influence its deployment that realizes the concept mobile Internet. In order to defeat certain attacks and enhance the level of security provided by GPRS, specific security measures are proposed.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. 3GPP TS 03.6 (V7.9.0) GPRS Service Description, Stage 2. (2002)

  2. Pagliusi, P. A Contemporary Foreword on GSM Security. In: Proceedings of the Infrastructure Security International Conference (InfraSec 2002), LNCS 2437, pp. 129–144. Springer, Berlin Heidelberg New York (2002)

  3. Mitchell, C. The security of the GSM air Interface protocol. Technical Report, Royal Holloway University of London, http://www.ma.rhul.ac.uk/techreports/. (2001)

  4. 3GPP TS 09.60 (V7.10.0) GPRS Tunneling Protocol (GTP) across the Gn and Gp Interface (2002)

  5. GSM 03.20: Security Related Network Functions (1999)

  6. ETSI TS 100 922 (v7.1.1): Subscriber Identity Modules (SIM) Functional Characteristics (1999)

  7. 3GPP TS 03.03 (v7.8.0): Numbering, Addressing and Identification (2003)

  8. 3GPP TS 01.61 (v7.0.0): GPRS Ciphering Algorithm Requirements (2001)

  9. 3GPP TS 09.02 (v7.15.0): Mobile Application Part (MAP) specification. (2004)

  10. Srisuresh, P., Holdrege, M. IP Network Address Translator (NAT) Terminology and Considerations. RFC 2663 (1999)

  11. Gleeson, B., Lin, A., Heinanen, J., Armitage, G., Malis, A. A Framework for IP Based Virtual Private Networks. RFC 2764 (2000)

  12. Bjaen, G.S., Kaasin, E. Security in GPRS. Master Thesis, Agder University College, Norway, http://student.grm.hia.no/master/ikt01/ikt6400/ekaasin/Master%20Thesis%20Web.htm. (2001)

  13. Barkan, E., Biham, E., Neller, N. Instant Ciphertext-Only Cryptanalysis of GSM Encrypted Communication. In: Proceedings of the Advances in Cryptology (CRYPTO 2003), LNCS 2729, pp. 600–616. Springer, Berlin Heidelberg New York (2003)

  14. Hulton, D. Smart card security: from GSM to parking meters. http://dachb0den.com

  15. Briceno, M., Goldberg, I., Wagner, D. GSM cloning. http://www.isaac.cs.berkeley.edu/isaac/gsm-faq.html

  16. Handschuh, H., Paillier, P. Reducing the collision probability of alleged Comp128. In: Proceedings of the International Conference on Smart Card Research and Applications, LNCS 1820, pp. 366–371. Springer, Berlin Heidelberg New York (2000)

  17. F-Secure Virus Description: http://www.f-secure.com/v-descs/

  18. Rao, J., Rohatgi, P., Scherzer, H., Tinguely, S. Partitioning attacks: or how to rapidly clone some GSM cards. In: Proceedings of the IEEE Symposium on Security and Privacy, Oakland, California, USA (2002)

  19. Nikishin A. (2004) Malicious software – past, present and future. Inf. Secur. Tech. Rep. 9(2): 6–18

    Article  Google Scholar 

  20. Skorobogatov, S., Anderson, R. Optical fault induction attacks. In: Proceedings of CHES ’02, LNCS 2523, pp. 2–12. Springer, Berlin Heidelberg New York (2002) http://www.cl.cam.ac.uk/ sps32/ches02-optofault.pdf

  21. Ekdahl P., Johansson T. (2003) Another attack on A5/1. IEEE Trans. Inf. Theory 49(1): 284–289

    Article  MATH  MathSciNet  Google Scholar 

  22. Xenakis C., Merakos L. (2004) Security in third generation mobile networks. Comput. Commun. 27(7): 638–650

    Article  Google Scholar 

  23. Kent, S., Atkinson, R. Security architecture for the internet protocol. RFC 2401 (1998)

  24. 3GPP TS 33.200 (v4.3.0): 3G security; network domain security; MAP application layer security (2002)

  25. Gupta V., Gupta S. (2001) Securing the wireless internet. IEEE Commun. Mag. 39(12): 68–74

    Article  Google Scholar 

  26. Xenakis, C., Gazis, E., Merakos, L. Secure VPN deployment in GPRS mobile network. In: Proceedings of the European Wireless 2002, Florence Italy, pp. 293–300 (2002)

  27. Xenakis, C., Merakos, L. Dynamic network-based secure VPN deployment in GPRS. In: Proceedings of the PIMRC 2002, Lisboa, Portugal, pp. 1260–1266 (2002)

  28. Xenakis C., Merakos L. (2002) On demand network-wide VPN deployment in GPRS. IEEE Netw. 16(6): 28–37

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Communication Networks Laboratory, Department of Informatics and Telecommunications, University of Athens, Athens, Greece, 15784

    Christos Xenakis

Authors
  1. Christos Xenakis
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Christos Xenakis.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Xenakis, C. Malicious actions against the GPRS technology. J Comput Virol 2, 121–133 (2006). https://doi.org/10.1007/s11416-006-0021-1

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11416-006-0021-1

Keywords

Search

Navigation