skip to main content
10.1145/2536853.2536875acmotherconferencesArticle/Chapter ViewAbstractPublication PagesmommConference Proceedingsconference-collections
research-article

Enhancing security in mobile data networks through end user and core network cooperation

Published: 02 December 2013 Publication History

Abstract

Smartphones, tablets and other mobile devices are quickly becoming a common part of our lives. With the popularity growth of these devices, the amount of mobile malware and other cyber-attacks rises. Many security solutions exist for various mobile platforms, however firewall functionality is missing in the majority of these applications. The reason is lack of network traffic filtration support in the most of modern mobile operating systems. This leaves the end user devices protected only by security infrastructure of the internet service provider. This paper proposes an enhanced security model and architecture, which enables network traffic filtration for devices without support of such feature in the operating system. It requires minimal changes in the existing infrastructure and allows multiple deployment scenarios. The usage of this architecture is not limited to mobile devices only, but can be used also in fixed networks.

References

[1]
Biryukov, A., Shamir, A., Wagner, D.: Real Time Cryptanalysis of A5/1 on a PC, Advances in Cryptogology, proceedings of Fast Software Encryption'00, Lecture Notes in Computer Science 1978, Springer-Verlag, pp. 1--18, 2001.
[2]
Dunkelman, O., Keller, N., Shamir, A.: A Practical-Time Attack on the A5/3 Cryptosystem Used in Third Generation GSM Telephony, Cryptology ePrint Archive, 2010, http://cryptome.org/a5-3-attack.pdf.
[3]
Ekdahl, P., Johansson, T.: Another Attack on A5/1, IEEE Transactions on Information Theory, vol. 49, pp. 284--289, 2003.
[4]
freyther, jjako, laf0rge:OpenGGSN, http://sourceforge.net/projects/ggsn/, December 2012.
[5]
Fu, Y., Wang, X.: Firewall Based Scheme to Prevent GPRS Overbilling, Computing, Communication, Control, and Management, 2008. CCCM '08. ISECS International Colloquium on, vol. 2, no., pp.595--598, 3-4 Aug. 2008.
[6]
Kilinc, C., Booth, T., Andersson, K.: WallDroid: Cloud Assisted Virtualized Application Specific Firewalls for the Android OS, Trust, Security and Privacy in Computing and Communications (TrustCom), 2012 IEEE 11th International Conference on, pp.877--883, 25-27 June 2012.
[7]
La Polla, M., Martinelli, F., Sgandurra, D.: A Survey on Security for Mobile Devices, Communications Surveys & Tutorials, IEEE, vol. 15, no.1, pp.446,471, 2013.
[8]
Melette, L., Nohl, K.: Defending mobile phones, 28th Chaos Communication Congress, 2011, http://events.ccc.de/congress/2011/Fahrplan/attachments/1994_111217.SRLabs-28C3-Defending_mobile_phones.pdf.
[9]
Melette, L., Nohl, K.: GPRS Intercept: Wardriving your country, Chaos Communication Camp, 2011, http://events.ccc.de/camp/2011/Fahrplan/attachments/1868_110810.SRLabs-Camp-GRPS_Intercept.pdf
[10]
Meyer, U., Wetzel, S.: A man-in-the-middle attack on UMTS, In: Proceedings of the 2004 ACM Workshop on Wireless Security, 2004, pp. K 90--97.
[11]
Munaut, S.: Cheap DOS and intercepts on GSM, DeepSec 2010, Vienna, 2010.
[12]
Munaut, S., Nohl, K.: Wideband GSM Sniffing, 27th Chaos Communication Congress, 2010, http://events.ccc.de/congress/2010/Fahrplan/attachments/1783_101228.27C3.GSM-Sniffing.Nohl_Munaut.pdf.
[13]
Nohl, K., Paget, CH.: GSM: SRSLY?, 26th Chaos Communication Congress, 2009, http://events.ccc.de/congress/2009/Fahrplan/attachments/1519_26C3.Karsten.Nohl.GSM.pdf
[14]
Nohl, K.: Breaking GSM phone privacy, BlackHat 2010, 2010, https://srlabs.de/decrypting_gsm/100729-breaking-gsm-privacy-blackhat/.
[15]
Paget, CH.: Practical Cellphone Spying, Def Con 18, Las Vegas, 2010.
[16]
Perez, D., Pico, J.: A practical attack against GPRS/EDGE/UMTS/HSPA mobile data communication, Black Hact 2011, 2011, https://media.blackhat.com/bh-dc-11/Perez-Pico/BlackHat_DC_2011_Perez-Pico_Mobile_Attacks-Slides.pdf.
[17]
Petrović, S., Fúster-Sabater, A.: Cryptanalysis of the A5/2 Algorithm, Cryptogology ePrint Archive, 2000, http://www.iacr.org/cryptodb/data/paper.php?pubkey=11396.
[18]
Range Networks: The OpenBTS Project, http://openbts.sourceforge.net/, December 2012.
[19]
SR Labs: A5/1 Security Project, http://reflextor.com/trac/a51, December 2012.
[20]
SR Labs: GSM security map, http://gsmmap.org/cgi-bin, December 2012.
[21]
Osmocom OpenBSC project, http://openbsc.osmocom.org/trac/, December 2012.
[22]
Osmocom OsmoSgsn project, http://openbsc.osmocom.org/trac/wiki/osmo-sgsn, December 2012.
[23]
OsmocomBB project, http://bb.osmocom.org/trac/, December 2012.
[24]
Xenakis, C.: Malicious actions against the GPRS technology, Journal in Computer Virology, vol. 2, no. 2, pp. 121--133, 2006.

Cited By

View all
  • (2019)Enhanced Privacy and AuthenticationWireless Personal Communications: An International Journal10.1007/s11277-015-2699-184:2(1487-1508)Online publication date: 3-Jan-2019
  • (2015)Syn Flood Attack Detection and Type Distinguishing Mechanism Based on Counting Bloom FilterInformation and Communication Technology10.1007/978-3-319-24315-3_4(30-39)Online publication date: 19-Nov-2015

Index Terms

  1. Enhancing security in mobile data networks through end user and core network cooperation

        Recommendations

        Comments

        Information & Contributors

        Information

        Published In

        cover image ACM Other conferences
        MoMM '13: Proceedings of International Conference on Advances in Mobile Computing & Multimedia
        December 2013
        599 pages
        ISBN:9781450321068
        DOI:10.1145/2536853
        Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

        In-Cooperation

        • @WAS: International Organization of Information Integration and Web-based Applications and Services

        Publisher

        Association for Computing Machinery

        New York, NY, United States

        Publication History

        Published: 02 December 2013

        Permissions

        Request permissions for this article.

        Check for updates

        Author Tags

        1. GPRS
        2. Security
        3. UMTS
        4. cellular networks
        5. firewall
        6. mobile device protection
        7. mobile networks
        8. network traffic filtration
        9. wireless networks

        Qualifiers

        • Research-article
        • Research
        • Refereed limited

        Conference

        MoMM '13

        Contributors

        Other Metrics

        Bibliometrics & Citations

        Bibliometrics

        Article Metrics

        • Downloads (Last 12 months)2
        • Downloads (Last 6 weeks)0
        Reflects downloads up to 15 Jan 2025

        Other Metrics

        Citations

        Cited By

        View all
        • (2019)Enhanced Privacy and AuthenticationWireless Personal Communications: An International Journal10.1007/s11277-015-2699-184:2(1487-1508)Online publication date: 3-Jan-2019
        • (2015)Syn Flood Attack Detection and Type Distinguishing Mechanism Based on Counting Bloom FilterInformation and Communication Technology10.1007/978-3-319-24315-3_4(30-39)Online publication date: 19-Nov-2015

        View Options

        Login options

        View options

        PDF

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader

        Media

        Figures

        Other

        Tables

        Share

        Share

        Share this Publication link

        Share on social media