In 2014, we launched our open-access repository which offers full text access to conference proceedings from many of our events including the INC and HAISA series. These papers are free to access and distribute (subject to citing the source).
» Openaccess proceedings » Eighth International Network Conference (INC 2010)
Eighth International Network Conference (INC 2010)
Title: Manipulating Mobile Devices with a Private GSM Base
Station – A Case Study
Author(s): Christoph Kemetmüller, Mark Seeger, Harald Baier, Christoph Busch
Abstract: The ascending number of mobile devices is accompanied by an ever increasing
effort of malware developers to find new means of infecting them. GSM,
as a basic technology for mobile communication used by most mobile phones, lacks
certain security aspects. In order to access a provider network the mobile equipment
authenticates itself against the network, whereas the latter does not have to prove its
authenticity. Based on this design flaw we demonstrate an approach to remotely reconfigure
a mobile device in order to manipulate its system settings. This can give
an attacker the opportunity to hijack data connections or even infect the mobile device
with malware. Examination of the applicability of our theoretical approach in a
field experiment proofed the lack of security in GSM. Reconfiguration of mobile devices
during the field experiment was only successful for a few devices because of the
technical limitations and user cautiousness.
Download count: 4752
How to get this paper:
PDF copy of this paper is free to download. You may distribute this copy providing you cite this page as the source.