• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Mobile cloning paper

Mobile cloning paper






Total Views
Views on SlideShare
Embed Views



0 Embeds 0

No embeds



Upload Details

Uploaded via as Microsoft Word

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.


12 of 2 previous next

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
  • k
    Are you sure you want to
    Your message goes here
  • http://image.slidesharecdn.com/mobilecloningpaper-130118232048-phpapp01/95/slide-4-638.jpg?1358573419
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    Mobile cloning paper Mobile cloning paper Document Transcript

    • Mobile Phone Cloning A.Shanmuga Sundaram M.Adityan Electrical and Electronics Engineering Electrical and Electronics Engineering Sri Krishna College of Engineering and Sri Krishna College of Engineering and Technology Technology Coimbatore, India Coimbatore, India saishanmu20.12.92@gmail.com adityanmurthi82@gmail.comAbstract- Mobile communication has been readily improve their technology. But the operators claim theyavailable for several years, and is major business cant do much for now. "Its like stealing cars ortoday. It provides a valuable service to its users who duplicating credit card numbers. The service providersare willing to pay a considerable premium over a fixed cannot do much except keep track of the billingline phone, to be able to walk and talk freely. Because pattern of the users. But since the billing cycle isof its usefulness and the money involved in the monthly, the damage is done by the time we can detectbusiness, it is subject to fraud. Unfortunately, the the mischief," says a Reliance executive.advance of security standards has not kept pace with Qualcomm, which develops CDMA technologythe dissemination of mobile communication. globally, says each instance of mobile hacking is different and therefore there is very little an operatorSome of the features of mobile communication make it can do to prevent hacking. "Its like a virus hitting thean alluring target for criminals. It is a relatively new computer. Each software used to hack into the networkinvention, so not all people are quite familiar with its is different, so operators can only keep upgrading theirpossibilities, in good or in bad. Its newness also means security firewall as and when the hackers strike," saysintense competition among mobile phone service a Qualcomm executive.providers as they are attracting customers. The majorthreat to mobile phone is from cloning.IndexTerms: Cell phone cloning,GSM,CDMA,EMIE andPIN,PatagoniaIntroduction :While mobile cloning is an emerging threat for Indiansubscribers, it has been happening in other telecommarkets since the 1990s, though mostly with regard toCDMA phones. Pleas in an US District Court in 1997effectively ended West Texas authorities first case of`phone cloning. Authorities in the case estimated the What is mobile phone cloning?loss at $3,000 to $4,000 for each number used.Southwestern Bell claims wireless fraud costs the When we look up the dictionary meaning of cloning itindustry $650 million each year in the US. Some states, “ to create the exact replica or a mirror image offederal agents in the US have called phone cloning an an subject understudy. The subject can be any thingespecially `popular crime because it is hard to trace. living or non-living so here we take into considerationBack home, police officers say the Yasin case is just the cellular or mobile phones. So Mobile cloning isthe tip of the iceberg and have asked operators to copying the identity of one mobile telephone to another mobile telephone. Every electronic device has a working frequency, which plays a crucial role in its
    • operation this we shall discuss later. Now the question could listen in to nearly any analogue mobile phonethat arises is how is a mobile phone cloned. I shall be call. As a result, Cabinet Ministers, company chiefsdiscussing this in detail, because it is a very complex and celebrities routinely found their most intimateprocedure in which we have to be familiar with the conversations published in the next days tabloidsfollowing terms. Cell phone cloning started with Motorola "bag" phones and reached its peak in the mid 90s with a commonly available modification for the Motorola "brick" phones, such as the Classic, the Ultra Classic, and the Model 8000. Cellular phone cloningWhat are GSM and CDMS mobile phonesets?CDMA is one of the newer digital technologies usedin Canada, the US, Australia, and some South-easternAsian countries (e.g. Hong Kong and South Korea). GSM:CDMA differs from GSM and TDMA (Time Division Global System for Mobile Communications. A digitalMultiple Access) by its use of spread spectrum cellular phone technology based on TDMA GSMtechniques for transmitting voice or data over the air. phones use a Subscriber Identity Module (SIM) cardRather than dividing the radio frequency spectrum into that contains user account information. Any GSMseparate user channels by frequency slices or time phone becomes immediately programmed afterslots, spread spectrum technology separates users by plugging in the SIM card, thus allowing GSM phonesassigning them digital codes within the same broad to be easily rented or borrowed.Operators who providespectrum. Advantages of CDMA include higher user GSM service are Airtel,Hutch etc.capacity and immunity from interference by othersignals. CDMA:GSM is a digital mobile telephone system that is Code Division Multiple Access. A method forwidely used in Europe and other parts of the world. transmitting simultaneous signals over a sharedGSM uses a variation of TDMA and is the most portion of the spectrum. There is no Subscriberwidely used of the three digital wireless telephone Identity Module (SIM) card unlike in GSM.Operatorstechnologies. GSM digitizes and compresses data, then who provides CDMA service in India are Reliance andsends it down a channel with two other streams of user Tata Indicom.data, each in its own time slot. It operates at either the900 MHz or 1,800 MHz frequency band. Mobile Phone Cloning Software:Rise of Cell Cloning: Cloning involved modifying or replacing the EPROM in the phone with a new chip which would allow youThe early 1990s were boom times for eavesdroppers. to configure an ESN (Electronic serial number) viaAny curious teenager with a £100 Tandy Scanner software. You would also have to change the MIN
    • (Mobile Identification Number). When you had is entered into the phone. There are also more discreet,successfully changed the ESN/MIN pair, your phone concealable devices used to clone cellular phones.was an effective clone of the other phone. Cloning Plugs and ES-Pros, which are about the size of a pagerrequired access to ESN and MIN pairs. ESN/MIN or small calculator, do not require computers orpairs were discovered in several ways: copycat boxes for cloning. The entire programming Sniffing the cellular process takes ten-15 minutes per phone. Trashing cellular companies or cellular resellers Hacking cellular companies or cellular resellersCloning still works under the AMPS/NAMPS system,but has fallen in popularity as older clone able phonesare more difficult to find and newer phones have notbeen successfully reverse-engineered.Cloning hasbeen successfully demonstrated under GSM, but theprocess is not easy and it currently remains in therealm of serious hobbyists and researchers.How is a phone cloned?Cellular thieves can capture ESN/MINs using devicessuch as cell phone ESN reader or digital data This was how CDMA handsets are cloned but now weinterpreters (DDI). DDIs are devices specially face a question that being: -Do GSM sets run the riskmanufactured to intercept ESN/MINs. By simply of‘’cloning’?sitting near busy roads where the volume of cellular Looking at the recent case, it is quite possible to clonetraffic is high, cellular thieves monitoring the radio both GSM and CDMA sets. The accused in the Delhiwave transmissions from the cell phones of legitimate case used software called Patagonia to clone onlysubscribers can capture ESN/MIN pair. Numbers can CDMA phones (Reliance and Tata Indicom).be recorded by hand, one-by-one, or stored in the box However, there are software packages that can be usedand later downloaded to a computer. ESN/MIN to clone even GSM phones (e.g. Airtel, BSNL, Hutch,readers can also be used from inside an offender’s Idea). In order to clone a GSM phone, knowledge ofhome, office, or hotel room, increasing the difficulty the International Mobile Equipment Identity (IMEI) orof detection. instrument number is sufficient. But the GSM-based operators maintain that the fraud The ESN/MIN pair can be cloned in a number of is happening on CDMA, for now, and so theirways without the knowledge of the carrier or subscribers wouldnt need to worry. Operators in othersubscriber through the use of electronic scanning countries have deployed various technologies to tackledevices. After the ESN/MIN pair is captured, the this menace. They are: -cloner reprograms or alters the microchip of anywireless phone to create a clone of the wireless phone 1) Theres the duplicate detection method where thefrom which the ESN/MIN pair was stolen. The entire network sees the same phone in several places at theprogramming process takes 10-15 minutes per phone. same time. Reactions include shutting them all off, soAny call made with cloned phone are billed to and that the real customer will contact the operator becausetraced to a legitimate phone account. Innocent citizens he has lost the service he is paying for.end up with unexplained monthly phone bills. To 2) Velocity trap is another test to check the situation,reprogram a phone, the ESN/MINs are transferred whereby the mobile phone seems to be moving atusing a computer loaded with specialized software, or impossible, or most unlikely speeds. For example, if aa “copycat” box, a device whose sole purpose is to call is first made in Delhi, and five minutes later,clone phones. The devices are connected to the another call is made but this time in Chennai, therecellular handsets and the new identifying information
    • must be two phones with the same identity on thenetwork. Impact of cloning:3) Some operators also use Radio Frequency Each year, the mobile phone industry loses millions offingerprinting, originally a military technology. Even dollars in revenue because of the criminal actions ofidentical radio equipment has a distinguishing persons who are able to reconfigure mobile phones so`fingerprint, so the network software stores and that their calls are billed to other phones owned bycompares fingerprints for all the phones that it sees. innocent third persons. Often these cloned phones areThis way, it will spot the clones with the same used to place hundreds of calls, often long distance,identity, but different fingerprints. even to foreign countries, resulting in thousands of dollars in airtime and long distance charges. Cellular4) Usage profiling is another way wherein profiles of telephone companies do not require their customers tocustomers phone usage are kept, and when pay for any charges illegally made to their account, nodiscrepancies are noticed, the customer is contacted. matter how great the cost. But some portion of the costFor example, if a customer normally makes only local of these illegal telephone calls is passed along tonetwork calls but is suddenly placing calls to foreign cellular telephone consumers as a whole.countries for hours of airtime, it indicates a possibleclone. Many criminals use cloned cellular telephones for illegal activities, because their calls are not billed toWhat is Patagonia? them, and are therefore much more difficult to trace. His phenomenon is especially prevalent in drugPatagonia is a software available in the market which crimes. Drug dealers need to be in constant contactis used to clone CDMA phone.Using this software a with their sources of supply and their confederates oncloner can take over the control of a CDMA phone i.e. the streets. Traffickers acquire cloned phones at acloning of phone.There are other Software’s avai;able minimum cost, make dozens of calls, and then throwin the market to clone GSM phone.This software’s are the phone away after as little as a days use. In theeasily available in the market.A SIM can be cloned same way, criminals who pose a threat to our nationalagain and again and they can be used at different security, such as terrorists, have been known to useplaces.Messages and calls sent by cloned phones can cloned phones to thwart law enforcement effortsbe tracked.However,if the accuses manages to also aimed at tracking their whereabouts.clone the IMEI number of the handset,for whichsoftware’s are available,there is no way he can be Methods To Detect Cloned Phones In Atraced. Network: Several countermeasures were taken with varying success. Here are various methods to detect cloned phones on the network: Duplicate detection - The network sees the same phone in several places at the same time. Reactions include shutting them all off so that the real customer will contact the operator because he lost the service he is paying for, or tearing down connections so that the clone users will switch to another clone but the real user will contact the operator. Velocity trap - The mobile phone seems to be moving at impossible, or most unlikely speeds. For example, if a call is first made in Helsinki, and five Cellular cloning minutes later, another call is made but this time in
    • Tampere, there must be two phones with the same How To Know That The Cell Has Beenidentity on the network. Cloned?RF (Radio Frequency) - fingerprinting is 1. Frequent wrong number phone calls to youroriginally a military technology. Even nominally phone, or hang-ups.identical radio equipment has a distinguishing 2. Difficulty in placing outgoing calls.``fingerprint, so the network software stores and 3. Difficulty in retrieving voice mail messages.compares fingerprints for all the phones that it sees. 4. Incoming calls constantly receiving busyThis way, it will spot the clones with the same identity signals or wrong numbers. Unusual callsbut different fingerprints. appearing on your phone billsUsage profiling - Profiles of customers phoneusage are kept, and when discrepancies are noticed,the customer is contacted. Credit card companies usethe same method. For example, if a customer normallymakes only local network calls but is suddenly placingcalls to foreign countries for hours of airtime, itindicates a possible clone.Call counting - Both the phone and the networkkeep track of calls made with the phone, and shouldthey differ more than the usually allowed one call,service is denied.PIN codes - Prior to placing a call, the callerunlocks the phone by entering a PIN code and then Prevention for Cloning?calls as usual. After the call has been completed, theuser locks the phone by entering the PIN code again. Uniquely identifies a mobile unit within a wirelessOperators may share PIN information to enable safer carriers network. The MIN often can be dialed fromroaming. other wireless or wire line networks. The number differs from the electronic serial number (ESN), which is the unit number assigned by a phone manufacturer. MINs and ESNs can be checked electronically to help prevent fraud.Mobiles should never be trusted for communicating/storing confidential information. Always set a Pin thats required before the phone can be used. Check that all mobile devices are covered by a corporate security policy.Ensure one person is responsible for keeping tabs on who has what equipment and that they update the central register. How do service providers handle reports of cloned phones?Legitimate subscribers who have their phones cloned will receive bills with charges for calls they didnt make. Sometimes these charges amount to several thousands of dollars in addition to the legitimate charges. Typically, the service provider will assume the cost of those additional fraudulent calls. However, to keep the cloned phone from continuing to Duplicate Detection receive service, the service provider will terminate the legitimate phone subscription. The subscriber is then required to activate a new subscription with a different
    • phone number requiring reprogramming of the phone, weakness and vulnerability of existing telecomalong with the additional headaches that go along with systems. If it is planned to invest in new telecomphone number changes. equipment, a security plan should be made and the system tested before being implemented. It is thereforeSolution to this problem: mandatory to keep in mind that a technique which is described as safe today can be the most unsecuredCloning, as the crime branch detectives divulge, starts technique in the future.when some one, working for a mobile phone serviceprovider, agrees to sell the security numbers to gray CONCLUSION:market operators. Every mobile handset has a uniquefactory-coded electronic serial number and a mobile Presently the cellular phone industry relies onidentification number. The buyer can then program common law (fraud and theft) and in-house counterthese security numbers into new handsets. measures to address cellular phone fraud.Is in initial stages in India so preventive steps should be taken byThe onus to check the misuse of mobile cloning the network provider and the Government thephenomenon falls on the subscriber himself. The enactment of legislation to prosecute crimes related tosubscribers, according to the officials, should be on the cellular phones is not viewed as a priority, however. Italert and inform the police on suspecting any foul is essential that intended mobile crime legislation beplay. It would be advisable for them to ask for the list comprehensive enough to incorporate cellular phoneof outgoing calls, as soon as they realize that theyve fraud, in particular "cloning fraud" as a specific crime.been overcharged. Meanwhile, the crime branch is Existing cellular systems have a number of potentialhopeful to find out away to stop the mobile cloning weaknesses that were considered. It is crucial thatphenomenon. businesses and staff take mobile phone security seriously.For example Awareness and a few sensible precautions as part ofThe Central Forensic Laboratory at Hyderabad has the overall enterprise security policy will deter all butreportedly developed software that would detect the most sophisticated criminal. It is also mandatory tocloned mobile phones. Called the Speaker keep in mind that a technique which is described asIdentification Technique, the software enables one to safe today can be the most unsecured technique in therecognize the voice of a person by acoustics analysis. future. Therefore it is absolutely important to checkThese methods are only good at detecting cloning, not the function of a security system once a year and ifpreventing damage. A better solution is necessary update or replace it. Finally, cell-phonesto add authentication to the system. But this means have to go a long way in security before they can beupgrading the software of the operators network, and used in critical applications like m-commerce.renewing the SIM-cards, which is not an easy or acheap task. Reference:This initiative by the Forensic Laboratory had to be [1]http://www.cdmasoftware.com/eng.htmltaken up in the wake of more and more reports ofmisuse of cloned mobiles. [2] http://wiretap.spies.com [3]http://www.hackinthebox.org/FUTURE THREATS: [4]http://www.google.comResolving subscriber fraud can be a long and difficultprocess for the victim. It may take time to discover [5]http://www.wikipedia.comthat subscriber fraud has occurred and an even longertime to prove that you did not incur the debts. Asdescribed in this article there are many ways to abusetelecommunication system, and to prevent abuse fromoccurring it is absolutely necessary to check out the