© Copyright by Sarosh Havewala, 2001
SECURITY CHALLENGES IN MOBILE SYSTEMS AND FUZZY
LOGIC BASED RISK MODEL FOR SECURE HANDLING OF SMS
              MESSAGES I...
Abstract
This study explains the authentication and encryption scheme used in GSM. It explains

the A3, A5 and A8 protocol...
Acknowledgements
I wish to thank my advisor, Prof. Roy Campbell for his guidance and help throughout the

Master’s program...
Table of Contents
Chapter 1   Introduction .       .       .      .     .     .       .   1
     1.1 Security in Mobile Sy...
4.6 Authentication Denial of Service       .      .       .        .   29
            4.6.1 Possible Damage by Authenticat...
7.3 Definitions       .        .     .      .       .      .       .   48
            7.3.1 Fuzzy Set         .     .     ...
Device .          .         .        .       .       .       .        65

            8.4.6 Calculation of Risk to Right t...
List of Figures
3.1    Security Mechanism in GSM .         .       .      .      .     .     10
3.2    COMP 128 Calculatio...
8.17   Membership in Fuzzy Set ‘None’ Risk        .       .      .     .      81
8.18   Membership in Fuzzy Set ‘Very Low’...
Chapter 1 – Introduction

1.1 Security in Mobile Systems

Cellular telephones are increasingly becoming a crucial part of ...
user base of cellular devices, these devices are becoming hot targets for hackers. The fact

that signals are propagating ...
Global System for Mobile Communications (GSM), included short messaging services

from the outset. In North America, SMS w...
1.3 Risk Modeling and Fuzzy Logic

Risk is the probability of loss in a system. The basic goal of risk analysis is to comp...
Chapter 2 – Explanation of Acronyms and Terms
Used
Cellular

It is the term used to refer to the wireless phone systems th...
GSM (Global System for Mobile communication)

This is the name of a TDMA type of digital system originally developed in Eu...
Subscriber Identity Module (SIM)

This is a small smart card that can be placed in GSM hand set. It contains information

...
signed response (SRES) and the session key (Kc) are generated from the RAND and the

individual subscriber authentication ...
Chapter 3 – Security in Cellular Systems

3.1 Need for Security in Cellular Systems

Cellular systems need to be secure be...
A security scheme must not:

   •   Add enormous delays to the call setup time and degrade the quality of the

       subs...
The security mechanisms of GSM [10, 12] are implemented in three different system

elements:

   •   Subscriber Identity M...
The network sends a 128 bit random number (RAND) to the mobile station. The

    mobile station computes a 32 bit signed r...
Subscriber Identity (TMSI) during course of a phone call. The Individual Mobile

       Subscriber Identity (IMSI) is used...
produces a 128-bit output. The first 32 bits of this output is the signed response (SRES).

Ten zero bits are appended to ...
the middle bit of the register. A register is clocked if its middle bit agrees with the

majority value of the three middl...
the first 114 bits are used to decrypt the frame from the mobile station to the base station

and the next 114 bits are us...
Chapter 4 – Attacks on Security in Cellular
Systems
This chapter lists and explains the common attacks on cellular mobile ...
(ISAAC) group at the University of California, Berkeley. Within a day, Wagner and

Goldberg had found a fatal cryptographi...
Figure 4.1: A Cloned GSM Cellular Phone



The attack requires the SIM to be queried about 150,000 times. So, a smartcard ...
attackers: some of them are surprisingly well positioned to mount even relatively

sophisticated and costly attacks. There...
for sharing of airtime between two phones. Thus, producing a loss of revenue for the

service provider.



Another scenari...
the session key Kc that is to be used during the conversation. Knowing the session key,

the attacker can eavesdrop on all...
of the two shorter LSFRs and then computes the third LSFR from the known keystream.

This would be a 241 attack, if the cl...
However in cases where important financial information is being transferred over the

conversation, the attacker may gain ...
updating is also performed periodically. If after the updating time period, the mobile

station has not registered, it is ...
advocates since that would it make it possible to pinpoint and track the position of an

individual with amazing accuracy....
4.4.1 Possible Damage by SMS Ping

SMS ping can be used to launch a denial of service attack on the cellular phone or a se...
through the Internet. The person who wants to send an SMS message to a cellular phone

user simply has to send a message t...
SMS flood could cause the user to exceed his quota and get a bill for all the junk

messages sent to her. The customer is ...
Initiate call

            Mobile                Send challenge                       Cellular
            Device         ...
could cause losses to the order of millions of dollars. The customers could also suffer

significant loss due to inability...
one receives on the PC, except that receiving spam as SMS messages on the cellular

phones can be much costlier and much m...
Chapter 5 – Classification of Attacks on Cellular
Systems
Attacks on security in mobile systems can be classified on the b...
much larger scale as compared to a subscriber based attack. They would also need

       specialized equipment for their e...
•   Encryption Attacks

    In these attacks the attacker tries to crack the encryption used to secure the

    communicat...
to filter out spam SMS messages just as it is difficult to intelligently filter out

       spam mail.




5.3 Classificat...
•   Moderate

    These are attacks that are comparatively less severe as compared to extreme loss

    attacks. An exampl...
Chapter 6 – Basic Concepts of Risk Analysis and
Modeling

Risk Analysis is a key component on the path to developing a ris...
it is very important to define the key terms and concepts early on in the risk analysis

process.



6.1 Key Concepts

6.1...
6.1.4 Vulnerability

Vulnerability is the property of the system or any of its components that makes them

susceptible to ...
6.1.7 Risk

Risk is the probability of loss in a system. The basic goal of risk analysis is to compute an

overall level o...
membership function, which can have a complicated definition. For example, a

       risk value of 4.5 on a 5-point scale ...
6.2.2 All-at-once Approach

In this approach, an attempt is made to construct the complete model before the use of the

sy...
5. There may be misinterpretation of terminology, resulting in inconsistent use of the

       model.

   6. The risk anal...
1. Determine the threats posed by the new change

   2. Compute the risk to the assets in the system due to the threats an...
Chapter 7 – Fuzzy Logic

7.1 Introduction to Fuzzy Logic

Fuzzy Logic has emerged as a profitable tool for the controlling...
becomes not young. That is a quite drastic. One may like to have a more gradual

transition from young to not young. May b...
Consider the membership function for the fuzzy set Y shown above.              So now an

individual who is 25 year old is...
7.3.5 Containership

A is contained in B iff μA <= μB.




7.4 Operations on Fuzzy Sets

Let A be a fuzzy interval between...
Figure 7.3 Membership Function for Fuzzy Set B



Following are some basic operations defined on fuzzy sets A and B:




7...
Figure 7.5 Membership function for Fuzzy Set A ∪ B

7.4.3 Negation (COMPLEMENT)

A fuzzy set C = A, is defined by the memb...
opportunity for modeling of conditions that are inherently imprecisely defined, despite

the concerns of classical logicia...
The model assumes that the system has in place a mechanism to irrefutably determine the

identity of the sender of an SMS ...
Hence turning the cellular device off during meetings is not exactly the desirable

solution. The importance of protecting...
The attacker is always considered to be hostile. The goal of the attacker depends on the

asset under consideration.

    ...
Competitor          Fuzzy value about 5
                      Enemy               Fuzzy interval [6, 7]
 The membership fu...
on the basis of the contact’s category in the PIM. This would increase the membership of

the contact (attacker) in the fu...
message. The SMS message is then delivered to the target cellular phone over the

         cellular network. The PC is a v...
Figure 8.2 Membership functions for Fuzzy Sets for Capability



8.3.4 Resources

This is a measure of what kind and amoun...
8.4 Calculation of Risk



8.4.1 Overview

Just as every sender of an SMS message is considered an attacker, every SMS mes...
Risk                   Fuzzy Set
                        None                    Fuzzy value about 0
                     ...
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
HavewalaMSFinalThesis.doc
Upcoming SlideShare
Loading in …5
×

HavewalaMSFinalThesis.doc

599 views

Published on

Published in: Education, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
599
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
12
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

HavewalaMSFinalThesis.doc

  1. 1. © Copyright by Sarosh Havewala, 2001
  2. 2. SECURITY CHALLENGES IN MOBILE SYSTEMS AND FUZZY LOGIC BASED RISK MODEL FOR SECURE HANDLING OF SMS MESSAGES IN CELLPHONES BY SAROSH CYRUS HAVEWALA B.Engr., University of Mumbai, 1997 THESIS Submitted in partial fulfillment of requirements for the degree of Master of Science in Computer Science in the Graduate College of the University of Illinois at Urbana-Champaign, 2001 Urbana, Illinois
  3. 3. Abstract This study explains the authentication and encryption scheme used in GSM. It explains the A3, A5 and A8 protocols used in the security mechanism in GSM. It explains the different possible attacks on cellular systems, which include SIM cloning, eavesdropping, location tracking, SMS ping, SMS denial of service, authentication denial of service and SMS spam. It classifies these attacks on the basis of target of the attack, type of attack, motivation and severity. It points out the vulnerabilities that are exploited by attacks on cellular systems. It shows that the existing security schemes do not provide adequate security and that there is a need to develop new mechanisms that are better suited to the wireless environment. The study also looks into how risk analysis, risk modeling and fuzzy logic can be applied to security in mobile systems. It proposes a fuzzy logic based risk model to secure Short Message Service in GSM based cellular networks. The proposed model uses a hybrid approach towards risk modeling. The user begins use of the system with a mature and well-evolved model that has been constructed by using all the information that could be gathered at that stage. However, even after the system is operational, the model continues to evolve with constant feedback from the user. This approach puts the user in control and allows the model to be refined with time to better match the existing circumstances. The model is simple, encourages experimentation and puts the user in an active role. . iii
  4. 4. Acknowledgements I wish to thank my advisor, Prof. Roy Campbell for his guidance and help throughout the Master’s program. I also wish to thank Prof. Dennis Mickunas for always being there whenever I needed help or advice. It was a great privilege for me to be a part of the Systems Research Group (SRG) at the University of Illinois at Urbana-Champaign. I am grateful to Prof. Campbell for allowing me to use SRG resources even when I was not funded by SRG. I sincerely thank the Department of Computer Science at the University of Illinois at Urbana-Champaign for providing me with the opportunity to work with some of the best faculty and students in the world. I thank Siebel Systems and the Department of Computer Science at the University of Illinois at Urbana-Champaign for the appreciation they have shown for my work in the form of the Siebel Scholar Fellowship. I shall prize this honor for life. Above all, I would like to thank my parents, to whom I owe everything I have ever accomplished in my life. They have been a constant source of inspiration for me and have made great sacrifices for me and I would like to say that mere words seem completely ineffectual in conveying my heartfelt sense of gratitude. I would finally like to thank my relatives in India, who have constantly showered me with their affection and moral support. iv
  5. 5. Table of Contents Chapter 1 Introduction . . . . . . . 1 1.1 Security in Mobile Systems . . . . . 1 1.2 Short Message Service in GSM . . . . . 2 1.3 Risk Modeling and Fuzzy Logic. . . . . 4 Chapter 2 Explanation of Acronyms and Terms Used . 5 Chapter 3 Security in Cellular Systems . . . . 9 3.1 Need for Security in Cellular Systems . . . . 9 3.2 Essential Features of a Security Scheme . . . 9 3.3 Overview of Security Mechanism in GSM . . . 10 3.3.1 Overview of A3/A8 . . . . . 13 3.3.2 Overview of A5 . . . . . . 14 Chapter 4 Attacks on Security in Cellular Systems . . 17 4.1 SIM Cloning . . . . . . . 17 4.1.1 SIM Cloning with Physical Access to SIM . . 18 4.1.2 Over-the-air Cloning of a SIM . . . . 19 4.1.3 Possible Damage by SIM Cloning . . . 20 4.2 Eavesdropping . . . . . . . 21 4.2.1 SIM Cloning Attack . . . . . 21 4.2.2 Direct Cryptanalysis Attack on A5 . . . 22 4.2.3 Attacking the Signaling Network . . . 23 4.2.4 Possible Damage by Eavesdropping . . . 23 4.3 Location Tracking . . . . . . 24 4.3.1 Location Management in GSM . . . . 24 4.3.2 FCC’s E911 Initiative . . . . . 25 4.3.3 Possible Damage by Location Tracking . . 26 4.4 SMS Ping . . . . . . . 26 4.4.1 Possible Damage by SMS Ping . . . . 27 4.5 SMS Denial of Service . . . . . . 27 4.5.1 Possible Damage by SMS Denial of Service Attack . 28 v
  6. 6. 4.6 Authentication Denial of Service . . . . 29 4.6.1 Possible Damage by Authentication Denial of Service Attack . . . . . . . 30 4.7 SMS Spam . . . . . . . 31 4.7.1 Possible Damage by SMS Spam . . . 32 Chapter 5 Classification of Attacks on Cellular Systems . 33 5.1 Classification based on Target . . . . . 33 5.2 Classification based on Type of Attack . . . . 34 5.3 Classification based on Motivation . . . . 36 5.4 Classification based on Severity of Loss . . . 36 Chapter 6 Basic Concepts of Risk Analysis and Modeling . 38 6.1 Key Concepts . . . . . . . 39 6.1.1 System . . . . . . . 39 6.1.2 Threat . . . . . . . 39 6.1.3 Asset . . . . . . . 39 6.1.4 Vulnerability . . . . . . 40 6.1.5 Safeguard. . . . . . . 40 6.1.6 Countermeasure. . . . . . 40 6.1.7 Risk . . . . . . . 41 6.1.8 Attributes of a Threat . . . . . 41 6.1.9 Measurement of Characteristics during Risk Analysis . 41 6.2 Approaches to Risk Modeling . . . . . 42 6.2.1 Incremental Approach . . . . . 42 6.2.2 All-at-once Approach . . . . . 43 6.2.3 Hybrid Approach. . . . . . 43 6.3 Problems in Evaluation of Risk . . . . . 43 6.4 Basic Risk Assessment Methodology . . . . 44 Chapter 7 Fuzzy Logic . . . . . . 46 7.1 Introduction to Fuzzy Logic . . . . . 46 7.2 Basic Concepts . . . . . . . 46 vi
  7. 7. 7.3 Definitions . . . . . . . 48 7.3.1 Fuzzy Set . . . . . . 48 7.3.2 Empty Set . . . . . . 48 7.3.3 Equality . . . . . . . 48 7.3.4 Complement . . . . . . 48 7.3.5 Containership . . . . . . 49 7.4 Operations on Fuzzy Sets . . . . . 49 7.4.1 Intersection (AND) . . . . . 50 7.4.2 Union (OR) . . . . . . 50 7.4.3 Negation (COMPLEMENT) . . . . 51 7.5 Fuzzy Sets and Risk Modeling . . . . . 51 Chapter 8 Fuzzy Logic based Risk Model for SMS . . 52 8.1 System . . . . . . . . 52 8.2 Assets . . . . . . . . 52 8.2.1 Cellular Phone Usability. . . . . 53 8.2.2 Data/Information on the Cellular Device . . 53 8.2.3 Right to Privacy . . . . . . 53 8.2.4 Right to Avoid Unnecessary Billing . . . 54 8.3 Attacker . . . . . . . . 54 8.3.1 Goals . . . . . . . 54 8.3.2 Degree of Motivation . . . . . 55 8.3.3 Capabilities . . . . . . 57 8.3.4 Resources . . . . . . 59 8.4 Calculation of Risk . . . . . . 60 8.4.1 Overview . . . . . . 60 8.4.2 Fuzzy Sets for Risk . . . . . 60 8.4.3 Countermeasures . . . . . 62 8.4.4 Calculation of Risk to Cellular Phone Usability . 63 8.4.5 Calculation of Risk to Data/Information on Cellular vii
  8. 8. Device . . . . . . . 65 8.4.6 Calculation of Risk to Right to Privacy . . . 66 8.4.7 Calculation of Risk to Right to Avoid Unnecessary Billing . . . . . . . 68 8.4.8 Role of the User in Configuration of the Model. . 69 8.5 Examples . . . . . . . . 70 8.5.1 SMS Message with Capability 4 and Degree of Motivation 6 . . . . . . 70 8.5.2 SMS Message with Capability 4 and Degree of Motivation 2.75 under Normal Mode and Normal Billing . . . . . . . 72 8.5.3 SMS Message with Capability 4 and Degree of Motivation 2.75 under Silent Mode and Normal Billing . . . . . . . 78 8.5.4 SMS Message with Capability 4 and Degree of Motivation 2.75 under Normal Mode with the Billing Limit Exceeded . . . . . 85 Chapter 9 Conclusions . . . . . . 92 9.1 Conclusions . . . . . . . 92 9.2 Future Work . . . . . . . 92 List of References . . . . . . . . 94 viii
  9. 9. List of Figures 3.1 Security Mechanism in GSM . . . . . . 10 3.2 COMP 128 Calculation . . . . . . 13 3.3 Keystream Generation . . . . . . 14 3.4 Frame Encryption and Decryption . . . . . 15 4.1 A Cloned GSM Cellular Phone . . . . . 19 4.2 Authentication Procedure in GSM . . . . . 29 4.3 DoS by Spurious Authentication . . . . . 30 7.1 Sample Fuzzy Set . . . . . . . 47 7.2 Membership Function for Fuzzy Set A . . . . 49 7.3 Membership Function for Fuzzy Set B . . . . 49 7.4 Membership function for Fuzzy Set A ∩ B . . . . 50 7.5 Membership function for Fuzzy Set A ∪ B . . . . 50 7.6 Membership function for Fuzzy Set A . . . . 51 8.1 Membership functions for Fuzzy Sets for Degree of Motivation . 56 8.2 Membership functions for Fuzzy Sets for Capability . . . 59 8.3 Membership functions for fuzzy Sets for Risk . . . 61 8.4 Fuzzy Set Membership of Incoming SMS Message . . . 71 8.5 Fuzzy Set for Cumulative Risk to Cellular Phone Usability . . 72 8.6 Fuzzy Set Membership of Incoming SMS Message . . . 73 8.7 Membership in Fuzzy Set ‘None’ Risk . . . . 74 8.8 Membership in Fuzzy Set ‘Very Low’ Risk . . . . 74 8.9 Fuzzy Set for Cumulative Risk to Cellular Phone Usability . . 75 8.10 Membership in Fuzzy Set ‘None’ Risk . . . . 76 8.11 Membership in Fuzzy Set ‘Very Low’ Risk . . . . 76 8.12 Fuzzy Set for Cumulative Risk to Data/Information on Cellular Phone 77 8.13 Fuzzy Set Membership of Incoming SMS Message . . . 78 8.14 Membership in Fuzzy Set ‘None’ Risk . . . . 79 8.15 Membership in Fuzzy Set ‘Very Low’ Risk . . . . 79 8.16 Fuzzy Set for Cumulative Risk to Cellular Phone Usability . . 80 ix
  10. 10. 8.17 Membership in Fuzzy Set ‘None’ Risk . . . . 81 8.18 Membership in Fuzzy Set ‘Very Low’ Risk . . . . 81 8.19 Fuzzy Set for Cumulative Risk to Data/Information on the Cellular Phone 82 8.20 Membership in Fuzzy Set ‘High’ Risk . . . . 83 8.21 Membership in Fuzzy Set ‘High’ Risk . . . . 83 8.22 Fuzzy Set for Cumulative Risk to Privacy . . . . 84 8.23 Fuzzy Set Membership of Incoming SMS Message . . . 85 8.24 Membership in Fuzzy Set ‘None’ Risk . . . . 86 8.25 Membership in Fuzzy Set ‘Very Low’ Risk . . . . 86 8.26 Fuzzy Set for Cumulative Risk to Cellular Phone Usability . . 87 8.27 Membership in Fuzzy Set ‘None’ Risk . . . . 88 8.28 Membership in Fuzzy Set ‘Very Low’ Risk . . . . 88 8.29 Fuzzy Set for Cumulative Risk to Data/Information on Cellular Phone 89 8.30 Membership in Fuzzy Set ‘Low’ Risk . . . . 90 8.31 Membership in Fuzzy Set ‘High’ Risk . . . . 90 8.32 Fuzzy Set for Cumulative Risk to Right to Avoid Unnecessary Billing 91 x
  11. 11. Chapter 1 – Introduction 1.1 Security in Mobile Systems Cellular telephones are increasingly becoming a crucial part of our daily lives. As of May 2000, the total number of cellular phone users worldwide was 376,500,000 and this was growing at the rate of 52.49 % every 12 months [1]. In the United States, the industry is signing up new subscribers at the rate of one every two seconds, putting it on track to reach 100 million customers sometime later this year. According to the Cellular Telecommunications Industry Association (CTIA) [1], the cellular industry in the United States grew 24 percent in 1999, adding 16.8 million additional wireless subscribers, for a total of 86.1 million customers. Average usage grew 38.5 percent in 1999 to 180 minutes a month compared to 130 minutes a year ago. The average monthly bill rose 4.6 percent to $41.24 in 1999. Industry revenues for 1999 increased to $40 billion from $33.1 billion in 1998. More than 31 percent of the U.S. population now has active wireless service. Data based services like web browsing and e-mail are now being provided over cellular phones. Wireless connections to the Internet, electronic mail and other data services are further boosting usage. These trends are encouraging for both consumers and the industry, as more affordable plans with more minutes become the standard. In fact wireless service is increasingly becoming an alternative to wire-line services. The concept – “The office is where the cellular phone is.” – is taking root. In spite of this explosion in the use of cellular services, security in wireless devices has not received as much attention as wired networks. With increase in the popularity and 1
  12. 12. user base of cellular devices, these devices are becoming hot targets for hackers. The fact that signals are propagating through air, allowing easy capture if one has the appropriate equipment and the fact that these devices have smaller bandwidth, make attacks on these devices easier than wired networks. There is a pressing need to develop new mechanisms to defend against attacks on cellular systems and revamp and strengthen the mechanisms already in place. The first step towards this goal is to clearly identify and classify the various types of attacks in cellular system and determine the security system vulnerabilities that these attacks exploit. The first part of this study attempts to do just that. This would pave the way for developing security mechanisms that overcome these vulnerabilities and defend against attacks on cellular systems. The cellular networks used in United States are AMPS, GSM, TDMA, CDMA and PCS. Europe and Asia primarily use GSM. This study mainly concentrates on GSM networks since they are used widely throughout Europe and Asia and their subscriber base in the United States is also increasing. It gives an overview of the security mechanisms in GSM. It enumerates and classifies the several possible attacks on cellular devices. It also sites instances of such attacks that have been conducted on cellular devices. 1.2 Short Message Service in GSM Short message service (SMS) is a globally accepted wireless service that enables the transmission of alphanumeric messages between mobile subscribers and external systems such as electronic mail, paging, and voice-mail systems. SMS appeared on the wireless scene in 1991 in Europe. The European standard for digital wireless, now known as the 2
  13. 13. Global System for Mobile Communications (GSM), included short messaging services from the outset. In North America, SMS was made available initially on digital wireless networks built by early pioneers such as BellSouth Mobility, PrimeCo, and Nextel, among others. These digital wireless networks are based on GSM, CDMA and TDMA. Initial applications of SMS focused on eliminating alphanumeric pagers by permitting two-way general-purpose messaging and notification services, primarily for voice mail. As technology and networks evolved, a variety of services have been introduced, including e-mail, fax, and paging integration, interactive banking, information services such as stock quotes, and integration with Internet-based applications. Wireless data applications include downloading of subscriber identity module (SIM) cards for activation, debit, profile-editing purposes, wireless points of sale (POS), and other field- service applications such as automatic meter reading, remote sensing, and location-based services. Additionally, integration with the Internet spurred the development of Web- based messaging and other interactive applications such as instant messaging, gaming, and chatting. SMS has become an extremely popular service in cellular systems. With its increasing popularity it has also become a hot channel for attacks on cellular systems. SMS being the interface between the Internet and the cellular network is a vulnerability that can be easily exploited to launch an attack on cellular systems, especially mobile stations like cellular phones. 3
  14. 14. 1.3 Risk Modeling and Fuzzy Logic Risk is the probability of loss in a system. The basic goal of risk analysis is to compute an overall level of risk that can serve as a basis of decision-making or for initiating a countermeasure. Fuzzy Logic has emerged as a profitable tool for the controlling of subway systems and complex industrial processes, as well as for household and entertainment electronics, diagnosis systems and other expert systems. This study attempts to secure SMS by application of Risk Models and using fuzzy logic to compute an overall risk value that a particular SMS message poses to the cellular device. It then determines and executes a counter measure depending on the computed risk value. 4
  15. 15. Chapter 2 – Explanation of Acronyms and Terms Used Cellular It is the term used to refer to the wireless phone systems that originated in the United States and originally operated in the 800 MHz frequency range. There are a maximum of two cellular operators in each market. They are usually referred to as the "Wireline" (landline phone company in that particular market), and the "Non-wireline" carrier. AMPS (Advanced Mobile Phone Service) This has been the original standard for cellular products in the United States. All customers should be able to use their AMPS phone in any 800 MHz cellular market across the United States and Pan America. TDMA (Time Division Multiple Access) This is a digital technology that allows multiple users to share the same voice channel by having each conversation transmitted alternately over short lengths of time. CDMA (Code Division Multiple Access) This is a digital technology that separates communications by code. This way, the system can mix a number of calls into the same channel. When the tower receives the information, it looks at the coding and reassembles each individual call, completing the transmission. 5
  16. 16. GSM (Global System for Mobile communication) This is the name of a TDMA type of digital system originally developed in Europe, and common throughout Asia. This system is also being used by PCS operators in the United States PCS (Personal Communications Service) This is the name adopted by the new, wireless service providers who have been awarded licenses to operate new phone systems in the 1900 MHz frequency range. There are up to three PCS operators on the air in most major markets of the United States. 1900 Megahertz (1900 MHz) This is the radio frequency range allocated by the FCC in order to create additional competition in wireless telephony services. The wireless phones referred to as "PCS" typically operate at these frequencies. GSM, TDMA, and CDMA technologies are currently available in this frequency range. Mobile Station This is the cellular phone that the subscriber of a wireless services uses to communicate. Most modern cellular phones support direct connection to a laptop computer or a handheld device through a serial interface. Thus the cellular phone can act as a wireless modem, connecting the laptop or the handheld device to the wireless network. Some cellular phones have data capabilities such as web browsing and e-mail built in. 6
  17. 17. Subscriber Identity Module (SIM) This is a small smart card that can be placed in GSM hand set. It contains information that uniquely identifies the subscriber to the GSM network and also certain algorithms essential for authentication and encryption. Individual Mobile Subscriber Identity (IMSI) This is a subscriber identity that uniquely identifies a subscriber to the GSM network. This is contained within the SIM card of the user. The IMSI is used as the primary key to store/access information regarding the user within the cellular network. Base Station This is the station that communicates with wireless devices within its cell. Multiple base stations are connected to the Mobile Switching Center. Mobile Switching Center (MSC) This is the interface between the wireless network and the wired network (Public Switched Telephone Network). It connects the base stations to the Public Switched Telephone Network. Authentication Center (AUC) The Authentication Center is an important component of the security mechanism of GSM. It provides the parameters (RAND, SRES and Kc) needed for authentication and encryption functions in GSM. RAND is a randomly generated challenge. The expected 7
  18. 18. signed response (SRES) and the session key (Kc) are generated from the RAND and the individual subscriber authentication key (Ki), using the authentication algorithms. SRES is used to verify the user's identity and Kc is used as the session key for subsequent communication. Home Location Register (HLR) The Home Location Register is part of the AUC. The HLR provides the MSC with triples specifying a random challenge (RAND) and an expected signed response (SRES) and a session key (Kc) based on the individual subscriber authentication key (Ki) of a specific subscriber and the random challenge (RAND). The HLR is also responsible for keeping track of the location of the Mobile Station at all times. Visitor Location Register (VLR) The Visitor Location Register stores triples generated by the HLR when the subscriber is not in his home network. The VLR then provides the MSCs with these triples when necessary Short message service (SMS) Short message service (SMS) is a globally accepted wireless service that enables the transmission of alphanumeric messages between mobile subscribers and external systems such as electronic mail, paging, and voice-mail systems. 8
  19. 19. Chapter 3 – Security in Cellular Systems 3.1 Need for Security in Cellular Systems Cellular systems need to be secure because of the following reasons: • The operator must be able to ensure that only legitimate users use the service and that she is able to bill the right person for the service rendered. • The subscriber wishes to protect his privacy. This includes but is not limited to privacy of the subscriber’s location, privacy of the communication that is being conducted over the wireless link and protection from unsolicited messages and calls. 3.2 Essential Features of a Security Scheme A security scheme must: • Have a strong authentication mechanism to protect the operator against fraud and misuse of service • Have a suitable encryption/decryption scheme to make the wireless link as secure as a wired link to prevent eavesdropping • Prevent operators from compromising each others security, either inadvertently or because of competitive pressures • Address the generation and distribution of keys • Support interoperability between cellular networks without compromising security 9
  20. 20. A security scheme must not: • Add enormous delays to the call setup time and degrade the quality of the subsequent communication • Drastically increase the bandwidth requirements of the channel • Add excessive complexity to the system • Increase the error rates of the system • Render the system cost ineffective 3.3 Overview of Security Mechanism in GSM Cellular phone Radio Interface Service Provider Network Ki Challenge RAND A3 A3 Ki =? Response SRES A8 A8 SIM Kc Kc A5 A5 Encrypted Data Figure 3.1: Security mechanism in GSM 10
  21. 21. The security mechanisms of GSM [10, 12] are implemented in three different system elements: • Subscriber Identity Module (SIM) The SIM contains the Individual Mobile Subscriber Identity (IMSI), the individual subscriber authentication key (Ki), the ciphering key generation algorithm (A8), the authentication algorithm (A3) and the personal identification number (PIN). • GSM handset or mobile station It contains the ciphering algorithm (A5) • GSM network It contains the authentication/encryption algorithms (A3, A8 and A5). The Authentication Centre (AUC), which is part of the Operation and Maintenance Subsystem (OMS) of the GSM network, consists of a database of identification and authentication information for subscribers. This includes the Individual Mobile Subscriber Identity (IMSI), the Temporary Mobile Subscriber Identity (TMSI), Location Area Identity (LAI), and the individual subscriber authentication key (Ki) for each user. Security in GSM consists of the following aspects: • Subscriber Identity Authentication GSM network uses a challenge response mechanism for subscriber authentication. 11
  22. 22. The network sends a 128 bit random number (RAND) to the mobile station. The mobile station computes a 32 bit signed response (SRES) by encrypting the random number (RAND) using the authentication algorithm A3 parameterized by the individual subscriber authentication key (Ki). Upon receiving the signed response (SRES) the GSM network repeats the calculation of SRES to verify the identity of the subscriber. The individual subscriber authentication key (Ki) is never transmitted over the radio channel. In fact, it never leaves the SIM since the A3 algorithm is present in the SIM itself. If the received SRES matches the calculated value, the mobile station has been successfully authenticated, else the connection is terminated and authentication failure is signaled to the mobile station. • Signaling and Data Confidentiality Both the SIM and the GSM network generate the encryption key (Kc) using the A8 algorithm, parameterized by the random number RAND and the individual subscriber authentication key (Ki). On the mobile station the generation of the encryption key (Kc) takes place within the SIM, since the A8 algorithm is also present in the SIM. Hence the individual subscriber authentication key (Ki) never leaves the SIM. The encryption key (Kc) is used to encrypt and decrypt data that is sent between the mobile station and the base station. • Subscriber Identity Confidentiality Subscriber identity confidentiality is provided by using the Temporary Mobile 12
  23. 23. Subscriber Identity (TMSI) during course of a phone call. The Individual Mobile Subscriber Identity (IMSI) is used during set up of the call throughout the authentication process. Once the subscriber has been authenticated she is assigned a Temporary Mobile Subscriber Identity (TMSI) and the TMSI is used to identify the user for the remainder of the call. Hence user anonymity is maintained. • Security while Roaming GSM allows operators to inter-operate without revealing the authentication algorithms and the individual subscriber authentication key (Ki) to each other. GSM allows triplets of challenges (RAND), signed responses (SRES) and communication keys (Kc) to be sent between operators over connecting network. Thus a GSM network can authenticate a user of another GSM network without requiring to know the individual subscriber authentication key (Ki) of that user. 3.3.1 Overview of A3/A8 Ki (128 bit), RAND (128 bit) 128 bit output COMP128 SRES (First 32 bits), Kc (Last 54 bits followed by 10 zero bits) Figure 3.2: COMP 128 Calculation Most GSM networks use COMP 128 for A3 and A8 [6]. COMP128 takes 128-bit random challenge (RAND) and the individual subscriber authentication key (Ki) as input and 13
  24. 24. produces a 128-bit output. The first 32 bits of this output is the signed response (SRES). Ten zero bits are appended to the last 54 bits of the output to obtain the session key (Kc). Thus, it is evident that the strength of the 64-bit key has deliberately been reduced to 54 bits. 3.3.2 Overview of A5 The A5 algorithm [7] is the stream cipher used to encrypt over-the-air transmissions. Kc (64 bit), Frame number (22 bit) A5 114-bit keystream for Mobile to Base Station 114-bit keystream for Base Station to Mobile Figure 3.3: Keystream Generation The stream cipher is reinitialized for every frame sent. The stream cipher is initialized with the session key (Kc), and the number of the frame being decrypted/encrypted. The same Kc is used throughout the cellular call, but the 22-bit frame number changes with each frame sent. This generates a unique keystream for every frame. The A5 algorithm uses 3 Linear Shift Feedback Registers (LSFR) of different lengths. The sum of the lengths of the 3 LSFRs is 64 bits. The outputs of the 3 registers are XORed together and the result represents one keystream bit. The LSFRs are 19, 22 and 23 bits long with sparse feedback polynomials. All three registers are clocked, based on 14
  25. 25. the middle bit of the register. A register is clocked if its middle bit agrees with the majority value of the three middle bits. Mobile Base Station Kc (64 bit), Frame number (22 bit) Kc (64 bit), Frame number (22 bit) Station A5 A5 114 bit keystream 114 bit keystream Frame Cipher text Frame Bitwise Bitwise XOR XOR Figure 3.4: Frame Encryption and Decryption The three LSFRs are initialized using the session key, Kc, and the frame number. The 64- bit Kc is first loaded into the register bit by bit. The LSB of the key is XORed into each of the LSFRs. The registers are then all clocked with the majority clocking rule disabled. All 64 bits of the key are loaded into the registers the same way. The 22-bit frame number is also loaded into the register in the same way with the majority clocking rule enabled. After the registers have been initialized with the Kc and the current frame number, they are clocked one hundred times and the generated keystream bits are discarded. This is done in order to mix the frame number and keying material together. Now 228 bits of keystream output are generated. At the mobile station, the first 114 bits are used to encrypt the frame from the mobile station to the base station and the next 114 bits are used to decrypt the frame from base station to mobile station. At the base station, 15
  26. 26. the first 114 bits are used to decrypt the frame from the mobile station to the base station and the next 114 bits are used to encrypt the frame from base station to mobile station. Each bit of the frame is XORed with a bit of the keystream to obtain the cipher text. After this, the A5 algorithm is initialized again with the same Kc and the number of the next frame. 16
  27. 27. Chapter 4 – Attacks on Security in Cellular Systems This chapter lists and explains the common attacks on cellular mobile systems. It also explains the possible damage that could be wreaked by such attacks. 4.1 SIM Cloning As explained above the SIM card is the basic key that uniquely identifies a subscriber to the GSM network. If a SIM can be cloned, it renders the authentication scheme of GSM completely useless. The authentication (A3/A8) and encryption algorithms (A5) of GSM have not been made public by the GSM MoU. It has been proven time and again that security by obscurity is no security at all. The strength of an algorithm must rely on the secrecy of its private key and not on the secrecy of the algorithm itself. Opening an algorithm to public scrutiny and evaluation, results in extensive cryptanalysis of the algorithm by the entire international research community. In the absence of this evaluation, the algorithm is prone to have several flaws and would be an easy target for hackers. This has been proven once again in the case of GSM. The origin of the breach was when the Smartcard Developed Association (SDA) discovered the cryptographic algorithms used inside the SIM's and cellular phones [6, 7]. The SDA first verified that the algorithms were accurate. The exact details of the algorithms were not known to the public but the verified algorithms matched the facts that were publicly known. Next the SDA brought in David Wagner and Ian Goldberg, researchers in the Internet Security, Applications, Authentication and Cryptography 17
  28. 28. (ISAAC) group at the University of California, Berkeley. Within a day, Wagner and Goldberg had found a fatal cryptographic flaw in COMP128 (A3/A8), the algorithm used for authentication inside the SIM. They created a system to exploit the flaw by repeatedly asking the SIM to identify itself; by processing the responses they were able to extract the secret from inside the SIM [3]. The crack was based on a speculated implementation of the COMP128 implementation [6]. This speculated implementation was derived from information on the internal details of COMP128 from public documents, leaked information and several SIMs the researchers had access to. The speculated algorithm was verified to be correct by comparing the output of the software implementation to the responses produced by a SIM known to implement COMP128. A theoretical analysis of the algorithm, uncovered a potential vulnerability in the algorithm. The attack was a chosen-challenge attack. The SIM is presented specially chosen challenges. The SIM uses the COMP128 algorithm to determine the signed response to the chosen challenge. By analyzing a series of such challenges the value of the secret key can be determined. 4.1.1 Cloning with Physical Access to SIM If one has physical access to a SIM, them all one needs is an off-the-shelf smartcard reader and a computer to direct the operations. 18
  29. 29. Figure 4.1: A Cloned GSM Cellular Phone The attack requires the SIM to be queried about 150,000 times. So, a smartcard reader that can issue 6.25 queries per second could complete the attack in about 8 hours [3]. 4.1.2 Over-the-air Cloning of a SIM Although this has not been demonstrated yet, over-the-air attacks must be considered available to the sophisticated attacker in practice [2]. GSM experts have confirmed that it should be possible and practical to do so. A number of aspects of the GSM protocols combine to make it possible to mount the mathematical chosen-input attack on COMP128, if one can build a fake base station. Such a fake base station does not need to support the full GSM protocol, and it may be possible to build one with an investment of approximately $10,000. Some technical expertise is probably required to pull off the over-the-air cloning attack, and the attack requires over-the-air access to the target handset for a relatively long period of time. Therefore, this may be considered a lower level of risk than not having any authentication at all. However, it is a mistake to underestimate the technical sophistication or the financial resources of some of today's 19
  30. 30. attackers: some of them are surprisingly well positioned to mount even relatively sophisticated and costly attacks. Therefore, over-the-air cloning is a very real threat that should not be ignored. 4.1.3 Possible Damage by SIM Cloning Cloning a SIM renders the GSM authentication mechanism useless. The attacker in possession of the cloned SIM can use the services of the GSM network at the cost of the real subscriber. It can also result is a great loss of revenue for the service provider since, he can no longer be sure as to how many the calls the true subscriber has made. It may also lead to a disgruntled customer, who may lose faith in the service provider after such a security breach and switch to a different provider, thus causing further loss of revenue for the service provider. The attacker who has a cloned SIM can also eavesdrop on the conversation of the true subscriber. If the attacker monitors a call right from the start and gets hold of the random challenge (RAND), it is very easy for her to obtain the session key since she knows the individual subscriber authentication key (Ki) and the algorithms A3 and A8. The financial or tactical damage arising out of this depends on the sensitivity of the information being exchanged during course of the conversation. In all likelihood, the most rampant misuse of SIM cloning would be achieved by a "customer" arranging for his own SIM to be cloned. The customer could then use the 2 SIMs in 2 different cellular phones. Currently most cellular operators charge a rental fee 20
  31. 31. for sharing of airtime between two phones. Thus, producing a loss of revenue for the service provider. Another scenario that should be considered is the possibility of prepaid SIMs being cloned, together with their pre-paid airtime. Those networks deploying handset-based pre-paid solutions would be vulnerable to this type of attack, because it would be difficult for the network to prevent the pre-paid airtime being re-used by these identical SIMs. Besides if there are multiple cloned SIMs in existence, it would be impossible to identify the authentic one and the owner of the authentic SIM may lose her prepaid airtime to one of the cloned SIM users. 4.2 Eavesdropping This is the most classical form of security violation. Every pair of communicating entities wishes to maintain a certain level of confidentiality of its communication. The attackers goal is to gain as much information about the conversation as she possibly can. 4.2.1 SIM Cloning Attack If the attacker has managed to clone the SIM of one of the parties involved in the conversation it is pretty easy for her to eavesdrop on the conversation. The attacker monitors the activity of the user whose SIM she has cloned. She must get hold of the random challenge (RAND) that is sent across during the call setup phase. Knowing the RAND and the individual subscriber authentication key (Ki), the attacker can compute 21
  32. 32. the session key Kc that is to be used during the conversation. Knowing the session key, the attacker can eavesdrop on all the data that is being sent across the wireless link. 4.2.2 Direct Cryptanalysis Attack on A5 Encryption in GSM is achieved by means of a ciphering algorithm A5 that produces a keystream under control of the session key Kc. This keystream is then bit-for-bit exclusive-or'd with the data to be transferred over the wireless link between the mobile device and the base station. A5 uses a 64-bit key. However researchers have found that 10 of those 64 bits have been zeroed out, thus reducing the strength of the algorithm to 54 bits [7]. It is rumored that the strength of the algorithm has been deliberately reduced due to pressure from government intelligence agencies so as to allow them to crack the encryption and monitor suspect conversations. Whatever the motivation may have been, the result is that A5 is a weak algorithm and can be cracked to obtain the session key (Kc). The attack is based on known plaintext attack. The attacker tries to determine a 64-bit plain text segment corresponding to 64 bits of cipher text. GSM frames contain a lot of constant information such as frame headers. 32 to 48 bits are generally known, sometimes even more. Knowing the plain text and the corresponding cipher text, the attacker can obtain the keystream bits [8, 9]. Knowing the keystream sequence the attacker tries to determine the initial states of the LSFRs. The attacker guesses the content 22
  33. 33. of the two shorter LSFRs and then computes the third LSFR from the known keystream. This would be a 241 attack, if the clocking of the first two registers were not dependent on the third register. But since the middle bit of the third register is used for clocking, we have to guess a few bits in the third register as well. This fact increases the time complexity from 240 to 245. 4.2.3 Attacking the Signaling Network In GSM, only data sent over the wireless link is encrypted. Traffic over wired lines within the operators network is transferred in plaintext. Thus, if the attacker can get access to the signaling network of the operator then she can listen to everything that is transmitted, which includes the phone conversation and also RAND, Kc, and SRES. Another form of attack would be to try and gain access to the Authentication Center (AUC) database or the Home Location Register (HLR). Access to either of these will give the attacker the individual subscriber authentication key (Ki) for all subscribers of that network. However the AUC and the HLR are generally more secure than the rest of the GSM network and hence such a break-in is less likely. 4.2.4 Possible Damage by Eavesdropping Eavesdropping on a private conversation violates the privacy of the parties involved in the conversation. The financial or tactical damage arising out of this depends on the sensitivity of the information being exchanged during course of the conversation. For example, sometimes eavesdropping may just give the attacker some local gossip. 23
  34. 34. However in cases where important financial information is being transferred over the conversation, the attacker may gain information of significant financial value. In military circles, access to a conversation about tactical defense/attack decisions may give the attacker significant advantage in the battlefield and render the victim vulnerable to defeat. 4.3 Location Tracking Wireless mobile communication technologies rely on one key element to function: constant knowledge by the transmitting or switching system of the location of a cellular phone for the purpose of routing incoming communications. Even when they are not in use, these units regularly and automatically emit positioning signals. Unfortunately for privacy, these signals can be used for purposes far different than the original goal of routing communications 4.3.1 Location Management in GSM When a mobile station is powered on, it performs a location update procedure by indicating its Individual Mobile Subscriber Identity (IMSI) to the network. The first location update procedure is called the IMSI attach procedure. The mobile station also performs location updating, in order to indicate its current location, when it moves to a new Location Area or a different Public Land Mobile Network (PLMN). This location updating message is sent to the new Mobile Switching Center (MSC)/Virtual Location Register (VLR), which gives the location information to the subscriber's Home Location Register (HLR). If the mobile station is authorized in the new MSC/VLR, the subscriber's HLR cancels the registration of the mobile station with the old MSC/VLR. A location 24
  35. 35. updating is also performed periodically. If after the updating time period, the mobile station has not registered, it is then deregistered. When a mobile station is powered off, it performs an IMSI detach procedure in order to tell the network that it is no longer connected. During course of a phone call, subscriber identity confidentiality is provided by using the Temporary Mobile Subscriber Identity (TMSI). The Individual Mobile Subscriber Identity (IMSI) is used during set up of the call throughout the authentication process. Once the subscriber has been authenticated, she is assigned a Temporary Mobile Subscriber Identity (TMSI) and the TMSI is used to identify the user for the remainder of the call. Hence anonymity of the user is maintained. However an attacker who is monitoring activity on the mobile device right from the start of a call can still keep track of the user. The service provider needs to monitor the location of the user as mentioned above and can definitely isolate the position of the user depending on the location from which the user signal is originating, This information can of course be misused. 4.3.2 FCC’s E911 Initiative The Federal Communications Commission's Enhanced 911 initiative calls for wireless carriers to provide all cellular phone service with an automatic location capability that enables mobile phones on the network to be tracked within 50 meters. This would allow emergency response teams to find cellular phone users in peril. Cellular phone service providers are considering installing GPS (Global Positioning System) in cellular phones to monitor their exact location. This would be a complete nightmare for privacy 25
  36. 36. advocates since that would it make it possible to pinpoint and track the position of an individual with amazing accuracy. 4.3.3 Possible Damage by Location Tracking It is frightening to imagine that someone could be monitoring one’s every move. One’s life will no longer remain private if someone can find out and keep a record of where one has been every moment of one’s life. This information can be used for personal financial gain by the attacker. It can also be used to jeopardize the physical well being of an individual, for example, try to assault a person when she is in a desolate area. Another example is that paparazzi could misuse the location service, to track and haunt celebrities. 4.4 SMS Ping Short Message Service (SMS) is a service that allows short text messages to be sent to a subscriber’s cellular phone. As is common in the mobile phone industry, SMS text messages can be used by network operators to change the functionality of phones. Thus, a malformed message could cause phones to lock up. This can be used by an attacker to lock up a cellular phone or a set of cellular phones. This was proved to be possible when a the Norwegian mobile Internet technology company – Web2Wap – inadvertently discovered that some SMS text messages can cause a line of mobile telephones made by Nokia to lock up. It was required to remove the batteries and reconnect them for the phones to start working again [15, 16]. 26
  37. 37. 4.4.1 Possible Damage by SMS Ping SMS ping can be used to launch a denial of service attack on the cellular phone or a set of cellular phones. Most GSM providers allow sending of SMS messages through e-mail. It is very easy and inexpensive to send a single e-mail that would lock up a cellular phone. The e-mail with this locking SMS message could be sent to a number of cellular phones or all the cellular phones in a particular number range. It is not too difficult to write a simple program or script to send out such messages. A cellular phone that has been locked by such an attack will be unable to receive or make calls until the phone is reset by removing and reattaching the phone’s batteries. This attack, which locks a phone, may go undetected until the user tries to use the phone. Until that time the user may have missed a lot of legitimate calls. The damage due to such an attack can range from a mere irritant value to huge financial losses due to missed calls. Besides it may result in customer frustration and dissatisfaction with the service rendered by the GSM provider. 4.5 SMS Denial of Service The SMS service has become very popular with cellular phone users. It enables users to receive text messages on their cellular phone like a pager. If the message is from another cellular phone, then the user can even reply to the message. This feature is really useful in public places like cinema halls, theatres, etc. where is would be inappropriate to conduct a conversation over the cellular phone. The cellular phone user could receive and send SMS messages through the cellular phone without disturbing the people around her. SMS messages can also be used to get web-updates, such as stock quotes or weather forecasts or weather warnings. Many service providers provide a means of sending SMS messages 27
  38. 38. through the Internet. The person who wants to send an SMS message to a cellular phone user simply has to send a message to a special e-mail address. The email would be sent to the cellular phone user as an SMS message. In most cases, this e-mail address can be easily deduced from the phone number of the cellular phone. This would allow someone on the Internet to launch a SMS Denial of Service attack on the cellular phone. The attack would simply send a flood of SMS messages through e-mail to the target cellular phone. The bandwidth of the wireless channel used by a cellular phone is very small as compared to the bandwidth of a typical Internet connection. It is very easy to flood the cellular phone using just a few machines or maybe even a single machine. As compared to this, to effectively bring down a target on the Internet one would need to launch a Distributed Denial of Service attack involving of thousands of machines. Thus, it is much easier to launch a DoS attack on a cellular device as compared to a host on the Internet. By launching such an attack on a larger scale, maybe targeting thousands of cellular phones belonging to the network, the entire wireless network of a service provider may be clogged. 4.5.1 Possible Damage by SMS Denial of Service Attack A SMS Denial of Service attack can cause damage in several ways. The attacker could simply flood cellular phone bandwidth, preventing the cellular phone from carrying on with any useful communication. If there is a limit on the capacity of SMS messages that can be stored by the cellular phone, this could be easily exceeded, thus blocking out legitimate SMS messages. Some providers charge the users for every SMS update. An 28
  39. 39. SMS flood could cause the user to exceed his quota and get a bill for all the junk messages sent to her. The customer is obviously going to contest such a bill, thus causing the provider to lose bandwidth and revenue on SMS messages that the user did not want to receive. An intangible loss would be the loss of customer confidence in the service provider’s system and may even lead to the service provider losing a customer. By launching a large scale Denial of Service against several phones in the network it may be possible to flood and stall the entire network of a service provider. This would not only cause loss of service for the customers but also a loss of revenue totaling more than thousands of dollars in missed calls. 4.6 Authentication Denial of Service 1. Initiate call 4. Send RAND 6. Verify SRES 5. Send SRES 2. Request triples Mobile Device 3. Send triples Base Station Mobile Switching Home Location Center Register Figure 4.2: Authentication Procedure in GSM 29
  40. 40. Initiate call Mobile Send challenge Cellular Device Network (Attacker) Send spurious response Figure 4.3: DoS by Spurious Authentication In this form of attack, the attacker repeatedly asks the cellular network to authenticate her. Authentication requires the cellular phone to communicate with the cellular network, thus consuming the cellular bandwidth for the duration of the authentication. Besides, even though the authentication eventually fails, the cellular network still has to go through the steps 1 to 6 each time authentication is requested. This would consume a lot of resources in the cellular network. If the attacker has access to multiple such spurious wireless devices, she could repeatedly request authentication from the cellular network, thus degrading the quality of service or even denying service to legitimate users. 4.6.1 Possible Damage by Authentication Denial of Service Attack Given sufficient resources the attacker can generate so many spurious authentication requests, that the network will be virtually inoperable. Most of the bandwidth will be consumed by the spurious authentication attempts, precluding legitimate users from using the service. The entire cellular network can be brought down by this kind of attack. This 30
  41. 41. could cause losses to the order of millions of dollars. The customers could also suffer significant loss due to inability to use the phone when needed and failure to receive financially important incoming calls. A response to this kind of attack could be very difficult since the attacker may actually have a team of accomplices that are constantly on the move with these spurious wireless devices. 4.7 SMS Spam As mentioned earlier, SMS is gaining immense popularity among cellular phone users. Subscribers use SMS for a wide range of applications from text based paging to wireless web updates. The use of SMS along with the ability to pin point a subscriber’s location can be used for targeted marketing campaigns. For example when a user enters a mall, an advertisement for one of the shops in the mall could be sent to the user’s cellular phone as an SMS message. The user could receive notification of a special sale or a special offer in a specific shop. A discount coupon could be beamed to the user’s cellular phone. A mall in Europe already plans to use this scheme nicknamed “Ads in your pocket”. All this can be very irritating to the subscriber who does not wish to receive such messages. Often the subscriber has a limited number of updates or pays per SMS message received. In such a case the subscriber certainly does not want to pay for junk SMS messages. Even if the subscriber does not have to pay, this kind of messaging can be highly irritating. People often do not wish to be disturbed except for urgent messages. An advertisement SMS message disturbing a person who is in the middle of a movie or a theatre performance can be highly irritating. This is similar to the problem of spam e-mail that 31
  42. 42. one receives on the PC, except that receiving spam as SMS messages on the cellular phones can be much costlier and much more irritating. 4.7.1 Possible Damage by SMS Spam This kind of attack is higher on irritant value than on financial loss. Although at times the subscriber may end up paying for junk SMS message that she does not want. Thus she would suffer some extra financial burden 32
  43. 43. Chapter 5 – Classification of Attacks on Cellular Systems Attacks on security in mobile systems can be classified on the basis of the following criteria: • Target of the attack • Type of attack • Motivation • Severity 5.1 Classification based on Target • Subscriber based attacks These attacks are targeted at a particular subscriber. These include but are not limited to eavesdropping, SIM cloning, SMS DoS, location detection, SMS spam. The loss incurred depends upon the type of attack and also on the nature of the information that has been compromised. With a cloned SIM, the attacker could use the service and have the target subscriber billed for it. SMS spam and SMS DoS attacks can be mere irritants. In case of eavesdropping the loss depends on the nature of the information that is compromised. An overheard domestic conversation may be of little value as compared to sensitive military or financial information that may be leaked out. • Provider based attacks These attacks are targeted at the service provider. They need to be organized at a 33
  44. 44. much larger scale as compared to a subscriber based attack. They would also need specialized equipment for their execution. An example of such an attack is an authentication DoS attack on a service provider. Such an attack could potentially bring down an entire network causing loss of service to thousands of customers and huge financial losses to the service provider. 5.2 Classification based on Type of Attack • Authentication attacks This type of attack targets and breaks the authentication system in a mobile network. Examples of such attacks include authentication DoS and SIM cloning. These attacks would either allow the attacker, unauthorized access to the mobile network or would target the authentication mechanism to deny service to authentic customers. Attacks that try to break the authentication system and gain unauthorized access can be prevented or at least made more difficult by increasing the strength of the authentication algorithms. To increase the strength of the algorithms, one need to increase the key size for the algorithms or increase the inherent strength of the algorithm. To ensure the strength of an algorithm, it would be a good idea to open the algorithm to the international research community for research and evaluation before incorporating it into a standard. It has been proven time and again that security by secrecy of the algorithm itself is no security at all. It may also be suggested that the schemes based on the secret algorithms, be changed to schemes and mechanisms based on open and proven standard algorithms like RSA, DES, AES. 34
  45. 45. • Encryption Attacks In these attacks the attacker tries to crack the encryption used to secure the communication and gain access to the information being transferred. The damage depends on the actual content that gets compromised as a result of the attack. Again, these attacks can be prevented by using industry strength encryption algorithms like RSA, DES and AES, instead of secret proprietary algorithms. • Denial of Service attacks This is the most difficult type of attack to ward off. In this type of attack the security system itself would be used to deny service to legitimate customers. Denial of denial of service is a topic of a lot of research now-a-days. One can however dissuade people from launching such attacks by tracking down and punishing those responsible for such attacks. Another way is to make the equipment that would be required to launch such an attack unavailable to the general public. • Spam It is just a matter of time before the spam mail one gets on one’s e-mail accounts starts moving towards spam messages on one’s cellular phone. Most people expect only the most urgent of messages on one’s cellular phone. Unsolicited messages on one’s cellular phone can be highly irritating. It can be very difficult 35
  46. 46. to filter out spam SMS messages just as it is difficult to intelligently filter out spam mail. 5.3 Classification based on Motivation • Financial gain These attacks are generally aimed at gaining some financial advantage. SIM cloning for unauthorized use of a service is an example of such an attack. So is eavesdropping to gain certain financial or tactical information. • Disruption These attacks are not motivated by financial gain. Their basic aim is to disrupt the service being targeted. Often the aim is just to gain attention of a lot of people or maybe just to prove a point. 5.4 Classification based on Severity of Loss • Extreme These attacks cause extensive financial losses. A Denial of Service attack that brings down the entire wireless network is an example of such and attack. Prevention of such attacks would result in significant financial savings. In some cases, such as in military use of wireless systems, such an attack can have even more severe consequences than just financial loss. 36
  47. 47. • Moderate These are attacks that are comparatively less severe as compared to extreme loss attacks. An example of such attacks is an eavesdropping attack that compromises sensitive information of a particular user. The financial loss to the individual may be significant but is would be at least a few degrees of magnitude lesser than the loss caused by extreme loss attacks. • Mild/Irritant These attacks would generally just be mere irritants and would not result in significant financial losses. An example of such attacks would be SMS spam attacks. 37
  48. 48. Chapter 6 – Basic Concepts of Risk Analysis and Modeling Risk Analysis is a key component on the path to developing a risk model for a system. Risk Analysis enables the user to balance security against cost by understanding specific risks to the system as a whole from threats to the availability, integrity and confidentiality of its assets. Risk analysis primarily has the following goals: 1. To determine the actual exposure of the system to risk, with the aim of rectifying the deficiencies 2. To document that risk analysis was carried out in a responsible and accountable manner and give formal proof of the amount of risk the system is exposed to. This may be part of the security requirement of the organization or a partner of the organization. 3. To decide on a response to counter a new threat in a dynamic environment An effective risk assessment enables the user to make informed decisions on the basis of how much security is needed and why, what is the level of security that currently exists and how effective it is, and what degree of confidence can be placed in this knowledge. It allows security resources to be wisely applied. Unfortunately, risk analysis for information systems security has been inherently abstract and highly subjective. Even fundamental risk analysis terms such as ‘risk’, ‘asset’, ‘threat’ and ‘vulnerability’ exhibit a wide variety of definitions and interpretations. The degree of fuzziness and subjectivity increases as the system to be analyzed increases in complexity and heterogeneity. Hence 38
  49. 49. it is very important to define the key terms and concepts early on in the risk analysis process. 6.1 Key Concepts 6.1.1 System A system is a collection of hardware, software and data that has been identified as a distinct entity for risk analysis. A system may be divided in several sub-systems. Each subsystem may have different properties that need to be accounted for in risk analysis. However the general goal is to compute an overall value of risk to the system as a whole. The fact that several small individual risks to individual subsystems may aggregate to form a grave risk to the system as a whole must be taken into account. 6.1.2 Threat A threat is a source of potential damage to the system 6.1.3 Asset An asset is a property or a constituent of the system that has an associated value and could be a target of an attack. The asset can be a resource that the system uses like hardware or it can be something abstract like confidentiality of information. Different assets have different attributes that need to be factored into the risk analysis process. 39
  50. 50. 6.1.4 Vulnerability Vulnerability is the property of the system or any of its components that makes them susceptible to compromise. It is the property of the system that makes asset compromise possible and thus creates a risk. Vulnerability can also be defined at the propensity of the system to change from a good state to an undesirable state. It can be treated as an absence of safeguards and controls that prevent the system from going into a bad state. Vulnerability in a system indicates a lack of controls and safeguards against a specific threat. Vulnerability can be measured as the inverse of the amount of effort required to put the system into a bad state. 6.1.5 Safeguard A safeguard is a measure that mitigates the vulnerability of a system. Thus the absence of a safeguard can result in vulnerability and raise the level of risk 6.1.6 Countermeasure A countermeasure is the action taken to mitigate the risk to the system from a particular threat. A countermeasure is something that would be dynamically applied when necessary as compared to a safeguard that is always in existence in a system. Safeguard, countermeasure and vulnerability are closely related. The availability of effective countermeasures to a threat can be a safeguard. An absence of or weakness in a safeguard or the limitation of a countermeasure can be a vulnerability. 40
  51. 51. 6.1.7 Risk Risk is the probability of loss in a system. The basic goal of risk analysis is to compute an overall level of risk that can serve as a basis of decision-making or for initiating a countermeasure. 6.1.8 Attributes of a Threat During the process of risk analysis it is very important to identify the attributes of a threat. These include: • Attacker’s goals – what type of damage does the attacker seek? • Degree of motivation – how strongly does the attacker want to cause damage? • Capabilities – what can the attacker do? • Resources – how much effort can the attacker afford to invest? 6.1.9 Measurement of Characteristics during Risk Analysis It is necessary to be able to concretely measure the various elements of risk analysis like degree of motivation, capabilities, vulnerabilities and risk. There are two approaches to doing that: 1. Simple intervals: In this approach, there are simple and clearly defined ranges within which attributes are classified. For example, a high risk would be a risk value between 4 and 5 on a 5-point scale. 2. Fuzzy sets In this approach, a linguistic value defined using fuzzy set theory is based on a 41
  52. 52. membership function, which can have a complicated definition. For example, a risk value of 4.5 on a 5-point scale could have partial membership in a ‘high’ risk set and partial membership in a ‘very high’ risk set. 6.2 Approaches to Risk Modeling There are two basic approaches to risk modeling. 6.2.1 Incremental Approach In this approach, the user is placed in the active role. The user begins use of the system with a very rudimentary model in place. The rudimentary model may be constructed by using information that is already in place in the system or by asking the user some very basic questions. As the system is used the model is evolved. As the user uses the system, she may be presented with questions that help in the evolution of the model. But the user does not have to ever sit at once and answer a huge list of questions. In the rudimentary stages the decisions made by the system may not be perfect. It may be over conservative in computing the risk or may suggest more drastic countermeasures than necessary. But then the principle ‘Better safe, than sorry’ applies. The inferences drawn by the risk model may be more protective than they should be. However as the model matures with use of the system the model makes decisions that are more informed and more accurate. Thus, the system constantly learns and the accuracy of the model improves with time. It also puts the user in control and allows her to control the evolution of the model. 42
  53. 53. 6.2.2 All-at-once Approach In this approach, an attempt is made to construct the complete model before the use of the system can begin. All information that is required must be gathered before the model can be constructed. The user may be asked a large list of questions, on the basis of which the risk model is constructed. There is no refinement of the model as the system is used. The model remains fixed throughout the existence of the system. 6.2.3 Hybrid Approach This approach is a hybrid of the two approaches mentioned above. The user begins use of the system with a mature and well-evolved model that has been constructed by using all the information that could be gathered at that stage. However, even after the system is operational, the model continues to evolve with constant feedback from the user. This approach again puts the user in control and allows the model to be refined with time to better match the existing circumstances. 6.3 Problems in Evaluation of Risk The following are the problems in the evaluation of risk: 1. The user is put in a passive role and cannot control or affect the evolution of the model. 2. Information available at the time the model is created may be imperfect or incomplete. 3. Only the threats foreseen at the time the model is created are accounted for. 4. Methods of risk analysis are extremely complicated. 43
  54. 54. 5. There may be misinterpretation of terminology, resulting in inconsistent use of the model. 6. The risk analysis method may be inflexible and unfriendly. 7. The process may not be conducive to experimentation. 8. The model may not support evaluation of residual risk. 6.4 Basic Risk Assessment Methodology The basic steps in the risk assessment methodology are as follows: 1. Define what constitutes the system, that is, identify the components that make up the system as a whole 2. Identify the different assets in the system 3. Identify the threats that the system is exposed to 4. Identify the vulnerabilities in the system. 5. Identify existing safeguards in the system 6. Determine the attributes of the assets and the threats. 7. Combine the information about the assets, threats and vulnerabilities to compute the risk to an asset due to a threat and combine that to compute an overall value of risk to that asset. 8. Combine the threats to the various assets to compute an overall risk value for the system. Basic steps in determining a counter measure to a new change in a dynamic environment are as follows: 44
  55. 55. 1. Determine the threats posed by the new change 2. Compute the risk to the assets in the system due to the threats and then combine them to obtain an overall value of risk. 3. Use the change in overall value of risk to determine a countermeasure to be taken that would bring the system risk down to acceptable levels. An effective method for combination of risk value would be to use a fuzzy logic approach to compute overall risk. This can be used for the combination of risk values at several stages of the risk analysis process. 45
  56. 56. Chapter 7 – Fuzzy Logic 7.1 Introduction to Fuzzy Logic Fuzzy Logic has emerged as a profitable tool for the controlling of subway systems and complex industrial processes, as well as for household and entertainment electronics, diagnosis systems and other expert systems. ‘Fuzzy’ has become a key word for marketing. Electronic articles without a ‘Fuzzy’ component gradually turn out to be dead stock. Fuzzy Logic is basically a multi-valued logic that allows intermediate values to be defined between conventional evaluations like yes/no, true/false, good/bad, etc. Notions like ‘rather high’ or ‘quite low’ can be formulated mathematically and processed by computers. In this way an attempt is made to apply a more human-like way of thinking in the programming of computers. Fuzzy logic is an alternative to traditional notions of set membership and logic. 7.2 Basic Concepts Let us assume that the task at hand is to define a set of young people. Y = {set of young people} Y can be defined as follows: Y = [0, 20] So, anyone with age between 0 and 20, both inclusive, belongs to the set of young people. But that implies that on the day an individual exceeds 20 years of age she suddenly 46
  57. 57. becomes not young. That is a quite drastic. One may like to have a more gradual transition from young to not young. May be an individual who is more than 20 but less than 30 years of age is not that young but is still young to some extent. To represent the real world more closely it is necessary to relax the strict separation between young and not young. We need a more ‘fuzzy’ definition of the set. So in fuzzy sets, the degree of membership in a set in indicated by a value on the range [0.0, 1.0], with 0.0 representing no membership and 1.0 representing full membership. The notion central to fuzzy systems is that truth values (in fuzzy logic) or membership values (in fuzzy sets) are indicated by a value on the range [0.0, 1.0], with 0.0 representing absolute falseness (or no membership) and 1.0 representing absolute truth (or full membership). Degree of membership (µ) 1.0 0.5 0 20 25 30 50 Age Figure 7.1 Sample Fuzzy Set 47
  58. 58. Consider the membership function for the fuzzy set Y shown above. So now an individual who is 25 year old is still a member of young to a degree of 50%. 7.3 Definitions Following are some basic definitions in fuzzy set theory: 7.3.1 Fuzzy Set Let X be some set of objects, with elements noted as x. Thus, X = {x}. A fuzzy set A in X is characterized by a membership function μA(x) that maps each point in X onto the real interval [0.0, 1.0]. As μA(x) approaches 1.0, the "degree of membership" of x in A increases. 7.3.2 Empty Set A is empty iff for all x, μA(x) = 0.0. 7.3.3 Equality Consider another fuzzy set B in X is characterized by a membership function μB(x) A = B iff for all x: μA(x) = μB(x) [or, μA = μB]. 7.3.4 Complement Complement of a fuzzy set A' is defined by the membership function: μA' = 1 - μA 48
  59. 59. 7.3.5 Containership A is contained in B iff μA <= μB. 7.4 Operations on Fuzzy Sets Let A be a fuzzy interval between 5 and 8 and B be a fuzzy number about 4. The membership functions μA and μB are defined as shown in the figures below: Figure 7.2 Membership Function for Fuzzy Set A 49
  60. 60. Figure 7.3 Membership Function for Fuzzy Set B Following are some basic operations defined on fuzzy sets A and B: 7.4.1 Intersection (AND) A fuzzy set C = A INTERSECTION B, is defined by the membership function: μC(x) = MIN(μA(x), μB(x)). The following figure shows the membership function for the fuzzy set A AND B or A∩B Figure 7.4 Membership function for Fuzzy Set A ∩ B 7.4.2 Union (OR) A fuzzy set C = A UNION B, is defined by the membership function: μC(x) = MAX(μA(x), μB(x)). The following figure shows the membership function for the fuzzy set A OR B or A ∪ B 50
  61. 61. Figure 7.5 Membership function for Fuzzy Set A ∪ B 7.4.3 Negation (COMPLEMENT) A fuzzy set C = A, is defined by the membership function: μC(x) = 1 - μA(x) The following figure shows the membership function for the fuzzy set A Figure 7.6 Membership function for Fuzzy Set A 7.5 Fuzzy Sets and Risk Modeling Fuzzy systems, including fuzzy logic and fuzzy set theory, provide a rich and meaningful addition to standard logic. The mathematics generated by these theories is consistent, and fuzzy logic can be a generalization of classic logic. The applications that may be generated from or adapted to fuzzy logic are wide-ranging. Fuzzy logic provides the 51
  62. 62. opportunity for modeling of conditions that are inherently imprecisely defined, despite the concerns of classical logicians. Many systems may be modeled, simulated, and even replicated with the help of fuzzy systems, especially systems that require human reasoning itself. Thus the risk model for SMS messages in cellular phones with its inherent fuzziness and element of human reasoning is an ideal candidate for application of fuzzy logic. Chapter 8 – Fuzzy Logic based Risk Model for SMS 8.1 System Before the risk model is developed it is essential to clearly define what constitutes the system, that is, identify the components that make up the system as a whole. The system under consideration is a GSM based cellular phone. The phone is assumed to be programmable. The hardware in the system would include: 1. The cellular phone itself 2. The SIM card The software in the system would include: 1. The Operating System for the cellular phone 2. Personal Information Management (PIM) software 3. User installed software, if any The information in the system would include: 1. Subscriber ID and key information stored in the SIM 2. Contacts and schedule information stored by the PIM software 52
  63. 63. The model assumes that the system has in place a mechanism to irrefutably determine the identity of the sender of an SMS message. So when the system receives an SMS message the system can ascertain without doubt who the message has been sent by. 8.2 Assets The system contains the following assets, which need to be protected: 8.2.1 Cellular Phone Usability This is the most important asset in the system. It is the ability of the user to use the cellular device. For example, an SMS Ping attack as described earlier in this study, could freeze up the device and render it useless. 8.2.2 Data/Information on the Cellular Device The cellular device contains a lot of information that needs to be protected. For example, loss of Subscriber ID and key information from the SIM card could deny the user access to the cellular network and render the cellular device useless. Loss of contact or schedule information from the PIM software may severely hamper the user’s ability to carry on with routine business. 8.2.3 Right to Privacy It is important to recognize and protect the user’s right to privacy as an asset. For example the user may turn the device to silent mode when attending a meeting. It is necessary that the privacy of the user be respected and the user not be disturbed by unimportant messages. The user would still want to be notified in case of emergencies. 53
  64. 64. Hence turning the cellular device off during meetings is not exactly the desirable solution. The importance of protecting this asset varies with the mode the cellular phone is in. For example, when the phone is in silent mode it would be necessary to protect this asset. The same asset may not be a very important issue when the user is willing to accept messages from anyone. 8.2.4 Right to Avoid Unnecessary Billing Everything comes at a price. Most of the time, users pay for the SMS messages that they receive. Some cellular service providers have a policy of providing a set of free SMS messages after which the user is bill per SMS message received. Every user has the right to avoid being billed for messages that she does not want. The problem is how would the user be able to determine whether the message is useful till it is delivered to her. Again most of the times the user would not mind receiving unimportant message as long as she is within her quota. Once the quota is exceeded this policy may change and the user may want to receive only important messages. 8.3 Attacker In this model the attacker can be any individual who is sending an SMS message to the system (cellular phone) under consideration. So every individual who sends an SMS message is considered a potential attacker. The attributes of the attacker are as follows: 8.3.1 Goals 54
  65. 65. The attacker is always considered to be hostile. The goal of the attacker depends on the asset under consideration. Asset Attacker’s Goal Cellular phone usability Disable the device and render it unusable Data/information on the cellular phone Delete/damage the data Right to privacy Disturb the user with unnecessary messages Right to avoid unnecessary billing Inflate the user’s bill unnecessarily 8.3.2 Degree of Motivation The degree of motivation of the attacker is a measure of what extent the attacker can go to cause damage to the system. The model measures degree of motivation of an attacker on a scale of 0 to 7 with 0 being least motivated and 7 being most motivated. The relationship of the attacker to the user of the system is used to determine the degree of motivation of the attacker. The attacker is categorized into the following categories: 1. Family 2. Friend 3. Colleague 4. Acquaintance 5. Competitor 6. Enemy This categorization can easily obtained from the PIM software in the system. Most PIM software allows the user to categorize her contacts. The model uses fuzzy sets to represent the different degrees of motivation corresponding to the categories of attackers. Category Degree of Motivation Family Fuzzy interval [0, 1] Friend Fuzzy value about 2 Colleague Fuzzy value about 3 Acquaintance Fuzzy value about 4 55
  66. 66. Competitor Fuzzy value about 5 Enemy Fuzzy interval [6, 7] The membership functions of these fuzzy sets are as shown below: Degree of membership 1.0 0 1 2 3 4 5 6 7 Degree of motivation Family Friend Colleague Acquaintance Competitor Enemy Figure 8.1 Membership functions for Fuzzy Sets for Degree of Motivation This scheme offers the user with a great deal of flexibility. Firstly the model can automatically pick up degree of motivation of a particular attacker from the PIM depending upon the categorization of the attacker by the user. The user can of course override this and explicitly specify a degree of motivation for a particular attacker. For, example if the user feels that a contact stored in the PIM is more hostile than a friend but less hostile than a colleague and closer to being a friend, the contact can be explicitly assigned a degree of motivation of 2.25 by the user overriding the automatic assignment 56
  67. 67. on the basis of the contact’s category in the PIM. This would increase the membership of the contact (attacker) in the fuzzy set ‘Friend’ and reduce it in fuzzy set ‘Colleague’. If the attacker is not present in the PIM or has not been categorized, then the attacker would be treated as an enemy with a degree of motivation of 7. When an SMS message from an unknown or uncategorized contact is received the user may be prompt to enter a category or a degree of motivation value for use the next time around. Thus the model is built up incrementally. The user does not have to enter all the information at the beginning, but can do so as she uses the system. Thus this scheme puts the user in the active role. 8.3.3 Capabilities This is a measure of what the attacker is capable of. The capability of the attacker is determined by the device that the attacker is using to send the SMS message. The capabilities of the attacker can be categorized into the following two categories: 1. Attack from another cellular phone: In this category the SMS message is sent from another cellular phone. The device used to attack is characterized by little or no programmability. Also the device has very limited bandwidth, which is comparable to the device that is being attacked. Due to minimal programmability and limited bandwidth, the capabilities of the attacker are minimal. 2. Attack from a PC connected to the internet: In this category the SMS message is sent from a PC connected to the Internet. The attacker on the PC can send e-mail to a special e-mail address provided by the service provider. An ‘e-mail to SMS’ gateway converts the e-mail to an SMS 57
  68. 68. message. The SMS message is then delivered to the target cellular phone over the cellular network. The PC is a very versatile device that can be programmed as an attack device. Also the bandwidth at the disposal of the attacker connected to the Internet is enormous as compared to the bandwidth of the cellular phone. So it is very easy to swamp the cellular phone with SMS messages from the PC with negligible effect on the PC itself. Thus an attacker using a PC represents an attacker with maximal capabilities. The model measures the capabilities of an attacker on a scale of 0 to 5 with 0 being least capable and 5 being most capable. The device used by the attacker is used to determine the degree of motivation of the attacker. The model uses fuzzy sets to represent the different capabilities of attackers. Category Capability Cellular phone Fuzzy interval [0, 2] Computer Fuzzy interval [3, 5] This allows capabilities of devices between these 2 extremes to be taken into account and modeled if necessary. The membership functions of these fuzzy sets are as shown below: Degree of membership 1.0 0 1 2 3 4 5 Capability 58 Cellular Phone Computer
  69. 69. Figure 8.2 Membership functions for Fuzzy Sets for Capability 8.3.4 Resources This is a measure of what kind and amount of resources the attacker has at her disposal. For example, a corporation trying to target a user would have exceedingly large resources as compared to an individual attacker. In this model, we do not explicitly model resources of the attacker. Instead we consider it as a reflection on the capabilities of the attacker. To be more precise, an attacker with greater resources can be modeled as an attacker who is more capable and vice-versa. 59
  70. 70. 8.4 Calculation of Risk 8.4.1 Overview Just as every sender of an SMS message is considered an attacker, every SMS message that is received by the cellular phone is considered to be a threat. So arrival of an SMS message signals the possibility of a new threat. When an SMS message arrives, the system can determine the sender of the message and the device from which it is sent. On the basis of these two things, it can obtain values for degree of motivation and capability of the attacker. On the basis of the values for degree of motivation and capability of the attacker, the model attempts to compute the risk to each asset in the system due to the threat using fuzzy logic and then selects a counter measure to counter that threat. Once the counter measure to ensure protection of each asset in the system has been determined, the model chooses the most conservative counter measure and applies it to the SMS message. The principle behind this is that security of a system is only as strong as the strength of its weakest link. Selecting the strongest counter measure may be too drastic, but it ensures that the weakest link in the system is secure and cannot be exploited by a potential threat. 8.4.2 Fuzzy Sets for Risk The model measures risk to an asset on a scale of 0 to 5 with 0 being least risky and 5 being most risky. The model categorizes risk into the following fuzzy sets: 60
  71. 71. Risk Fuzzy Set None Fuzzy value about 0 Very Low Fuzzy value about 1 Low Fuzzy value about 2 High Fuzzy value about 3 Very High Fuzzy interval [4, 5] The membership functions of these fuzzy sets are as shown below: Degree of membership 1.0 0 1 2 3 4 5 Risk None Very Low Low High Very High Figure 8.3 Membership functions for fuzzy Sets for Risk 8.4.3 Countermeasures The counter measures available to a system to counter the risk due to a threat are as follows: 1. Reject: 61

×