Revealing the Nuts and Bolts of the Security of Mobile Devices Internet society to a mobile society. many articles about smartphone security were published.

Slides:

Advertisements

Similar presentations

Advertisements

Securing Emerging Mobile Technology JOHN G. LEVINE PH.D. D/CHIEF ARCHITECTURE GROUP 13 SEP

© 2006 Consumer Jungle Wi-Fi Computing. © 2006 Consumer Jungle What is Wi-Fi? Term is short for Wireless Fidelity –Technical standard for short-range.

1 Electronic Information Security – What Researchers Need to Know University of California Office of the President Office of Research May 2005.

Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL

Secure Communications in Civil Aviation Paul Wells A presentation to ATN September 2002.

Introduction Cloud characteristics Security and Privacy aspects Principal parties in the cloud Trust in the cloud 1. Trust-based privacy protection 2.Subjective.

DHS SECURITY INCIDENT REPORTING AND RESPONSE SECURITY INCIDENT REPORTING AND RESPONSE DHS managers, employees, and other authorized information users.

January 23-26, 2007 Ft. Lauderdale, Florida IP Communications, Secure – By Design Roger W. Farnsworth.

Bluetooth Technology. What is Bluetooth? Bluetooth is a short- range communications technology that allows devices to communicate with each other without.

CS 239: Advanced Security Spring 04 Security in Pervasive and Ubiquitous Environments Sam Irvine

Business Data Communications, Fourth Edition Chapter 10: Network Security.

Free Wi-Fi Zone. Detail Process of Free Wi-Fi Access Switch on Wi-Fi setup on your Wi-Fi enabled Device like Cell Phone, Tablet PC, Laptop & search for.

Lecture 1 Overview: roadmap 1.1 What is computer network? the Internet? 1.2 Network edge  end systems, access networks, links 1.3 Network core  network.

Computer Networks IGCSE ICT Section 4.

Data Integrity and Security. Data integrity  data that has a complete or whole structure  a condition in which data has not been altered or destroyed.

By: Matthew Follett. Introduction  A Wireless local area network (WLAN) links two or more devices using some wireless distribution method and usually.

The equipment needed for a home network A computer network is a network that lets more than one computer to exchange data.. A computer network is similar.

INTRODUCTION Wireless communication technology Provide high speed internet to large geographical areas Part of 4 th generation(4G) Alternative to cable.

WIRELESS NETWORKING. What are the advantages to wireless networking? How has society changed?

The Study of Security and Privacy in Mobile Applications Name: Liang Wei

Sarah Breton CSC December 13, Societal Topics Weeks 7 & 8  Internet Regulation : Internet regulation is restricting specific aspects of.

Information Security Technological Security Implementation and Privacy Protection.

MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.

Module Common Network Environments, Connectivity and Security Issues.

Security Awareness ITS SECURITY TRAINING. Why am I here ? Isn’t security an IT problem ?  Technology can address only a small fraction of security risks.

Wireless Network Security. What is a Wireless Network Wireless networks serve as the transport mechanism between devices and among devices and the traditional.

1 We’ve been p0wn’d? Review of 2015 Surface Transportation Cybersecurity Incidents 2015 TRB Session 850 Edward Fok USDOT/FHWA – Resource Center.

Wireless Security: Protect yourself when you’re mobile.

Presented by: Dr. Munam Ali Shah

MAHARANA PRATAP COLLEGE OF TECHNOLOGY, GWALIOR

331: STUDY DATA COMMUNICATIONS AND NETWORKS.  1. Discuss computer networks (5 hrs)  2. Discuss data communications (15 hrs)

Wireless Communication Meghan Synishin Kara MacDonald Arlene Pino “Last year more mobile phones were sold than the number of PC’s and cars combined.” -

Review 2 Chapters 7, 8, 9. 2  Define a network and its purpose.  Explain how communications technologies are used in our every day lives.  Understand.

Digital Rights Management and Watermarking of Multimedia Content for M-Commerce Applications Frank Hartung and Friedhelm Ramme, Ericsson Research, IEEE.

Csci5233 Computer Security1 Bishop: Chapter 11 An Overview of Cipher Techniques (in the context of networks) ( )

SECURITY Professor Mona Mursi. ENVIRONMENT IT infrastructures are made up of many components, abstractly: IT infrastructures are made up of many components,

Wireless Networking Nandakumar.P. Web Resource

 You will need to be able to Discuss the use of networks both in the workplace and at home.  Because of this, you will need to: › identify different.

Programming technical terms Program is like a recipe. It contains a list of ingredients (called variables) and a list of directions (called statements)

Virtual Private Network. VPN In the most basic definition, VPN is a connection which allows 2 computers or networks to communicate with each other across.

Focus On Bluetooth Security Presented by Kanij Fatema Sharme.

Ashley White.  Computing that is made to be found anywhere and everywhere.  A high degree of communication among devices and sensors through a ubiquitous.

13LECTURE NET301 11/23/2015Lect13 NET THE PROBLEM OF NETWORK SECURITY The Internet allows an attacker to attack from anywhere in the world from.

By: Nathan Narvaez. A system that links together electronic office equipment, such as computers and word processors, and forms a network within an office.

Mobile Security By Jenish Jariwala. What is Mobile Security?  Mobile Security is the protection of smartphones, tablets, laptops and other portable computing.

Proposed UW Minimum Computer Security Standards From C&C 28 Jan 2005 Draft.

Securing A Wireless Home Network. Simple home wired LAN.

Network Security and Cryptography

OIT and IT providers across campus are launching an awareness campaign to provide tips and resources to help you stay safe online and protect AU resources.

IS3220 Information Technology Infrastructure Security

SEMINAR ON “ REMOTE CONTROLLING OF TECHNICAL SYSTEMS USING MOBILE DEVICES”

Introduction to Networking. What is a Network? Discuss in groups.

Securing a Wireless Home Network BY: ARGA PRIBADI.

Information Systems CS-507 Lecture 32. Physical Intrusion The intruder could physically enter an organization to steal information system assets or carry.

3G Wireless Security By: Bill Barker. Overview What is 3G Wireless? What is 3G Wireless? HSPA HSPA Feistel Encryption/Decryption Feistel Encryption/Decryption.

The Hacking Suite For Governmental Interception. Today’s topic: RCS installation vectors.

Guided and Unguided Media

Wireless Network Security

Lesson Objectives Aims You should be able to:

Dr. Bill Vicars Lifeprint.com

D-Link Router Customer Care Number. A D-link router is a basic necessity these days with so much technology around us in offices or homes. We can connect.

Wi-Fi Technology.

Level 2 Diploma Unit 11 IT Security

Home and personal communication systems

Net301 LECTURE 11 11/23/2015 Lect13 NET301.

Mobile Security What is mobile secuirty & Identifying smartphone security holes& Sayed Hashimi Proposal Project.

The Hacking Suite For Governmental Interception

Unit # 1: Overview of the Course Dr. Bhavani Thuraisingham

Presentation transcript:

Revealing the Nuts and Bolts of the Security of Mobile Devices Internet society to a mobile society. many articles about smartphone security were published Many researchers and practitioners are expecting a major security incident with mobile phones In March 2010, Iozzo and Weinmann demonstrated a drive of I iPhone 3GS Internet society to a mobile society. many articles about smartphone security were published Many researchers and practitioners are expecting a major security incident with mobile phones In March 2010, Iozzo and Weinmann demonstrated a drive of I iPhone 3GS

As a first approach, the investigation subject of this paper Any mobile device that is controlled by MNO Any kind of phones that can only be used for phone functionality USB sticks that enable laptops to use the mobile network are also not covered. Any mobile device that is controlled by MNO Any kind of phones that can only be used for phone functionality USB sticks that enable laptops to use the mobile network are also not covered.

Specifics of Mobile Devices Creation of costs: Billed events,payment systems Network environment:strong connection,Firmware Update Process Limited Device Resources:Resource Limitations,battery Double Expensive Wireless Link:Expensive Computation Costs, High Monetary Communication Costs Reputation Creation of costs: Billed events,payment systems Network environment:strong connection,Firmware Update Process Limited Device Resources:Resource Limitations,battery Double Expensive Wireless Link:Expensive Computation Costs, High Monetary Communication Costs Reputation

ATTACK VECTOR CLASSES AND ATTACK MODELS Hardware-centric attacks belong to mobile device security only from a broader point of view. In the context of this paper, the most important class of technical vulnerabilities for mobile devices are software-centric attacks. User layer attacks contain every exploit that is not of technical nature. Eavesdropping:A passive attacker tries to intercept the conversation between mobile phone and base station Availability Attacks: One possible example is an active attacker blocking the signal of the mobile phone or base station Privacy Attacks: A passive attacker might use the smartphone’s ID to locate its owner. Impersonation Attacks: In a nutshell, one mobile phone impersonates as another in such an attack. For example, a mobile phone uses the service of a base station without billing facility for the base station, i.e., the service is used in a fraudulent way. Hardware-centric attacks belong to mobile device security only from a broader point of view. In the context of this paper, the most important class of technical vulnerabilities for mobile devices are software-centric attacks. User layer attacks contain every exploit that is not of technical nature. Eavesdropping:A passive attacker tries to intercept the conversation between mobile phone and base station Availability Attacks: One possible example is an active attacker blocking the signal of the mobile phone or base station Privacy Attacks: A passive attacker might use the smartphone’s ID to locate its owner. Impersonation Attacks: In a nutshell, one mobile phone impersonates as another in such an attack. For example, a mobile phone uses the service of a base station without billing facility for the base station, i.e., the service is used in a fraudulent way.

HARDWARE-CENTRIC SECURITY ASPECTS A.Intercepting MNO Smartcard Communication B.Attacking the Device:JTAG Attacks, Forensic Analysis A.Intercepting MNO Smartcard Communication B.Attacking the Device:JTAG Attacks, Forensic Analysis

DEVICE-INDEPENDENT SECURITY ASPECTS A.GSM: Cryptography for Protecting the Air Link B.Initial Connection and Encryption A.GSM: Cryptography for Protecting the Air Link B.Initial Connection and Encryption