Introduction - Computer Science and Engineering

advertisement
SPAM IN CELLULAR NETWORK
BY : HUSAIN HUSNA
** INTRODUCTION **
• Cellular networks are a critical component of the economic
and social infrastructures in which we live.
• Types of services : Voice and Data
• Telecommunication companies offer connections between
their networks and the internet.
• Here the network becomes vulnerable.
• Mobile spam is a growing problem for users
• The efficient and accurate control of spam’s on mobile
handsets is an important problem.
…BUT WHAT IS MOBILE SPAM ?
• Can be defined as messages of an unsolicited nature delivered
to mobile hand-sets, which:
–try to sell something to the user.
–ask the user to call a phone number , which may be a
premium-rate service.
–destroy or change handset settings.
–are simply messages of a commercial nature that intrude
upon a user’s right to privacy and/or carry harmful
content.
• Mobile spam is potentially more threatening than fixed-line
spam.
** FORMS OF MOBILE SPAM **
•Mobile spam can take many forms.
•Pure forms occur as SMS, MMS or
video messages.
•Threat will (has) increase(d) with
mobile e-mail and mobile internet
** USER RECEPTIVENESS TO MOBILE SPAM CONSUMERS **
• Spam consumers are not pleased with the fact that they are
targets for spam.
** TYPES OF SPAM POSSIBLE **
• SMS spam's
• Voice spam (telemarketing calls)
• Phishing attack/identity theft (future attacks)
GROWTH IN SPAM IN CELLULAR NETWORK
** RECENT ATTACKS **
• October 25, 2006 Verizon sues SMS spammers
• Over the past few months, Verizon Wireless has filed several
additional lawsuits against people and companies who sent
unwanted text messages to their wireless subscribers,
according to Cellular News.
• "These lawsuits are just a small part of our company's efforts
to stop unwanted messages from reaching our customers'
handsets,"
• Stealth Attack Drains Cell Phone Batteries
• Following McAfee's SMSishing warning/scare earlier this
week of hackers sending out SMS messages to mobile users coaxing them into downloading unsuspecting software
containing Trojan horse viruses - today, Science Daily reports
on "stealth attacks" that drain cell phone batteries. [via digg]
• "Cell phones that can send or receive multimedia files could be
targeted by an attack that stealthily drains their batteries,
leaving cellular communications networks useless, according
to computer security researchers at UC Davis, in a lab test.
** SMS SPAMS **
• Everyone with an e-mail box knows about spam: junk
messages hawking porn, Viagra deals or Nigerian get-richquick schemes. But now spam is going mobile, chasing after
cell phone users who use text messaging services.
• All the spam attacks against e-mail accounts, fax machines and
voicemail will now be resurfacing in SMS on our cell phones.
• Spam is an issue about consent, not content.
• Determined spammers can still easily get their messages onto
wireless phones, a process that can be even easier than sending
junk mail to conventional e-mail accounts.
• Some buy mobile phone number databases over the Internet.
Others can simply try a brute force approach by massmessaging random numbers, targeting certain prefixes that
tend to be used for mobile phones.
• Spam text messages are more common in Europe and Asia,
where many subscribers don't have to pay for incoming
messages.
• To skirt the messaging fee, the spammers send the text
message through the Internet.
• Text spam also differs in content from e-mail spam. Text
spammers, limited to 200 characters per message, have to
make their point quickly to maximize return.
• The connections between the Internet and phone networks
introduce open functionality that detrimentally affects the
fidelity of a cellular provider's service. Through the generation
and use of large, highly accurate phone hit-lists, we
demonstrate the ability to deny voice service to large
metropolitan areas with little more than a cable modem.
• Moreover, attacks targeting the entire United States are
feasible with resources available to medium-sized zombie
networks.
• A
• Zombie computer, abbreviated zombie, is a computer attached
to the Internet that has been compromised by a security
cracker, a computer virus, or a trojan horse. Generally, a
compromised machine is only one of many in a “botnet", and
will be used to perform malicious tasks of one sort or another
under remote direction. Most owners of zombie computers are
unaware that their system is being used in this way.
Zombie Network
** IDENTIFYING VUNNERABILITIES **
• Cellular networks can be broken into two chief components the radio, or "air interface" and the wired backbone.
• We are chiefly interested in how traffic injected from the
Internet can be used to congest the air interface
• We divide the air interface into two general components Control Channels and Traffic Channels.
• Control channels of radio frequency allows cellular towers to
send information pertaining to call setup, SMS delivery and
network conditions (such as the availability of traffic channels)
to mobile phones.
• Notice that control channels have far much less bandwidth
than traffic channels
• Because
text messages and mobile-phone call setups rely on the same
limited resource, namely control channels, it is possible to attack this
system. If enough text messages are sent so that no more control
channels are available, calls will begin blocking (i.e. will not be
connected).
Figure 2: On the left, a request to set up a voice call is sent to the
control channels. Because a number of unused control channels are
available, the call will be connected. On the right, the control channels
have been filled by SMS messages. If the attacker sends enough
SMS messages to this particular tower, they can ensure that voice
calls will always be blocked with a very high probability.
• If an attacker were to flood the control channels with enough
SMS messages to reach capacity, they could create the same
Denial of Service (DoS) to a given area.
** MITIGATE **
• Many of the mechanisms currently in place are not adequate to
protect these networks
• The proven practicality of address spoofing or distributed
attacks via zombie networks makes the use of authentication
based upon source IP addresses an ineffective solution.
• Separation of Voice and Data: It would be difficult for the
numerous connections between the Internet and cellular
networks to be closed by service providers. In light of this, the
most effective means of eliminating the above attacks is by
separating all voice and data communications.
• The separation of voice and data is not enough to completely
ensure unaffected wireless communications. In situations
similar to September 11th where traffic channels are naturally
saturated, Internet-originated SMS messages can still be used
to fill data channels such that legitimate text messaging and
therefore all communication becomes impossible.
• Resource Provisioning: The effects of Internet-originated
SMS attacks could be reduced by increasing capacity to
critical areas in a similar fashion. Unfortunately, the cost of
additional equipment makes this solution too expensive for
widespread distribution. Even if a provider rationalized the
expense, the elevated provisioning merely makes DoS attacks
more difficult but not impossible. Additionally, the increased
number of handoffs resulting from reduced sector size would
induce significant strain on the network core.
• Rate Limitation: On the air interface, the number of channels
allowed to deliver text messages could be restricted. Given the
addition of normal traffic filling control channels, this attack
would still be effective in denying service to all but a few
individuals. Additionally, this approach slows the rate with
which legitimate text messages can be delivered, potentially
elevating congestion in the core of the phone network. This
approach is therefore not an adequate solution on its own.
** TELEMARKETERS **
• Telemarketing has been, and continues to be, a controversial
marketing practice. Telemarketing can provide huge benefits
for consumers. In many instances, consumers are introduced to
new opportunities or products through telemarketing.
• Telemarketing can also promote the availability of competitive
alternatives to incumbent providers and help facilitate a
competitive marketplace.
• Unfortunately, certain telemarketing practices can be a
significant and intrusive nuisance for consumers, as well as a
source of consumer confusion. In some instances, rogue
telemarketers can take advantage of this confusion to commit
fraud against consumers.
• "Junk" calls from telemarketers, akin to e-mail spam that
everyone is familiar with, are growing by the day.
• Under the federal Telephone Consumer Protection Act, it is
against the law to use auto-dialers or prerecorded messages to
call numbers assigned to pagers, cellular or other radio
common carrier services except in emergencies or when the
person called has previously given their consent. (47 USC
227)
• But the law fails to specifically prohibit “live” telemarketing
calls to cell phones. Telemarketers claim they do not target cell
phones with solicitations, but it can happen, especially if a
wire line phone number is inadvertently assigned to a cell
phone. Aside from the privacy and annoyance factors of
receiving junk calls on cell phones, there is the further
aggravation of having to pay for those calls. (Cell phone users
generally pay for both the outgoing and incoming calls.)
** VOICE SPAM IS DIFFERENT FROM E-MAIL SPAM **
• Different from e-mail spam
– At 2 am, received a junk email sitting in Inbox.
• But, a junk voice call is a real nuisance.
–Most E-mail filters rely on content analysis. But in Voice calls,
it is too late to analyze media for spamming.
• Voice Spam Detection is difficult.
–Headers for voice spam detection : “from”, “contact”. Are
these enough ?
–Detection in real time before the media arrives.
• Spam is basically an unwanted call !!!!!
** PHISHING **
In computing, phishing is a criminal activity using social
engineering techniques. Phishers attempt to fraudulently acquire
sensitive information, such as passwords and credit card details, by
masquerading as a trustworthy person or business in an electronic
communication. Phishing is typically carried out using email or an
instant message, although phone contact has been used as well.
• Phishing in Emails
• Phishing Via SMS
• Phishing Via Voice calls
Phishing Example Via Email
Phishing Websites
SMiShing is an unwelcome cross between SMS and phishing, the
scam that tries to trick users into handing over confidential details
online. Which means that phishing could soon make its debut on
your small screen.
• The virus targeted two major cell phone operators in Spain,
sending messages that attempted to trick their subscribers into
downloading free antivirus software for their phone,
supposedly from their service provider.
• Evidence suggests that the threat was created using existing
codes from a variety of sources on the internet. By targeting a
network operator’s SMS gateway, the messages can be sent for
free, and details of how to hack those gateways are freely
available over the internet.
** VOIP FUTURE TECHNOLOGY **
• Security experts predict that the next level of attacks will target
services such as VoIP as well as Internet telephony (Skype).
• The motive behind these anticipated attacks is expected to be
the same as always, viz., financial gain, identity and
information theft. These attacks will be similar to those that we
have seen in the past on cellular and landline phones.
• For instance, attackers may try to compromise a VoIP gateway,
launch a denial-of-service (DoS) attack on call management
software, exploit a vulnerability in a vendor’s Session
Initiation Protocol (SIP) implementation or try to hijack VoIP
calls through TCP (Transmission Control Protocol) hijacking
and application manipulation. Spammers could flood
voicemail boxes with unsolicited messages or interrupt
conversations by injecting voice spam in them.
• The latest threat on VoIP application is Spamming over
Internet telephony (SPIT). “SPIT is a type of spam or
solicitation made over VoIP. This means that spitters can now
send annoying, repetitious advertisements similar to the spam
choking our e-mail inboxes but in pre-recorded voice format.
Not only can they send you voice messages, but they can also
take over your VoIP network and send messages to other users
that appear to originate from you
** BLUETOOTH ATTACKS **
• In Europe and Asia, there already have been cases of Blue
jacking, where hackers use public Bluetooth hot spots in trains
and other public areas where a greater penetration of more
sophisticated Bluetooth-equipped handsets are in use. From a
few feet away, hackers can sniff out phones with active
Bluetooth connections. They can then break in by either
tapping the handset's open sharing settings or sending a
message, hoping the user responds. In either case, they can
gain control of the handset radio and siphon off personal
information.
** RESEARCH METHODS TO PREVENT
SPAMS IN CELLULAR NETWORK **
• Black and white lists
• Bayesian learning
• Use of Presence to avoid Spams.
• Header Based analysis to block a spammer before a call rings.
• Track botnets and zombie machines. (In future 80-85% spams
will be generated by botnets)
Questions
• Types of spam possible in Cellular
Networks
• How to circumvent them
• Future spam in cellular technology
• Research going on
** REFRENCES **
• Ram Dantu, Prakash Kolan '‘Detecting spam in VOIP
networks'‘
• www.smsanalysis.org
• http://www.whitedust.net/printpage.php?PageID=45
• S. Wolpin. Spam comes calling.
http://techworthy.com/Laptop/June2004/Spam-ComesCalling.htm, June 2004.
• Verizon Wireless. About the service.
http://www.vtext.com/customer site/jsp/aboutservice.jsp.
• J. Swartz. Cellphones now richer targets for viruses, spam,
scams.
http://www.usatoday.com/printedition/news/20050428/1a
bottomstrip28.art.htm, April 28, 2005.
• P. Roberts. Nokia phones vulnerable to dos attack.
http://www.infoworld.com/
article/03/02/26/HNnokiados 1.html, February 26, 2003.
• S. Marwaha. Will success spoil sms?
http://wirelessreview.com/mag/wireless success spoil sms/,
March 15, 2001.
• G. Goth. Phishing attacks rising, but dollars losses down.
IEEE Security and Privacy Magazine, 3(1):8, January 2005.
• Cellular Online. Uk sms traffic continues to rise.
http://www.cellular.co.za/news 2004/may/0500404-uk sms
traffic continues to rise.htm, May 2004.
• J. V. D. Bulck. Text messaging as a cause of sleep interruption
in adolescents, evidence from a cross-sectional study. Journal
of Sleep Research, 12(3):263,
September 2003.
THANK YOU !!!
Download