General Packet Radio Services (GPRS) that extends GSM data capabilities for Internet access is a packet-based wireless communication service that promises data rates from 56 up to 114Kbps and continuous connection to the Internet for mobile phone and computer users. GPRS is based in Global System for Mobile (GSM) communication. It i a second generation (2G) and third generation (3G) – or sometimes referred to as in-between both generation , 2.5G – wireless data service and complements existing services such circuit-switched cellular phone connections and the multimedia messaging services.
Security Threats and Solution
Attacks on the Mobile Device –unauthorized access to the GPRS network can be regularly retrieved using a stolen mobile device and assuming there is no security locking mechanism (such as password protection) is enabled on the stolen mobile device, an unauthorized user can request services on the GPRS network in disguise as the original owner.
Countermeasures include safeguarding the mobile device with a password or exploit the E-911 location functionality charged by the FCC. Let say a mobile device was stolen, the E-911 mandate requires carriers to implement the capability of location identification through triangulation. However, this functionality is currently being tested and has not been fully implemented.
Attacks on the Radio Path – The radio path make use of the open air, and hence, exposing itself to potential attackers from any outside party within a close enough perimeter to detect the signal. The greatest threat along the radio path is eavesdropping by an unauthorized party. Subscribers use GPRS services with the assumption that the information transmitted to and from their mobile is being safeguarded.
Attacks on the Cellular Network – Securing the digital cellular network involve protecting the following GSM network elements: Base Transceiver Subsystem; Base Station Controller;
Mobile Switching Center; Home Location Register; Visitors Location Register.
Traditionally, these network elements were used strictly to support wireless voice services, but with the introduction of wireless non-voice services such as public Internet data services, these network components have been altered in order to make it possible for non-voice services to use the same network. Implementing these new configurations to support non-voice services not only increased the types of services available to subscribers, but also captivate new network threats.
Concentrating on threats directed specifically at the digital cellular network as contrary to threats coming from the GPRS network, physical security is of utmost importance. Having direct access to one or more of the GSM network elements listed above can result in significant negative business effects.
Unauthorized access can lead to fraudulent activities, such as invalid and fictitious subscribers loaded into the HLR or VLR, or may lead to network outages (Denial of Service attack). Thus, securing the physical locations of these network elements is vital. It is also important, in knowing exactly who internally has access to these network elements. Access lists and logs should be closely scrutinized and reviewed for suspicious entries. Improving upon this would be implementing preventive security measures such as 24-hour monitoring of the facilities housing network equipment, enforcing valid access times during the day, and performing background checks on switch engineers and others who are hired in as field technicians.
Attacks on the GPRS, Public, and Corporate networks – It can be distinguished as an attack on the GPRS network because both the public network and private corporate networks are external access points to the GPRS network.
Additional threats to the GPRS network can also come from roaming partner networks (intercarrier services). Attacks originating from the public Internet are becoming more and more experienced. Every day, public IP networks are constantly being interrogate and scanned by external parties. Mostly, tracing the originating path of a scan will reveal an innocent source unaware of the scan. This is being done through the use of IP-spoofing where an attacker can redirect data packets through a third-party’s network, or do some changes to the data packet addressing information. This increases the complexity of securing the GPRS IP-backbone and investigating detected network attacks.
The first security measure all wireless operators must implement is a firewall at any point of entry to the GPRS network from an external network. Firewalls can be configured in order to allow only legitimate traffic into the GPRS network. However, simply implementing a firewall does not guarantee a full protection from all external attacks. Using network routing techniques, intrusion detection systems, and securing the tunnelling protocols, in addition to firewalls, it will enhance an operator’s ability to protect its GPRS network from external threats.
The same security risks pertaining to physical access from both internal and external parties described in the section, Attacks on the Cellular Network, exist for GPRS network elements (SGSN, GGSN) as well.
Reference: www.brookson.com/gsm/gprs.pdf
www.tml.tkk.fi/Opinnot/Tik-110.501/2000/papers/peng.pdf
yourfamily.o2.co.uk/assets2/PRODImages/PDF/security.pdf
Reference: www.brookson.com/gsm/gprs.pdf
www.tml.tkk.fi/Opinnot/Tik-110.501/2000/papers/peng.pdf
yourfamily.o2.co.uk/assets2/PRODImages/PDF/security.pdf
No comments:
Post a Comment