On the Impact of the Cellular Modem on the Security of Mobile Phones

Mobile Kommunikation, Mobiltelefone und Smartphones sind ein wesentlicher Bestandteil unseres täglichen Lebens geworden. Daher ist es essentiell, dass diese sicher und zuverlässig funktionieren. Mobiltelefone und Mobilfunknetze sind hoch komplexe Systeme. Solche Systeme abzusichern ist eine anspruchsvolle Aufgabe. Vorangegangene Arbeiten haben sich meist auf die mobilen Endgeräte, im Speziellen auf die Betriebssysteme sowie Endanwendungen, konzentriert. Die vorliegende Doktorarbeit untersucht einen neuen Weg im Bereich Mobilfunksicherheit. Im Fokus steht das Modem als Schnittstelle zum Mobilfunknetz. Das Mobilfunkmodem ist die Komponente, welche die Funkverbindungzum Mobilfunknetz herstellt und ist nach unserer Auffassung eine der Schlüsselkomponenten bei der Untersuchung und Verbesserung der Mobilfunksicherheit. Mobilfunkmodems sind proprietär und können nur mit extrem hohem Aufwand untersucht werden. Für den Einbau zusätzlicher Sicherungsmaßnahmengilt dasselbe. Aus diesen Gründen analysiert diese Arbeit nicht das Innenleben eines Modems, sondern dessen Schnittstelle zum mobilen Betriebssystem. In dieser Arbeit untersuchen wir daher die folgende von uns aufgestellte These: Die Sicherheit mobiler Endgeräte sowie der Mobilfunknetze hängt direkt mit der Sicherheit der Modemschnittstelle zusammen. Diesen Zusammenhang legen wir anhand von drei Schritten dar. Im ersten Schritt führen wir eine Untersuchung der Modemschnittstelle durch. Basierend auf den Ergebnissen der Untersuchung führen wir mehrere Sicherheitsanalysen von Short-Message-Service- (SMS) Implementierungen von verschiedenen Telefontypen durch. Im zweiten Schritt untersuchen wir die Möglichkeiten, die sich Schadcode auf mobilen Endgeräten zu Nutze machen kann. Für diese Untersuchung entwickeln wir ein Proof-of-Concept-Botnetz, welches mittels des Modems verdeckt kommuniziert. Im dritten Schritt implementieren wir, basierend auf den Ergebnissen der vorangegangenen Schritte, einen Schutzmechanismus zur Absicherung des Modems gegen bösartige Zugriffe. Durch unsere Untersuchungen sind wir zu mehreren Ergebnissen gekommen. Die Software für den Empfang von SMS-Nachrichten beinhaltet oftmals (zum Teil kritische) Sicherheitsprobleme. Diese Sicherheitsprobleme haben auch Auswirkungen auf andere Komponenten der Endgeräte. Mit unserem mobilen Botnetz zeigen wir, welche Möglichkeiten Schadcode auf Mobiltelefonen grundsätzlich zur Verfügung stehen. Durch den von uns entwickelten Schutzmechanismus der Modemschnittstelle bestätigen wir unsere anfangs formulierte These. Die Absicherung der Modemschnittstelle verhindert die zuvor präsentierten Angriffe und zeigt hierdurch, dass die Modemschnittstelle einen entscheidenden Faktor der Mobilfunksicherheit darstellt.Cellular communication and especially mobile handsets are an essential part of our daily lives. Therefore, they need to be secure and work reliably. But mobile handsets and cellular networks are highly complex systems and securing them is a challenging task. Previously, most efforts concentrated on the handsets. These efforts only focused on the mobile phone operating system and applications in order to improve cellular system security. This thesis takes a new path and targets the cellular modem as the route to improve the security of mobile handsets and cellular networks. We target the modem since it is one of the essential parts of a mobile handset. It is the component that provides the radio link to the cellular network. This makes the modem a key element in the task to secure mobile phones. But cellular modems are proprietary and closed systems that cannot be easily analyzed in the full or even modified to improve security. Therefore, this thesis investigates the security of the cellular modem at its border to the mobile phone operating system. We suspect that the security of mobile handsets and cellular network strongly depends on the security of the modem interface. This is our hypothesis, which we seek to prove in this work. We solve this in three steps. In the first step, we analyze the interaction between the cellular modem and the other parts of a modern mobile phone. Based on the analysis we develop two novel vulnerability analysis methods. Using this methods we conduct vulnerability analysis of the Short Message Service implementations on various mobile phones. In the second step, we investigate the possible capabilities that malware has through unhindered access to the cellular modem. For this, we develop a cellular botnet where the bots utilize the modem for stealthy communication. In the third step, we use the results from the previous analysis steps to improve the security at the cellular modem interface. In our analysis step, we abused the cellular modem for vulnerability analysis.We discovered several security and reliability issues in the telephony softwares tack of common mobile phones. Using our cellular botnet implementation, we show how malware can abuse access to the cellular modem interface for various kinds of unwanted activities. In the final step, we show that through improving the security at the cellular modem interface the security of mobile handsets as well as the security of cellular networks can be increased. Throughout this thesis we show that the cellular modem has a significant impact on mobile phone security

Mobile Broadband Possibilities considering the Arrival of IEEE 802.16m & LTE with an Emphasis on South Asia

This paper intends to look deeper into finding an ideal mobile broadband solution. Special stress has been put in the South Asian region through some comparative analysis. Proving their competency in numerous aspects, WiMAX and LTE already have already made a strong position in telecommunication industry. Both WiMAX and LTE are 4G technologies designed to move data rather than voice having IP networks based on OFDM technology. So, they aren't like typical technological rivals as of GSM and CDMA. But still a gesture of hostility seems to outburst long before the stable commercial launch of LTE. In this paper various aspects of WiMAX and LTE for deployment have been analyzed. Again, we tried to make every possible consideration with respect to south Asia i.e. how mass people of this region may be benefited. As a result, it might be regarded as a good source in case of making major BWA deployment decisions in this region. Besides these, it also opens the path for further research and in depth thinking in this issue.Comment: IEEE Publication format, ISSN 1947 5500, http://sites.google.com/site/ijcsis

The Design of a System Architecture for Mobile Multimedia Computers

This chapter discusses the system architecture of a portable computer, called Mobile Digital Companion, which provides support for handling multimedia applications energy efficiently. Because battery life is limited and battery weight is an important factor for the size and the weight of the Mobile Digital Companion, energy management plays a crucial role in the architecture. As the Companion must remain usable in a variety of environments, it has to be flexible and adaptable to various operating conditions. The Mobile Digital Companion has an unconventional architecture that saves energy by using system decomposition at different levels of the architecture and exploits locality of reference with dedicated, optimised modules. The approach is based on dedicated functionality and the extensive use of energy reduction techniques at all levels of system design. The system has an architecture with a general-purpose processor accompanied by a set of heterogeneous autonomous programmable modules, each providing an energy efficient implementation of dedicated tasks. A reconfigurable internal communication network switch exploits locality of reference and eliminates wasteful data copies

Beacon pack

STEM technologies have the ability to spread information to those corners of the world where Internet access has yet to reach. However, there are very few technologies that can bring this necessity to developing countries, most of which do not have the capital to pursue these technologies. In this paper, we discuss Beacon Pack, a solar powered database in a travelers pack that can bring information acquired from the Internet to these individuals in developing countries with low-level cellular phones or feature phones. Our product tackles this issue of providing this info, specifically news articles, to developing countries through an existing cellular signal. Beacon Pack connects to any cell signal and can thus provide educational content to surrounding individuals through SMS text, one of the few communication tools that most third world citizens have access to today. We found that this project is not only incredibly beneficial, but it is also pragmatic in its approach to bridging the information gap. Through simple coding techniques, our team was able to establish this technology to support multiple users at a cost of $150 per pack. Each pack, when connected to a single cellular service signal, can supply thousands of users with information in the area, making this project highly cost efficient. Consequently, we plan for this device to be expanded into outside countries by a San Jose based non-profit, Community Technology Alliance. Through their efforts, more teams of engineers will be able to further implement Beacon Pack to include several different types of educational tools for users, all of which will be SMS text enabled

A New Covert Channel Over Cellular Network Voice Channel

Smartphone security has become increasingly more significant as smartphones become a more important part of many individuals\u27 daily lives. Smartphones undergo all computer security issues; however, they also introduce a new set of security issues as various capabilities are added. Smartphone security researchers pay more attention to security issues inherited from the traditional computer security field than smartphone-related security issues. The primary network that smartphones are connected to is the cellular network, but little effort has been directed at investigating the potential security issues that could threaten this network and its end users. A new possible threat that could occur in the cellular network is introduced in this paper. This research proves the ability to use the cellular network voice channel as a covert channel that can convey covert information as speech, thus breaking the network policies. The study involves designing and implementing multiple subsystems in order to prove the theory. First, a software audio modem that is able to convert digital data into audio waves and inject the audio waves to the GSM voice channel was developed. Moreover, a user-mode rootkit was implemented in order to open the voice channels by stealthily answering the incoming voice call, thus breaking the security mechanisms of the smartphone. Multiple scenarios also were tested in order to verify the effectiveness of the proposed covert channel. The first scenario is a covert communication between two parties that intends to hide their communications by using a network that is unknown to the adversary and not protected by network security guards. The two parties communicate through the cellular network voice channel to send and receive text messages. The second scenario is a side channel that is able to leak data such as SMS or the contact of a hacked smartphone through the cellular network voice channel. The third scenario is a botnet system that uses the voice channel as command and control channel (C2). This study identifies a new potential smartphone covert channel, so the outcome should be setting countermeasures against this kind of breach

The Case for Liberal Spectrum Licenses: A Technical and Economic Perspective

The traditional system of radio spectrum allocation has inefficiently restricted wireless services. Alternatively, liberal licenses ceding de facto spectrum ownership rights yield incentives for operators to maximize airwave value. These authorizations have been widely used for mobile services in the U.S. and internationally, leading to the development of highly productive services and waves of innovation in technology, applications and business models. Serious challenges to the efficacy of such a spectrum regime have arisen, however. Seeing the widespread adoption of such devices as cordless phones and wi-fi radios using bands set aside for unlicensed use, some scholars and policy makers posit that spectrum sharing technologies have become cheap and easy to deploy, mitigating airwave scarcity and, therefore, the utility of exclusive rights. This paper evaluates such claims technically and economically. We demonstrate that spectrum scarcity is alive and well. Costly conflicts over airwave use not only continue, but have intensified with scientific advances that dramatically improve the functionality of wireless devices and so increase demand for spectrum access. Exclusive ownership rights help direct spectrum inputs to where they deliver the highest social gains, making exclusive property rules relatively more socially valuable. Liberal licenses efficiently accommodate rival business models (including those commonly associated with unlicensed spectrum allocations) while mitigating the constraints levied on spectrum use by regulators imposing restrictions in traditional licenses or via use rules and technology standards in unlicensed spectrum allocations.

Correlation of blood oxidative stress parameters to indoor radiofrequency radiation: A cross sectional study in Jordan

© 2020 by the authors. Licensee MDPI, Basel, Switzerland. Background: Electromagnetic pollution is a general health concern worldwide, as cell phone towers are ubiquitous and are located adjacent to or on the roof of schools, and hospitals. However, the health risks are still inconclusive. This cross-sectional study evaluated the potential effect of electromagnetic radiation generated from various resources including cell phone towers on blood glutathione S transferase activity (e-GST) and total antioxidant activity of the Jordanian population. Methods: The power density of three districts in the city of Irbid, Jordan was mapped to generate “outside the houses” and “inside the houses” maps. The effect of categorical variables (gender, using a cell phone, presence of Wi-Fi modem, previous exposure to medical imaging) and continuous variables (distance from the base station, the elevation of the house, the duration of stay in the house, power density outside houses, power density inside houses) on e-GST and total antioxidant activity were investigated. Results: The EMR generated outside the houses—including cell phone towers—did not reach inside the houses at the same power and had no significant influence on e-GST activity. The EMR inside the house, which primarily came from internal resources, has a significant effect on e-GST activity. The duration of stay inside the house, the use of cell phones, and the presence of a Wi-Fi modem had a proportional effect on e-GST activity. The total antioxidant activity was statistically equal between the tested and control groups. Conclusion: Several factors such as building materials restricted the penetration of EMR reaching inside the houses. EMR generated inside rather than outside the houses had a proportional effect on e-GST. The differences in e-GST were compensated successfully by other antioxidant mechanisms. Further research is needed to identify other possible sources of antioxidants, and to evaluate long-term effects and genetic polymorphism