Security for smart mobile networks: The NEMESYS approach

The growing popularity of smart mobile devices such as smartphones and tablets has made them an attractive target for cyber-criminals, resulting in a rapidly growing and evolving mobile threat as attackers experiment with new business models by targeting mobile users. With the emergence of the first large-scale mobile botnets, the core network has also become vulnerable to distributed denial-of-service attacks such as the signaling attack. Furthermore, complementary access methods such as Wi-Fi and femtocells introduce additional vulnerabilities for the mobile users as well as the core network. In this paper, we present the NEMESYS approach to smart mobile network security, to develop novel security technologies for seamless service provisioning in the smart mobile ecosystem, and to improve mobile network security through a better understanding of the threat landscape

NEMESYS: Enhanced Network Security for Seamless Service Provisioning in the Smart Mobile Ecosystem

As a consequence of the growing popularity of smart mobile devices, mobile malware is clearly on the rise, with attackers targeting valuable user information and exploiting vulnerabilities of the mobile ecosystems. With the emergence of large-scale mobile botnets, smartphones can also be used to launch attacks on mobile networks. The NEMESYS project will develop novel security technologies for seamless service provisioning in the smart mobile ecosystem, and improve mobile network security through better understanding of the threat landscape. NEMESYS will gather and analyze information about the nature of cyber-attacks targeting mobile users and the mobile network so that appropriate counter-measures can be taken. We will develop a data collection infrastructure that incorporates virtualized mobile honeypots and a honeyclient, to gather, detect and provide early warning of mobile attacks and better understand the modus operandi of cyber-criminals that target mobile devices. By correlating the extracted information with the known patterns of attacks from wireline networks, we will reveal and identify trends in the way that cyber-criminals launch attacks against mobile devices.Comment: Accepted for publication in Proceedings of the 28th International Symposium on Computer and Information Sciences (ISCIS'13); 9 pages; 1 figur

Security attacks on RECKLESS-APPs: Remote car keyless applications for new semi autonomous vehicles

Rapid technological advancements of vehicle manufacturing and the modern wireless technology opens the door for several new Intelligent Transportation applications. Remote Keyless system in vehicles is considered one of the famous applications that has been developed recently, which is susceptible to many cyberattacks. Remote Keyless applications on smartphones were developed in the past few years to perform the functionality of keyless fob and are expected to replace the physical keyless fobs in the next few years, which can open the door to many cyberattacks. In this research, we implemented a simulation that represents the REmote Car KeyLESS Applications (RECKLESS-apps) on the smartphones. In this thesis we demonstrate the types of cyber-attacks these applications could face. Our research serves as a proof that remote car keyless applications that would replace the physical keys could be vulnerable to various malicious cyber-attacks. We study these attacks and provide remedies, cyber-hygiene and best practices to remedy some of these attacks