Transcript How mobile communications work

Monitoring mobile
communication network,
how does it work?
How to prevent such thing
about that?
潘維亞
周明哲
劉子揚
(P78017058)
(P48027049)
(N96011156)
1
Contents
• How mobile communications work
• Why monitoring?
• Monitoring in the mobile communication network
o Mobile Spy
o Mobile Security
 Attacks based on communication network
• Case study : Online i-banking hacks
o How does it work?
o How to prevent it?
2
How mobile communications work
• Every day, we make calls, send messages or connect to the Internet
using mobile devices but rarely stop to wonder how it all works.
• So what is actually going on behind the scenes to enable your mobile to
do what it does?
3
How mobile communications work
• Mobile communications work by using low power radio waves necessary to
carry speech and data. When a call is made, the signal is handed across a
network of linked geographic areas called cells - hence the term cellphone until it reaches its destination.
• A piece of equipment called a base station transmits signals from one cell to the
next, or to land-line networks. Each cell is the area that each base station
covers. Base stations are often called masts, towers or cell-sites.
• Mobile communication is a communication network that does not involve cable
or wire connection between two entities.
• The current mobile communications technologies are
• GSM (Global System for Mobile Communications)
• CDMA (Code Division Multiple Access).
4
5
Why monitoring?
6
Mobile Communication Network
Monitoring Application
We monitor someone or system
• Remote Monitoring Using Wireless Cellular Networks
• Mobile Monitoring System for Smart Home
• Mobile Spy
• Cell Phone Monitoring Software
• Parental Monitoring Control
We are monitored from someone
• Mobile Security
• Monitoring Smartphones for Anomaly Detection
• Attacks based on communication network
7
Mobile Spy
• Monitor Your Child or Employee
• Silently monitor phone surroundings, text messages, GPS locations, call details,
photos, social media activity and more.
• Using the Internet capabilities of the phone, recorded activities, logs and GPS
locations are quickly uploaded to your Mobile Spy account. To view the results,
simply login to your secure account using any computer or mobile web browser.
Logs are displayed by categories and sorted for easy browsing.
8
Mobile Security
• Mobile security or mobile phone security
has become increasingly important in mobile
computing. It is of particular concern as
it relates to the security of personal information now stored on smartphones.
• All smartphones, as computers, are preferred targets of attacks. These attacks
exploit weaknesses related to smartphones that can come from means of
communication like SMS, MMS, Wi-Fi networks, and GSM. There are also attacks
that exploit software vulnerabilities from both the web browser and operating
system. Finally, there are forms of malicious software that rely on the weak
knowledge of average users.
• Different security counter-measures are being developed and applied to
smartphones, from security in different layers of software to the dissemination
of information to end users. There are good practices to be observed at all
levels, from design to use, through the development of operating systems,
software layers, and downloadable apps.
9
Attacks based on communication
1 Attack based on SMS & MMS
1.1 Attack on phone system (cause malfunction)
1.2 Intercept and relay message to third party
2 Attacks based on communication networks
2.1 Attacks based on the GSM networks (IMSI-catcher)
2.2 Attacks based on Wi-Fi (Packet sniffing)
3 Attacks based on vulnerabilities in software
applications
3.1 Web Browser (Phishing)
3.2 Operating System
4 Physical attacks
5 Malicious Software (Malware)
10
Attack based on SMS & MMS
• The attack isn’t new and SMS-stealing malware is embedded in many
fake mobile applications and abuses the brands of multiple banks.
11
Attacks based on the GSM networks
IMSI-catcher
• An IMSI catcher is essentially a false mobile tower acting between the target
mobile phone(s) and the service providers real towers. As such it is considered a
Man In the Middle (MITM) attack. It is used as an eavesdropping device used for
interception and tracking of cellular phones and usually is undetectable for the
users of mobile phones.
• A Man-in-the-Middle attack is a type of
cyber attack where a malicious actor inserts
him/herself into a conversation between
two parties, impersonates both parties and
gains access to information that the two
parties were trying to send to each other.
• A Man-in-the-Middle Attack allows a
malicious actor to intercept, send, and
receive data meant for someone else, or
not meant to be sent at all, without either
outside party knowing until it is too late.
12
Attacks based on Wi-Fi
Packet sniffing
• Packet sniffing is used to monitor packets traveling across a network.
Packet sniffing software -- often called network monitoring software -allows a user to see each byte of information that passes from a
computer or server across the network.
It can be used to detect
network problems or
intrusions and can also be
used maliciously to try to
get access to user names
and passwords.
13
Attacks based on vulnerabilities in
software applications
Web Browser (Phishing)
• Phishing is the act of attempting to acquire information such as
usernames, passwords, and credit card details (and sometimes,
indirectly, money) by masquerading as a trustworthy entity in an
electronic communication.
• Communications purporting to be from popular social web sites, auction
sites, banks, online payment processors or IT administrators are
commonly used to lure unsuspecting public. Phishing emails may
contain links to websites that are infected with malware.
• Phishing is typically carried out by email spoofing or instant messaging,
and it often directs users to enter details at a fake website whose look
and feel are almost identical to the legitimate one
14
Case study :
Online i-banking hacks
• A real case happened with several
banks in Thailand
• Criminals usually got several
hundreds thousand from each victim
• There are several methods of attack
than have been used




Man-in-middle
Packet sniffing
Phishing
Identity stealing
Thai internet banking process
Web login
Transaction Request
Web OTP confirm
One-Time-Password
Username/Password
16
Criminal’s method :
Trojan on mobile phone
• Criminal send a fake SMS to victim
by using application that change
phone number of sender to bank’s
phone number
“For ensure your safety, we introduce
you our new i-banking app. This can
help you keep your information safe
while using i-banking from your mobile
devices. URL: ….”
• Message contain a URL which is
linked to an application installation
17
Criminal’s method :
Trojan on mobile phone
• Comparison between true and fake webpage
18
Criminal’s method :
Trojan on mobile phone
• Example of fake website
19
Criminal’s method :
Trojan on mobile phone
• Once installed, it acts as an i-banking application
20
Information stealing method
Web login
Transaction Request
Web OTP confirm
One-Time-Password
Username/Password
21
Criminal has control of victim’s account
Web login
Username/Password
Transaction Request
Web OTP confirm
One-Time-Password
22
How to prevent it? : Client view
• Never download untrusted app (not certified in App store or
Play store)
• Never input username/password into non-official
application
• Check the site security sign
before enter any personal
information
• Don’t use i-banking on the main saving account
• Active real-time monitor such as SMS or e-mail report
23
How to prevent it? : Company view
• Always inform client about untrusted app or website
• Release only matured version of application to prevent
confusion of users
• Use better type of secondary identification system.
(i.e. hard token)
 Passwords are generated offline.
 No communication between
device and bank.
 Bank system calculates passcode
to confirm the identity.
 Much safer that SMS system
(soft token).
24
Thank you
25