cis 6930 cellular and mobile network security end to end
play

CIS 6930 - Cellular and Mobile Network Security: End-to-End - PowerPoint PPT Presentation

Jun 06, 2023 •895 likes •1.38k views

CIS 6930 - Cellular and Mobile Network Security: End-to-End Authentication Professor Patrick Traynor 11/8/2018 (Thanks to Adam Doup and Brad Reaves) Florida Institute for Cybersecurity (FICS) Research Announcements Abstracts for Course

  1. CIS 6930 - Cellular and Mobile Network Security: End-to-End Authentication Professor Patrick Traynor 11/8/2018 (Thanks to Adam Doupé and Brad Reaves) Florida Institute for Cybersecurity (FICS) Research

  2. Announcements • Abstracts for Course Project Due 11/13 (Tuesday) • Assignment is already open on Canvas • Turn in PDF and .tex source! • Tuesday class will be pre-recorded • Are your experiments running? • You should each be prepping a 12-15 min 
 presentation for 11/29… Florida Institute for Cybersecurity (FICS) Research 2

  3. What Are We Authenticating? • We’ve talked about authentication in the context of 1-4G networks… • …so who gets authenticated to what? • 1G - Authentication by assertion - nobody to nobody • 2G - User to network (BS) • 3G - Mutual authentication (UE to Node B) • 4G - Mutual authentication (UE to EnB/MME) • Is that enough? • Like so many other questions, it depends… Florida Institute for Cybersecurity (FICS) Research 3

  4. Quiz Time 1-800-432-1000 1-800-432-1000 Bank of America Bank of America Florida Institute for Cybersecurity (FICS) Research 4

  5. Who Are You? • We have built an array of mechanisms to attest to identity for the Internet. • Well, for well-known entities on the Internet. • Phones are our backup, our trusted platform… • …and yet even a security expert can not tell who is calling him/her. • What we need are stronger notions 
 of identity for these devices. • …or at least an understanding of 
 the limits… Florida Institute for Cybersecurity (FICS) Research 5

  6. End-to-End Authentication • Assertion : One of the great technological failures of the 21st century (thus far) is that my financial institutions, public services and government can’t call me on the phone. • So how do we fix it? • This set of lectures deals with precisely this problem. • We’ll look at a range of mechanisms to help us understand the state of the art and figure out what comes next. • What guarantees do we get from any of these things? Florida Institute for Cybersecurity (FICS) Research 6

  7. Modern Telephony Systems Intermediary IP Networks Telco Networks VOIP Carrier Cell Network Web Gateway Internet Services VOIP Proxy Gateway PSTN Florida Institute for Cybersecurity (FICS) Research 7

  8. What Happens in a Call Along the way: 1. Identity is asserted, not attested Intermediary IP Networks Telco Networks VOIP Carrier • No authentication of ID Cell Network Web Gateway Internet Services VOIP 2. Signaling protocols change Proxy Gateway • ID assertion is not easily fixed PSTN 3. Audio compression changes The only thing we can guarantee that is transmitted correctly is voice. Florida Institute for Cybersecurity (FICS) Research 8

  9. Blacklists • Blacklist yourself - use the National Do Not Call Registry! • If you know which numbers are used as part of scams, just block those! • Multiple applications now offer communal blacklists (e.g., True Caller, NoMoRobo, Mr. Number, etc). • Under a variety of different monetization models. • Problem: Caller ID Values are asserted and not attested . • So attackers can simply switch numbers every time 
 and evade ALL of these systems. • We’re going to need something better… Florida Institute for Cybersecurity (FICS) Research 9

  10. Recall: Analog vs Digital Phone systems are generally classified as either analog or digital. • What exactly does that mean? 
 • This is all about how data is represented and delivered through the network. 
 • Analog is the translation of voice/sound into electrical impulses. • Pure waveform representations of sounds. 
 • Digital is an approximation of this waveform, 
 • represented in 0s and 1s. Florida Institute for Cybersecurity (FICS) Research 10

  11. What is a Codec? When we chose the digital option, we have to also decide how we are • going to encode our data. At what bit rate? • With what expectation of audio quality? • At what compression? • With what assumptions about loss rates? • With what knowledge of network bandwidth? • Florida Institute for Cybersecurity (FICS) Research 11

  12. Codec- GSM-FR Pulse Code Modulation (PCM) is the basis for GSM Full-Rate (GSM-FR) • voice encoding. 8 kHz samples (64 kbps) reduced to 13.2 kbps using Regular Pulse • Excitation - Long Term Prediction (RPE-LTP). What can vary here? • ... ... ... ... 20 msec 20 msec 160 Samples 160 Samples 260-bit frame RTP-LTP RTP-LTP Encoder Decoder Sender Receiver Florida Institute for Cybersecurity (FICS) Research 12

  13. Solution: Call Provenance Information about the source and path taken by a call • Where is this call coming from ? • Is this really Bank of America calling ? • Observe that receiver end call audio embeds artifacts of networks that it • traverses Packet loss in a VoIP network • Advantage: Provenance determined completely at the receiving end • without infrastructure modifications Florida Institute for Cybersecurity (FICS) Research 13

  14. PinDr0p Overview • Packet Loss • Noise Path Traversal Signature • Quality Cell VoIP PSTN − − − − − Extract Features ML Classifier − − − − − − − − − − − − − − − Identify Networks Characterize Networks Call Signature (Alice) Goal • What is the path taken by a call ? • What is the source of a call ? • For each network, extract features • Identify and characterize the network • Robust to manipulation • Florida Institute for Cybersecurity (FICS) Research 14

  15. Short Term Energy To Detect Packet Loss 5 10 1 iLBC Packet Loss 0.5 0 10 Amplitude STE 0 − 5 10 − 0.5 30 ms − 10 10 − 1 2 2.2 2 2.2 2.4 2.4 2.6 2.6 2.8 2.8 3 3 3.2 3.2 3.4 3.4 3.6 3.8 3.6 4 3.8 4 5 5 10 10 Packet Loss Speex 0 0 10 10 STE STE 20 ms − 5 − 5 10 10 − 10 − 10 10 10 2 2.2 2.4 2.6 2.8 3 3.2 3.4 3.6 3.8 4 2 2.2 2.4 2.6 2.8 3 3.2 3.4 3.6 3.8 4 Time (s) Time (s) Short term energy (STE) is used to detect abrupt losses in energy • PL detection by looking for significant drop in energy followed by energy floor, accompanied by significant rise • Length of energy floor depends on amount of audio lost • The exact multiple also indication of codec used - G.729 uses 10 ms, G.711 and Speex use 20 ms and iLBC uses 30 ms • STE identifies if there is a VoIP network and the codec used, and characterizes the network based on its loss rate • Florida Institute for Cybersecurity (FICS) Research 15

  16. Identifying and Characterizing PSTN and Cellular Networks PSTN - G.711 • G.711 Speex iLBC Uncompressed (64 kbps) - high fidelity audio • G.729 30 GSM 28 Waveform codec - introduces noise only 
 Noise Spectral Range • 26 during speech activity (multiplicative noise) 24 22 20 Cellular - GSM • 18 16 Significant compression (13 kbps) - lower 
 12 • 20 11 quality audio 15 10 10 9 5 Noise Spectral Deviation Spectral Clarity Speech model - no multiplicative noise • High fidelity audio detected by spectral clarity • Presence of multiplicative noise detected by spectral level range and deviation • Combination of noise characteristics used to identify and characterize PSTN and cellular networks • Florida Institute for Cybersecurity (FICS) Research 16

  17. Overall PinDr0p Architecture PL and PLC features - identify and • characterize VoIP network − − − Noise features - identify and − • Extract Features characterize PSTN and cellular networks STE/ Noise Statistics P .563 Score Correlation Quality features - identify number of • networks as quality degrades with networks traversed PL/PLC Features Noise Features Quality Features Feature Vector Create combined feature vector for • each call sample Label based on signature required • Florida Institute for Cybersecurity (FICS) Research 17

  18. Evaluation: Call Signature Accuracy = 90% Accuracy = 97.5% ATL-Cell ATL-Cell DAL-LL DAL-LL NYC-Cell NYC-Cell ATL-Skype ATL-Skype ATL-LL ATL-LL PUN-MJack PUN-MJack ATL-GT1 ATL-GT1 ATL-Von ATL-Von ATL-Skype ATL-Skype ATL-GT2 ATL-GT2 DUB-Von DUB-Von BAL-MJack BAL-MJack MEL-NFone MEL-NFone FRA-LL FRA-LL LON-Cell LON-Cell SJC-Cell SJC-Cell MEL-NFone MEL-NFone PUN-MJack PUN-MJack BAL-MJack BAL-MJack ATL-Skype ATL-Skype ATL-Skype ATL-Skype DUB-Von DUB-Von LON-Cell ATL-GT2 ATL-GT1 NYC-Cell LON-Cell ATL-GT2 ATL-GT1 NYC-Cell SJC-Cell ATL-Von SJC-Cell ATL-Von ATL-Cell ATL-Cell FRA-LL DAL-LL FRA-LL DAL-LL ATL-LL ATL-LL Atlanta PSTN Origin (a) (b) Cellular Origin Skype Origin 16 different locations, each making 10 calls of duration 20 seconds to testbed in Atlanta • Train classifier on N (1 - 5) call sets and test on 5 random unseen sets • MagicJack Origin With single call set 90% accuracy, increases to 97.5% with 3 labeled call sets, 100% with 5 labeled call sets • Vonage Origin London mobile phone misclassified as New York mobile phone (~origin) or France landline (~distance) • MyNetPhone Origin Able to distinguish phones from same location, eg., three landline phones from Atlanta • Vonage calls show PSTN characteristics - immediately transfers to PSTN backbone for high quality of service • Features we extract are consistent for same call source but have enough variability to distinguish different call sources • Florida Institute for Cybersecurity (FICS) Research 18

Recommend

CIS 6930 - Cellular and Mobile Network Security: Phreaking and Eavesdropping Professor Patrick

CIS 6930 - Cellular and Mobile Network Security: Phreaking and Eavesdropping Professor Patrick

CIS 6930 - Cellular and Mobile Network Security: Phreaking and Eavesdropping Professor Patrick Traynor 11/15/18 Florida Institute for Cybersecurity (FICS) Research Closing Notes Remember, 50% of the course grade comes from this project.

624 views • 33 slides
CIS 6930 - Cellular and Mobile Network Security: GSM Overload Professor Patrick Traynor 11/1/18

CIS 6930 - Cellular and Mobile Network Security: GSM Overload Professor Patrick Traynor 11/1/18

CIS 6930 - Cellular and Mobile Network Security: GSM Overload Professor Patrick Traynor 11/1/18 Florida Institute for Cybersecurity (FICS) Research Reminders You need to start working on your project! Some of you have not yet built

1.22k views • 32 slides
CIS 6930 - Cellular and Mobile Network Security: Cellular Networking Professor Patrick Traynor

CIS 6930 - Cellular and Mobile Network Security: Cellular Networking Professor Patrick Traynor

CIS 6930 - Cellular and Mobile Network Security: Cellular Networking Professor Patrick Traynor 9/18/2018 Florida Institute for Cybersecurity (FICS) Research The Big Picture Details create the big picture. -Sanford I. Weill Florida Institute

1.13k views • 40 slides
CIS 6930 - Cellular and Mobile Network Security: Academic Writing Professor Patrick Traynor

CIS 6930 - Cellular and Mobile Network Security: Academic Writing Professor Patrick Traynor

CIS 6930 - Cellular and Mobile Network Security: Academic Writing Professor Patrick Traynor 10/9/18 Florida Institute for Cybersecurity (FICS) Research A Recap... How do phone calls happen in 3G networks? Our midterm is on 10/18

703 views • 33 slides
CIS 6930 - Cellular and Mobile Network Security: CDMA/UMTS Air Interface Professor Patrick

CIS 6930 - Cellular and Mobile Network Security: CDMA/UMTS Air Interface Professor Patrick

CIS 6930 - Cellular and Mobile Network Security: CDMA/UMTS Air Interface Professor Patrick Traynor 10/11/2018 Florida Institute for Cybersecurity (FICS) Research UMTS and CDMA 3G technology - major change from GSM (TDMA) Based on

337 views • 22 slides
CIS 6930 - Cellular and Mobile Network Security: Classical Telephony Security Professor Patrick

CIS 6930 - Cellular and Mobile Network Security: Classical Telephony Security Professor Patrick

CIS 6930 - Cellular and Mobile Network Security: Classical Telephony Security Professor Patrick Traynor 10/30/18 Florida Institute for Cybersecurity (FICS) Research Ah, the Classics... Florida Institute for Cybersecurity (FICS) Research 2

887 views • 11 slides
CIS 6930 - Cellular and Mobile Network Security Introduction Professor Patrick Traynor 8/23/2018

CIS 6930 - Cellular and Mobile Network Security Introduction Professor Patrick Traynor 8/23/2018

CIS 6930 - Cellular and Mobile Network Security Introduction Professor Patrick Traynor 8/23/2018 Florida Institute for Cybersecurity (FICS) Research Rapid Communication Over Distance Florida Institute for Cybersecurity (FICS) Research 2

827 views • 19 slides
CS 8803 - Cellular and Mobile Network Security: GSM - In Detail Professor Patrick Traynor

CS 8803 - Cellular and Mobile Network Security: GSM - In Detail Professor Patrick Traynor

CS 8803 - Cellular and Mobile Network Security: GSM - In Detail Professor Patrick Traynor 10/2/18 Florida Institute for Cybersecurity (FICS) Research Cellular Telecommunications Architecture Background Air Interfaces Network

831 views • 39 slides
Throughput prediction based on mobile device context in Cellular Network Yihua (Ethan) Guo

Throughput prediction based on mobile device context in Cellular Network Yihua (Ethan) Guo

Throughput prediction based on mobile device context in Cellular Network Yihua (Ethan) Guo University of Michigan AIMS-5 2013 Background Prevalence of cellular networks Mobile Traffic is expected to grow rapidly in the near future

510 views • 18 slides
CS 5410 - Computer and Network Security: Cellular Network Security Professor Kevin Butler Fall

CS 5410 - Computer and Network Security: Cellular Network Security Professor Kevin Butler Fall

CS 5410 - Computer and Network Security: Cellular Network Security Professor Kevin Butler Fall 2015 Southeastern Security for Enterprise and Infrastructure (SENSEI) Center Reminders Poster showcase next Monday For final project: turn

533 views • 34 slides
Lecture 12: Network layer mobility Lecture 12: Network layer mobility Mobile IP, cellular

Lecture 12: Network layer mobility Lecture 12: Network layer mobility Mobile IP, cellular

Lecture 12: Network layer mobility Lecture 12: Network layer mobility Mobile IP, cellular handsoffs. Mobile IP, cellular handsoffs. Mythili Vutukuru CS 653 Spring 2014 Feb 24, Monday Network layer: recap The network or IP layer

388 views • 11 slides
CS 8803 - Cellular and Mobile Network Security: Data Air Interface Professor Patrick Traynor

CS 8803 - Cellular and Mobile Network Security: Data Air Interface Professor Patrick Traynor

CS 8803 - Cellular and Mobile Network Security: Data Air Interface Professor Patrick Traynor 10/23/18 Florida Institute for Cybersecurity (FICS) Research Packet-Switched Mobile Data Florida Institute for Cybersecurity (FICS) Research 2

805 views • 21 slides
Mobile network security issues A very short overview of some mobile security issues.

Mobile network security issues A very short overview of some mobile security issues.

Mobile network security issues A very short overview of some mobile security issues. Mobile access is expected to become the main access method. Services and mobile commerce (mCommerce) are expected to become a major business.

818 views • 20 slides
CSE 543 - Computer Security (Fall 2006) Lecture 25 - Cellular Network Security Guest Lecturer:

CSE 543 - Computer Security (Fall 2006) Lecture 25 - Cellular Network Security Guest Lecturer:

CSE 543 - Computer Security (Fall 2006) Lecture 25 - Cellular Network Security Guest Lecturer: William Enck November 30, 2006 URL: http://www.cse.psu.edu/~tjaeger/cse543-f06 CSE 543 Computer (and Network) Security - Fall 2006 - Professor

677 views • 21 slides
What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

Network security Network security Foundations: what is security? cryptography Network Security Network Security authentication message integrity key distribution and certification Security in practice: Srinidhi Varadarajan

332 views • 6 slides
Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice:

634 views • 36 slides
3rd Generation Systems Review of Cellular Wireless Networks UMTS Cellular Wireless

3rd Generation Systems Review of Cellular Wireless Networks UMTS Cellular Wireless

3rd Generation Systems Review of Cellular Wireless Networks UMTS Cellular Wireless Network Evolution First Generation : Analog AMPS: Advance Mobile Phone Systems Residential cordless phones Second Generation : Digital

584 views • 40 slides
CS 528 Mobile and Ubiquitous Computing Lecture 11: Mobile Security and Mobile Software

CS 528 Mobile and Ubiquitous Computing Lecture 11: Mobile Security and Mobile Software

CS 528 Mobile and Ubiquitous Computing Lecture 11: Mobile Security and Mobile Software Vulnerabilities Emmanuel Agu Mobile Security Issues Introduction So many cool mobile apps Access to web, personal information, social media, etc

1.05k views • 55 slides
CSE 543 - Computer Security Lecture 26 - Mobile phone security December 11, 2007 URL:

CSE 543 - Computer Security Lecture 26 - Mobile phone security December 11, 2007 URL:

CSE 543 - Computer Security Lecture 26 - Mobile phone security December 11, 2007 URL: http://www.cse.psu.edu/~tjaeger/cse543-f07/ CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger 1 Mobile Phones Networked device

302 views • 11 slides
Security Analysis of Network Protocols John Mitchell Stanford University Usenix Security

Security Analysis of Network Protocols John Mitchell Stanford University Usenix Security

Security Analysis of Network Protocols John Mitchell Stanford University Usenix Security Symposium, 2008 Many Protocols Authentication and key exchange SSL/TLS, Kerberos, IKE, JFK, IKEv2, Wireless and mobile computing Mobile IP, WEP,

959 views • 71 slides
What, exactly, is different or new about MOBILE mobile security? SECURITY TECHNOLOGIES 2017

What, exactly, is different or new about MOBILE mobile security? SECURITY TECHNOLOGIES 2017

What, exactly, is different or new about MOBILE mobile security? SECURITY TECHNOLOGIES 2017 Dan S. Wallach , Rice University tl;dr The computers inside the computer Every chip has one or more CPUs inside; they have exploitable bugs

1.23k views • 87 slides
The structure of cellular networks The structure of cellular networks To be able to construct and

The structure of cellular networks The structure of cellular networks To be able to construct and

The structure of cellular networks The structure of cellular networks To be able to construct and analyze a cellular network, we need to clearly define what we identify as a node and what we represent with an edge. The nodes and edges have to

680 views • 41 slides
Mobile Communications Chapter 8: Network Protocols/Mobile IP Motivation Problems Data

Mobile Communications Chapter 8: Network Protocols/Mobile IP Motivation Problems Data

Mobile Communications Chapter 8: Network Protocols/Mobile IP Motivation Problems Data transfer Micro mobility support Encapsulation DHCP Security Ad-hoc networks IPv6 Routing protocols Prof. Dr.-Ing. Jochen

984 views • 39 slides
Self-organisation in future mobile cellular networks Hans van den Berg, Remco Litjens TNO ICT,

Self-organisation in future mobile cellular networks Hans van den Berg, Remco Litjens TNO ICT,

FP7 ICT-SOCRATES Self-organisation in future mobile cellular networks Hans van den Berg, Remco Litjens TNO ICT, Delft, The Netherlands NET-COOP 2009, Eindhoven, 23-25 November 2009 SELF-ORGANISATION IN FUTURE MOBILE CELLULAR NETWORKS OUTLINE

1.27k views • 57 slides

More recommend