Overview Physical Security Blockchain and Cryptocurrency - - PowerPoint PPT Presentation

overview
SMART_READER_LITE
LIVE PREVIEW

Overview Physical Security Blockchain and Cryptocurrency - - PowerPoint PPT Presentation

Sep 05, 2022 330 likes •426 views

Korea vs USA Security Research - Case Study: Cellular Network - Yongdae Kim KAIST Syssec Overview Physical Security Blockchain and Cryptocurrency Self-Driving Car: Hyundai, KAIST Samsung: Blockchain ApplicaDon This aint your, Usenix WOOT

slide-1
SLIDE 1

Korea vs USA Security Research

  • Case Study: Cellular Network -

Yongdae Kim KAIST Syssec

slide-2
SLIDE 2

Self-Driving Car: Hyundai, KAIST Drone: Government, Korean Power, … GyrosFinger: FingerprinDng Drones for… TOPS 2018 Illusion and Dazzle: Adversarial OpDcal … CHES 2017 Sampling Race: Bypassing… Usenix WOOT 2016 Rocking Drones with IntenDonal Sound… Usenix Sec 2015 Ghost Talk … Oakland 2013

Overview

2

Industry: Samsung, SKT, Korean Power, Line, … Government: NSR, KRF, MSIT Enabling AutomaDc Protocol…, ACM CoNEXT 2016 Pikit: A New Kernel…, Usenix Sec 2016 Taking Routers Off Their Meds, NDSS 2013

Embedded/OS/Web Security

Industry: SKT (USIM, Core Network, …), Samsung Government: MSIT, KISA, NSR Peeking over the Cellular Walled Gardens… TMC 2018 GUTI ReallocaDon DemysDfied… NDSS 2018 When Cellular Networks Met IPv6… EuroS&P 2017 Breaking and fixing volte… ACM CCS 2015 Gaining Control of Cellular… NDSS 2014 LocaDon leaks on the GSM… NDSS 2012

Cellular/Mobile Security Physical Security

This ain’t your…, Usenix WOOT 2016 DissecDng Custom…, ACM WiSec 2016 Rocking Drones… Usenix Sec 2015 Ghost talk: miDgaDng EMI, S&P 2013 Samsung: Blockchain ApplicaDon KAIST: Blockchain Seed Funding BOSCoin: Blockchain vulnerability Analysis Fickle Mining and other papers… In submission Be Selfish and Avoid Dilemmas … ACM CCS 2017 Doppelganger in Bitcoin… WISA 2016

Blockchain and Cryptocurrency

slide-3
SLIDE 3

Korea vs US

US Korea Annual Budget USD 200 K USD 1.5 M # students 3 20 Industry Funding At least 3/year Industry RelaDon Bad Very close (small world) Teaching 1 1 Travel Almost none 3/week to Seoul (1 hour train) Call for Proposal Almost none Frequently Government Funding Beier Review (J) Terrible Review (Off-line only) ReporDng Same # of pages More pages for more funding Requirement Best Effort # papers, # patents, # of tech xfer

slide-4
SLIDE 4

4G LTE Cellular Network Overview

4

UserEquipment (phone,modem) eNodeB SGSN HeNB

IMS Internet

HSS

USIM

Signaling DataTraffic Data,Signaling S-GW P-GW PCRF Billing Domain MME

4GCoreNetwork(EPC)

  • SGSN : Service GPRS Support Node
  • HSS : Home Subscriber Server
  • MME : Mobility Management EnDty
  • S-GW : Serving Gateway
  • P-GW : PDN Gateway
  • PCRF : Policy and Charging Rule FuncDon
  • HeNB : Home eNodeB
  • EPC : Evolved Packet Core

Firewall

NAT GlobalCellular Network

slide-5
SLIDE 5

Cellular Security

v A lot of systemaDc problems from cellular industry v Standard has a lot of security problem itself. v Device vendors are making a lot of mistakes. v Cellular ISPs are making a lot of mistakes. v New generaDon deployment for every 10 years

– New system deployment for every 3-4 years.

v ISPs don’t talk to each other. They don’t respond to public scruDny either.

– Vendors don’t talk to each other.

slide-6
SLIDE 6

Fake CMAS broadcast a@ack

slide-7
SLIDE 7

v Let’s check potenEal a@ack vectors newly introduced in VoLTE

VoLTE makes cellular network more complex

7

IMS

Cell tow er Phone

4G LTE

3GPP standards Mobile OS su pport?

LTE Core

Device HW in terface ImplementaEon of LTE core AccounEng inf rastructure

4G Gatewa y

Permission Mismatch Free Data Channels No Session Manage No Auth No Encryp Don IMS Bypas sing

slide-8
SLIDE 8

QuesEons?

v Yongdae Kim

– email: yongdaek@kaist.ac.kr – Home: http://syssec.kaist.ac.kr/~yongdaek – Facebook: https://www.facebook.com/y0ngdaek – Twitter: https://twitter.com/yongdaek – Google “Yongdae Kim”

8