Presentation Material
Abstract
It is said that 80% of the world’s population now has a mobile phone. They use mobile devices to make call, send SMS message, to access internet via the cellular network infrastructure. End-users carrying mobile phones 24 hr trust cellular network operators and believe that provided mobile communication link is secure.
However, on the other hand, mobile operators, device manufacturers, OS providers, baseband suppliers do little to provide best security and privacy features to them. In particular, security capabilities of mobile communications are not shown to the end-users. Hence it is easy for malicious attackers to mount subsequent attacks using IMSI catcher equipments. Further some hidden features for example ‘silent SMS’, are supported in currently used mobile telephony systems but not notified to the end users when in use. Attackers or illegitimate agencies exploit this weakness to track user movements regularly without user’s consent.
In this talk, we address above long-standing issues by developing a low cost, easy-to-use privacy framework based on Android OS. We demonstrate our effort to build an ideal way to protect mobile user privacy. Live demo of framework detecting hidden (in ) security features of mobile communication system will be provided.
AI Generated Summary
The talk addresses the persistent threat of fake base stations (IMSI catchers) exploiting vulnerabilities in GSM and 3G networks, used for spam, phishing, and targeted surveillance. It critiques existing detection methods, such as commercial encrypted phones and network monitoring tools, for being costly, non-transparent, or requiring cumbersome laptop-based analysis.
The core contribution is the presentation of the “Hawk” framework, an Android application designed to transform a smartphone into a passive detection platform. The tool operates by continuously parsing baseband logs to extract security-relevant parameters from cellular transactions in real time. It monitors for indicators of interception, including the absence of encryption, irregular TMSI (Temporary Mobile Subscriber Identity) updates, silent SMS receipt, and authentication failures. Upon detecting suspicious activity, it notifies the user without altering device behavior. The framework also facilitates crowdsourced data collection, aiming to build an open, global map of mobile network security postures.
Key technical findings emphasize systemic weaknesses: the lack of mutual authentication in GSM/3G, the base station’s unilateral control over encryption and authentication settings, and the prevalence of weak, breakable cipher algorithms (e.g., A5/1). The talk notes that operators frequently neglect mandatory security practices like frequent TMSI reallocation. The tool’s current implementation is limited to Samsung Galaxy S3 and S2 devices with Intel basebands due to log accessibility constraints.
Practical takeaways include the tool’s availability as open-source software and its role in providing individual users with immediate, on-device visibility into network security anomalies. It underscores the need for standardized APIs (such as a proposed Android ciphering indicator API) to enable broader detection capabilities and highlights the fundamental architectural flaws in legacy cellular standards that continue to enable interception.