Presentation Material
Abstract
It is said that 80% of the world’s population now has a mobile phone. They use mobile devices to make calls, send SMS messages, and to access the Internet via the cellular network infrastructure. End-users carrying mobile phones 24 hours trust cellular network operators and believe that the provided mobile communication link is secure.
However, on the other hand, mobile operators, device manufacturers, OS providers, and baseband suppliers do little to provide best security and privacy features to them. In particular, security capabilities of mobile communications are not shown to the end-users. Hence, it is easy for malicious attackers to mount subsequent attacks using IMSI catcher equipments. Further some hidden features, for example ‘silent SMS’, are supported in currently used mobile telephony systems but not notified to the end-users when in use. Attackers or illegitimate agencies exploit this weakness to track user movements regularly without the user’s consent.
In this talk, we address these long-standing issues by developing a low-cost, easy-to-use privacy framework based on Android OS. We demonstrate our effort to build an ideal way to protect user privacy. A live demo of framework detecting hidden (in ) security features of mobile communication system will be provided.
AI Generated Summarymay contain errors
Here is a summary of the content:
The speaker is discussing a mobile phone tracking system that uses a combination of identities, including TIMC (Temporary International Mobile Subscriber Identity) and MCC (Mobile Country Code), to locate a mobile phone user. The system works by sending silent SMS messages to a target phone number, which triggers the phone to respond with its TIMC and MCC. By analyzing these responses, the system can determine the location of the target phone.
The speaker demonstrates a tool that can capture and analyze these identities, showing how it can be used to track a mobile phone user’s location. The tool can also collect data on different base stations and operators, which can be used to build more accurate profiles for MC detection.
The speaker notes that there are legal limitations to demonstrating this technology, as it is not allowed to intercept someone’s MCC and TIMC in the United States. However, they plan to release the source code and app for public use, with the goal of collecting anonymous data on different base stations and operators to improve the system’s accuracy.
The tool currently only works on Intel-based chips and supports two devices, with the Samsung S3 providing the best support due to its efficient battery performance. The speaker also mentions that they will provide a data upload functionality for users to share their data and contribute to building a more comprehensive database of base stations and operators.