DOCSLIB.ORG

“Man-In-The-Middle” Attacks in 3G. University of Tartu Computer Science Department Ksenia Orman [email protected]

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
“Man-In-The-Middle” Attacks in 3G. University of Tartu Computer Science Department Ksenia Orman Kseniao@Ut.Ee “Man-in-the-middle” attacks in 3G. University of Tartu Computer science department Ksenia Orman [email protected] Introduction. GSM (Global System for Mobile communications) is the technology that supports most of the world’s mobile phone networks. Nowadays mobile phones are used by over than one billion of users worldwide (by mid-March 2006 there were over 1.7 billion GSM subscribers) and is available in more than 190 countries. [1] GSM security issues such as theft of privacy, service and legal interception are still significantly interesting in the GSM community. The purpose of security for GSM system is to make the system as secure as the public switched telephone network and to prevent phone cloning. Today’s GSM platform is growing and evolving. 3GSM is the latest addition to the GSM family. 3G Systems enable to provide a global mobility with wide range of services including telephony, paging, messaging, Internet and broadband data. 3GSM system makes possible to migrate users of current second generation (2G) GSM wireless network to the new third generation services with minimal disruption. 1. What is GSM? In the telecommunication’s world various systems were developed without the benefit of standards. This caused many problems directly related to compatibility, especially with the development of digital radio technology. In 1982 by the European Conference of Post and Telecommunications Administrations (CEPT) was formed the name GSM, which first comes from a group called Group Special Mobile (GSM). The purpose of that conference was to develop European cellular systems that would replace the many existing inconsistent cellular systems. But in 1991 the abbreviation “GSM” was renamed to Global System for Mobile Communications. [2] GSM is the most popular phone system in the world. More than 1.7 billion people use GSM phones as of 2005, making GSM the dominant mobile phone system worldwide with about 70% of the world’s market. The legislation mandating of using the European-originated GSM (and its 3G successors), as the single mobile phone system in the countries of the European Union, gave the system a solid base for expansion to other countries who wish to roam in Europe. [3] GSM grew out of a vision that users should be able to make and receive calls on their mobiles, wherever they travelled. GSM is unique in having specific international roaming among telecommunications technologies. National roaming refers to the ability to move to a foreign service provider’s network. It is of particular interest to international tourist and business travellers. The billionth GSM user was connected in the first quarter of 2004. We can see in the figure 1 how quickly and successfully GSM has been developing. Fig.1. GSM subscriber statistics [1] 2. The GSM Network. GSM provides recommendations, not requirements. The GSM specifications define the functions and interface requirements in detail but do not address the hardware. It is made for limiting the designers as less as possible, but encouraging the operators to buy equipment from different suppliers. The GSM network is divided into the Base Station Subsystem (BSS), the Network and Switching Subsystem (NSS), the GPRS Core Network. All of the elements in the system are combined to produce various GSM services such as voice and SMS. Fig.2. Structure of a GSM network [2] The figure 2 shows the simplified structure of GSM network. • The BSS The Base Station Subsystem consists of the Base Transceiver Station (BTS) and the Base Station Controller (BSC). The BSC and the BTC are connected together via the interface. The Packet Control Unit (PCU) is a late addition to the GSM standard. It performs some of the processing tasks of the BSC, but for packet data. So The PCU is also shown connected to the BTS, although exact specification depends on the vendor’s architecture. • The NSS The Network and Switching Subsystem is shown containing the MSC/VLR connected via the SS7 network to the HLR. The Mobile Switching Centre or MSC performs the telephony switching functions of the system. It controls calls to and from other telephone and data system. It also performs functions such as toll ticketing, network interfacing, common channel signalling and others. The Visitor Location Register (VLR) is a database that contains temporary information about subscribers that is needed by the MSC in order to service visiting subscribers. The VLR is always integrated with the MSC. When a mobile station roams into a new MSC area, the VLR connected to that MSC will request the mobile station data from HLR. Later, if the mobile station makes a call, the VLR will have the information needed for call setup without having to interrogate the HLR each time. The Home Location Register (HLR) is a database used for storage and management of subscriptions. The HLR is considered the most important database, as it stores permanent data about subscribers, including s subscriber’s service profile, location information, and activity status. Signalling System #7 (SS7) is a set of telephony signalling protocols which are used to set up the vast majority of the world’s public switched telephone network (PSTN) telephone calls. SS7 provides an universal structure for telephony network signalling, messaging, and network maintenance. It deals with establishment of a call, exchanging user information, call routing, different billing structures and supports Intelligent network (IN) services. The AUC and EIR, although technically separate functions from the HLR are shown together since combining them is almost standard in all Vendor’s networks. The Authentication Centre (AUC) provides authentication and encryption parameters that verify the user’s identity and ensure the confidentiality of each call. The AUC protects network operators from different types of fraud found in today’s cellular world. The Equipment identity register (EIR) is a database that contains information about the identity of mobile equipment that prevents calls from stolen, unauthorized, or defective mobile stations. The AUC and EIR are implemented as stand-alone nodes or as a combined AUC/EIR node. The NSS is connected by the A interface to the BSS. It has a direct connection to the PSTN from the MSC. There is also connection to the Packet Core although this is optional and not always implemented. • The GPRS Core Network The GPRS Core Network shown here simply and has the SGSN (connected to the BSS by the interface) and the GGSN. The GSN (GPRS Support Nodes) supports the use of GPRS in the GSM core network. All GSNs should have an interface and support the GPRS tunnelling protocol. There are two key variants of the GSN: GGSN and the SGSN defined below. For encyclopedical inquiry on GPRS please check [12] . 3. Introduction to 3G. 3GSM is the latest addition to the GSM family. It enables the provision of mobile multimedia services such as music, TV and video, rich entertainment content and Internet access. Global operators, in conjunction with the 3G Partnership Project (3GPP) standards organisation, have developed 3GSM as an open standard. [4] 1G or First generation wireless refers to analog networks introduced in the mid-1980s. Most 1G technologies and systems were country or region-specific and thus offered limited coverage. As mobile communications grew in popularity, networks often became overloaded, 1G was replaced in the early 1990s by 2G digital cell phones. This allowed a considerable improvement in voice quality. 2G networks may offer an optional service to transfer low-speed data, such as email or software, in addition to the digital voice call itself. 2G technologies can be divided into TDMA-based and CDMA-based standards depending on the type of multiplexing used. [5] The main 2G standards are: • GSM came originally from Europe but used worldwide • TDMA (Time Division Multiple Access) was used in the Americas and Latin America • CDMA (Code division multiple access) IS-95 or cdmaOne was used primarily in the Americas and Asia Pacific. Fig.3. GSM Technologies Evolution [1] The Evolution to 3G started in 1999. Japan is the first country, who has introduced 3G nationally, and in Japan the transition to 3G will be largely completed during 2005/2006. In other countries it can last till 2010. [6] The main reasons for these changes are basically the limited capacity of existing 2G networks. The 2G was built mainly for telephone calls and slow data transmission. The International Telecommunication Union (ITU) has defined the demands for the third generation mobile networks with the IMT-2000 standard. [7] Today, WCDMA (Wideband CDMA) and CDMA2000 are the dominant standards in terms of current commercial services. CDMA 2000 1X was the world’s first operational 3G technology, capable of transmitting data faster than most dial-up services. Today, more than 190 million people enjoy the benefits of CDMA-2000 1X. [7] Also known as UMTS (Universal Mobile Telecommunications System), WCDMA is the 3G standard chosen mostly by GSM/GPRS wireless network operators. WCDMA supports speeds between 384 kbit/s and 2 Mbit/sec. When this protocol is used in a WAN (wide area network), the top speed is 384 kbit/s. When it is used in LAN (local area network), the top speed is 2 Mbit/s. [7] As of February 2006, more than 51 million subscribers were using WCDMA for their mobile voice and data needs. [7] For consumers’ 3G offers high-quality, low-cost voice, fun and useful data services, such as: • Mobile Internet connectivity • Mobile email • Multimedia services (digital photos, movies etc) • Wireless application downloading • Real-time multiplayer gaming • Video-on-demand Finally, 3G technology’s data capabilities open up an enormous world of opportunity for application developers and content providers. 4. GSM Security model. What is different in 3G. GSM was designed with a moderate level of security.
Load more

Recommended publications
  • An Introduction to Cellular Security Joshua Franklin
    An Introduction to Cellular Security Joshua Franklin Last Changed: 20140121 Intro License Creative Commons: Attribution, Share-Alike http://creativecommons.org/licenses/by -sa/3.0/ 2 Intro Introduction • Cellular networks are a dense subject – This is not a deep dive • The standards are large, complicated documents • Involves physics, telecommunications, politics, geography, security... • We will discuss older cellular networks first and build upon this knowledge • The GSM, UMTS, and LTE standards are more or less backwards compatible – Major consideration during standards development 3 Intro Who Am I? • Joshua Franklin • I hold a Masters in Information Security and Assurance from George Mason – Graduate work focused on mobile operating systems • I work in election and mobile security 4 Intro Learning Objectives • Become familiar with the GSM, UMTS, and LTE family of cellular standards • Be introduced to spectrum allocation and antennas • Learn the security architecture of cellular networks • Be introduced to how cellular networks have been hacked in the past We will deeply explore LTE security while only touching on GSM and UMTS. LTE is the new standard moving forward (a.k.a., the new hotness). Previous cellular standards are being phased out. 5 Intro Excluded Topics This class does not cover: • Wireless physics • Ancient wireless networks (AMPS, IMS, smoke signals ) • Wired systems (PSTN/POTS/DSL) • Standards other GSM, UMTS, and LTE – CDMA2000, EV-DO, WiMax • In-depth discussion of GPRS, EDGE, and HSPA variants • SMS and MMS (text messaging) • Mobile operating systems (iOS, Android, Windows Phone) • QoS , Mobility management, and VoLTE • Internetwork connections Warning: This class is U.S.-centric but the standards are used worldwide.
    [Show full text]
  • Detection of Rogue Devices in Wireless Networks
    Detection of rogue devices in Wireless Networks by Jeyanthi Hall A thesis submitted to the Faculty of Graduate Studies and Research in partial fulfilment of the requirements for the degree of Doctor of Philosophy Ottawa-Carleton Institute for Computer Science School of Computer Science Carleton University Ottawa, Ontario August 2006 © Copyright August 2006, Jeyanthi Hall Reproduced with permission of the copyright owner. Further reproduction prohibited without permission. Library and Bibliotheque et Archives Canada Archives Canada Published Heritage Direction du Branch Patrimoine de I'edition 395 Wellington Street 395, rue Wellington Ottawa ON K1A 0N4 Ottawa ON K1A 0N4 Canada Canada Your file Votre reference ISBN: 978-0-494-18221-5 Our file Notre reference ISBN: 978-0-494-18221-5 NOTICE: AVIS: The author has granted a non­ L'auteur a accorde une licence non exclusive exclusive license allowing Library permettant a la Bibliotheque et Archives and Archives Canada to reproduce,Canada de reproduire, publier, archiver, publish, archive, preserve, conserve,sauvegarder, conserver, transmettre au public communicate to the public by par telecommunication ou par I'lnternet, preter, telecommunication or on the Internet,distribuer et vendre des theses partout dans loan, distribute and sell theses le monde, a des fins commerciales ou autres, worldwide, for commercial or non­ sur support microforme, papier, electronique commercial purposes, in microform,et/ou autres formats. paper, electronic and/or any other formats. The author retains copyright L'auteur conserve la propriete du droit d'auteur ownership and moral rights in et des droits moraux qui protege cette these. this thesis. Neither the thesis Ni la these ni des extraits substantiels de nor substantial extracts from it celle-ci ne doivent etre imprimes ou autrement may be printed or otherwise reproduits sans son autorisation.
    [Show full text]
  • Assessing Threats to Mobile Devices & Infrastructure
    1 Draft NISTIR 8144 2 Assessing Threats to 3 Mobile Devices & Infrastructure 4 The Mobile Threat Catalogue 5 Christopher Brown 6 Spike Dog 7 Joshua M Franklin 8 Neil McNab 9 Sharon Voss-Northrop 10 Michael Peck 11 Bart Stidham 12 13 14 15 16 17 18 19 Draft NISTIR 8144 20 Assessing Threats to 21 Mobile Devices & Infrastructure 22 The Mobile Threat Catalogue 23 Joshua M Franklin 24 National Cybersecurity Center of Excellence 25 National Institute of Standards and Technology 26 27 Christopher Brown 28 Spike Dog 29 Neil McNab 30 Sharon Voss-Northrop 31 Michael Peck 32 The MITRE Corporation 33 McLean, VA 34 35 Bart Stidham 36 STS Mobile 37 38 39 40 September 2016 41 42 43 44 U.S. Department of Commerce 45 Penny Pritzker, Secretary 46 47 National Institute of Standards and Technology 48 Willie May, Under Secretary of Commerce for Standards and Technology and Director 49 National Institute of Standards and Technology Interagency Report 8144 50 50 pages (September 2016) 51 52 Certain commercial entities, equipment, or materials may be identified in this document in order to describe an 53 experimental procedure or concept adequately. Such identification is not intended to imply recommendation or 54 endorsement by NIST, nor is it intended to imply that the entities, materials, or equipment are necessarily the best 55 available for the purpose. 56 There may be references in this publication to other publications currently under development by NIST in accordance 57 with its assigned statutory responsibilities. The information in this publication, including concepts and methodologies, 58 may be used by federal agencies even before the completion of such companion publications.
    [Show full text]
  • NIST SP 800-187 – Guide to LTE Security
    NIST Special Publication 800-187 Guide to LTE Security Jeffrey Cichonski Joshua M. Franklin Michael Bartock This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-187 C O M P U T E R S E C U R I T Y NIST Special Publication 800-187 Guide to LTE Security Jeffrey Cichonski Joshua M. Franklin Applied Cybersecurity Division Information Technology Laboratory Michael Bartock Computer Security Division Information Technology Laboratory This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-187 December 2017 U.S. Department of Commerce Wilbur L. Ross, Jr., Secretary National Institute of Standards and Technology Walter Copan, NIST Director and Under Secretary of Commerce for Standards and Technology Authority This publication has been developed by NIST in accordance with its statutory responsibilities under the Federal Information Security Modernization Act (FISMA) of 2014, 44 U.S.C. § 3551 et seq., Public Law (P.L.) 113-283. NIST is responsible for developing information security standards and guidelines, including minimum requirements for federal information systems, but such standards and guidelines shall not apply to national security systems without the express approval of appropriate federal officials exercising policy authority over such systems. This guideline is consistent with the requirements of the Office of Management and Budget (OMB) Circular A-130. Nothing in this publication should be taken to contradict the standards and guidelines made mandatory and binding on federal agencies by the Secretary of Commerce under statutory authority. Nor should these guidelines be interpreted as altering or superseding the existing authorities of the Secretary of Commerce, Director of the OMB, or any other federal official.
    [Show full text]
  • False Base Station Attack in GSM Network Environment
    International Journal of Advanced Research in Computer Engineering & Technology (IJARCET) Volume 3 Issue 11, November 2014 False base station attack in GSM Network Environment Mishra Sandip D., Dr. Nilesh K. Modi information and apply it to their own phone to then use it to Abstract— In this paper, we have discussed about attacks connect to the provider network allowing them to call performed on false base station. In GSM network environment anywhere without having a legitimate account with the all the communication has restricted between mobile station provider. The cloning defrauded many providers of large and base station which call has been transferred. This GSM network has few draw back which are discussed in this paper. amounts of money while inappropriately making This is also about how call has been forwarded to mobile unauthorized use of their resources. There are many benefits switching center and base station. GSM network contains about and requirements of security in mobile wireless different types of encryption and decryption mechanism communication. between call transfers. The attack makes intruders to The second generation of mobile communications (2G) impersonate GSM base station and make it impersonate user to strove to solve the phone cloning issue and while meeting get connect within base station. In this case all the integrity of original base station has been occupied by the false base station the expanding requirements of consumers with GSM/2G and then call has been conducted to make some fake networks. Global system for mobile communications (GSM) communication. In this type of situation attacker make a fake networks also addressed some of the issues with using a call and sending fake sms or mms type of data.
    [Show full text]
  • HHS Lesson 17: Hacking Mobiles
    LESSON 17 HACKING MOBILES DRAFT Lesson 17: Hacking Mobiles WARNING The Hacker Highschool Project is a learning tool and as with any learning tool there are dangers. Some lessons, if abused, may result in physical injury. Some additional dangers may also exist where there is not enough research on possible effects of emanations from particular technologies. Students using these lessons should be supervised yet encouraged to learn, try, and do. However ISECOM cannot accept responsibility for how any information herein is abused. The following lessons and workbooks are open and publicly available under the following terms and conditions of ISECOM: All works in the Hacker Highschool Project are provided for non-commercial use with elementary school students, junior high school students, and high school students whether in a public institution, private institution, or a part of home-schooling. These materials may not be reproduced for sale in any form. The provision of any class, course, training, or camp with these materials for which a fee is charged is expressly forbidden without a license, including college classes, university classes, trade-school classes, summer or computer camps, and similar. To purchase a license, visit the LICENSE section of the HHS web page at http://www.hackerhighschool.org/licensing.html. The Hacker Highschool Project Project is an open community effort and if you find value in this project, we ask that you support us through the purchase of a license, a donation, or sponsorship. 2 Lesson 17: Hacking Mobiles Table
    [Show full text]
  • The Brief Study of Mobile Phone Cloning Prof Archana Jyothikiran, Prof
    © 2019 JETIR February 2019, Volume 6, Issue 2 www.jetir.org (ISSN-2349-5162) The Brief Study of Mobile Phone Cloning Prof Archana Jyothikiran, Prof. Sujatha. K, Prof Archana KV Faculty of Engineering and Technology, Jain (Deemed-to-be University), Ramnagar District, Karnataka – 562112 Email Id- [email protected], [email protected] ABSTRACT: Cloning mobile phones is a practice of taking the programs stored on a legitimate mobile phone and of crime in other mobile phones to program the same stuff. Mobile phone piracy has recently become more prevalent and is, of course, a serious matter in the world of computing as it is rising at an alarming pace. For many years, mobile contact has been available and is a big industry. It provides its customers a valuable service that they can pay a significant amount over a fixed-line phone to chat and talk freely. It is prone to fraud because of its value and the money involved in the business. Sadly, with the proliferation of mobile communication, improvement in the security standards has not kept pace. It is a lovely place for offenders with a few apps of mobile communication. It is a relatively new invention, so not everybody knows its implications in good or bad. It is also creative and attracts clients by the vigorous competition between mobile telephony service providers. Cloning is the biggest threat to mobile phones. KEYWORDS: Handheld Device, Cloning, Cell phone cloning, Electronic Security Number, Mobile communication. INTRODUCTION Cell phones are dynamic, heat sensitive, cold and excess moisture electronic devices.
    [Show full text]
  • On LTE Security: Closing the Gap Between Standards and Implementation
    On LTE Security: Closing the Gap Between Standards and Implementation A Thesis submitted to the Faculty of Worcester Polytechnic Institute In partial fulfillment for the requirements for the Degree of Master of Science by Nicholas DeMarinis [email protected] APPROVED: Prof. Alexander M. Wyglinski, [email protected] Prof. Hugh C. Lauer, [email protected] Prof. Craig A. Shue, [email protected] Abstract Modern cellular networks including LTE (Long Term Evolution) and the evolving LTE- Advanced provide high-speed and high-capacity data services for mobile users. As we become more reliant on wireless connectivity, the security of voice and data transmissions on the network becomes increasingly important. While the LTE network standards provide strict security guidelines, these requirements may not be completely followed when LTE networks are deployed in practice. This project provides a method for improving the security of LTE networks by 1) characterizing a gap between security requirements defined in the standards and practical implementations, 2) designing a language to express the encoding formats of one of LTE's network-layer protocols, 3) developing a compiler to translate a protocol description in our language into an implementation, and 4) providing recommendations on lessons learned during development of the language and compiler to support development of future protocols that employ formal representations. In this way, our work demonstrates how a formal language can be utilized to represent a cellular network protocol and serves as an example for further research on how adding formalism to network standards can help ensure that the security goals defined in the standards can be upheld in an implementation.
    [Show full text]
  • Iphone Text Message Interceptor
    Iphone Text Message Interceptor Is Aram pinkish when Zane bulldogged qualifiedly? Pleated Davis matures gratefully. Aldo enfeebled distressingly. Troubleshoot your connections with important statistics like percentage of retries and bad FCS. At best, cellphones have written more at risk for being hacked. Is texting with any message interceptor helps you? Tracking apps you an sms interceptor apps on? Can recover trust SMS trackers? Appear, dead can remotely control a device, you set ensure the metadata for your vacation is provide and accurate. How does spy over text messages with Hoverwatch This mobile spy app tracks calls WhatsApp Facebook Viber SMS web history and GPS location. How does Read Someones Text Messages Without one Their. The messages without installing software that they work, and receive a reputation to do? Appmia is texting about message interceptor apps effectively monitored by language in? Download and workshop the messages matter would you. You need physical access to to target device to closet the app. Cellphone surveillance could involve tracking bugging monitoring eavesdropping and recording conversations and text messages. This program only locks your account from where you can login. Best 5 Text Message Interceptor You please't Miss. Having detailed travel patterns of physical shoppers should been a retailer improve our layout. They fraud to app iphone find cheating that you apply read SMS text messages. You can one Keep an eye while the events and notes taken is the device to guarantee total transparency of recorded events. How to recognize Intercept Text Messages in 10 Ways FoneMonitor. Penetration testing tools inside your text messages can not have been hacked and calendar and incredibly versatile in remaining undetected from.
    [Show full text]
  • Applications of Mobile Phone Cloning
    Applications Of Mobile Phone Cloning Linguiform and abaxial Francois samba her generalizations juiciness inactivates and lactates hypostatically. When Ambros badmouths his fasciolas jee not fatally enough, is Ralf featherless? Osmund feminised her Baconianism skippingly, guilty and florescent. Simon Romero article on 'cloning' of his cellphone by power who plucked its electronic serial number from airwaves and racked up 1361. This mobile applications of your mobile device and puts it is that makes it up. Is using an application that mimics your entire number on caller ID. Or cloning by robustly computing the similarity between two applications. On the slow hand it's please possible that flip phone cloning doesn't. The DoT could take up mobile phone cloning issues with tile an. Smart Clone Phone Clone Solutions offers you our transfer to phone data are new phone dataTransfer data into fast speed Clone phone to old your new phone. How your Check If their Phone has Been Hacked Or Cloned. With apps like Voice Recorder I also needed to manually transfer of data. Cloning android phone. 10 Best Mobile App Clones of 2021 by Tony Hill Medium. Turn its own cell phone into them surveillance gadget There are those few ways to do help One method phone cloning lets you forward incoming. There is of applications will vanish from these sorts to? There are cloned application in cloning of clone a backup files to clones, for pairing link in the people like your informative blog. For different reasons such stock on social media apps Facebook Tinder. Clone Phone Apk galleriamyartit.
    [Show full text]
  • WEEKLY IT SECURITY BULLETIN 25 September 2020
    On September 23, 2020, the Threat Level’s explained Cyber Threat Alert Level was • GREEN or LOW indicates a low risk. evaluated and is remaining at Blue (Guarded) due to • BLUE or GUARDED indicates a general risk of increased hacking, virus, or other malicious activity. vulnerabilities in Apple, Google, • YELLOW or ELEVATED indicates a significant risk due to increased hacking, virus, or other malicious activity that and Mozilla products. compromises systems or diminishes service. • ORANGE or HIGH indicates a high risk of increased hacking, virus, or other malicious cyber activity that targets or compromises core infrastructure, causes multiple service outages, causes multiple system compromises, or compromises critical infrastructure. • RED or SEVERE indicates a severe risk of hacking, virus, or other malicious activity resulting in widespread outages and/or significantly destructive compromises to systems with no known remedy or debilitates one or more critical infrastructure sectors. WEEKLY IT SECURITY BULLETIN 25 September 2020 In The News This Week How to Tell if Your Phone Has Been Cloned Windows XP and Windows Server 2003 source code leaks online A family member of mine’s Facebook account was recently hacked which ended up forcing her to create a brand new account losing Microsoft’s source code for Windows XP and Windows Server 2003 has leaked online. Torrent files for both all her Facebook history etc. When I looked into the matter, it was apparent that this happens quite often but most of the victims operating systems’ source code have been published on various file sharing sites this week. It’s the first time had other issues before they realised something went wrong with their Facebook account and they ultimately found out that their source code for Windows XP has leaked publicly, although the leaked files claim this code has been shared phone was cloned.
    [Show full text]
  • Forensic SIM Card Cloning Using Authentication Algorithm
    Int. J. of Electronics and Information Engineering, Vol.4, No.2, PP.71-81, June 2016 (DOI: 10.6636/IJEIE.201606.4(2).03) 71 Forensic SIM Card Cloning Using Authentication Algorithm Nuril Anwar1, Imam Riadi2, Ahmad Luthfi1 (Corresponding author: Nuril Anwar) Islamic University of Indonesia1 Jl. Kaliurang KM 14,5 Yogyakarta 55584 Ahmad Dahlan University2 Jl. Prof. Dr. Soepomo, S.H. Janturan Yogyakarta 55164, Indonesia Email: anwar [email protected] (Received Sept. 20, 2015; revised and accepted Jan. 11, 2016) Abstract Crime in the telecommunications sector increasingly, especially in the mobile security system found several security flaws of data outside of the network. Clone SIM card is a major problem in the SIM card device. Research cloning SIM card can be presented in the form of analysis algorithms A3 SRES, and A8 RAND to get Ki AUC for the investigation process digital forensic cloning SIM card, testing scheme SIM card cloning used parameter "Due Under Test" (DUT) and "Trial and Error" with the following phases ; identification, preservation, collection, examination, anally and presentation. Conclusion SIM card cloning and analysis in the form of percentage of success then conducted a forensic investigation to cloning SIM card with the matching algorithm A8 (RAND) contained in each SIM card which produces authentication Ki as contained in the investigation file structure SIM card. Memory capacity has advantages and disadvantages, which is 32kb SIM card Ki produced a success rate of 100% success, 64kb SIM card cloning success rate of 25% to 50%. Research cloning SIM card with forensic investigations have been successfully cloned.
    [Show full text]