Abstract

"Exploiting Open Functionality in SMS-Capable Cellular Networks"
Patrick Traynor, October 12, 2006

Abstract:
Cellular networks are a critical component of the economic and social infrastructures in which we live. In addition to voice services, these networks deliver alphanumeric text messages to the vast majority of wireless subscribers. To encourage the expansion of this new service, telecommunications companies offer connections between their networks and the Internet. The ramifications of such connections, however, have not been fully recognized. In this paper, we evaluate the security impact of the SMS interface on the availability of the cellular phone network. Specifically, we demonstrate the ability to deny voice service to cities the size of Washington D.C. and Manhattan with little more than a cable modem. Moreover, attacks targeting the entire United States are feasible with resources available to medium-sized zombie networks. This analysis begins with an exploration of the structure of cellular networks. We then characterize network behavior and explore a number of reconnaissance techniques aimed at effectively targeting attacks on these systems. We conclude by discussing countermeasures that mitigate or eliminate the threats introduced by these attacks.

This talk is a combination of the following papers:
Exploiting Open Functionality in SMS-Capable Cellular Networks (CCS '05)
Mitigating Attacks on Open Functionality in SMS-Capable Cellular Networks (MobiCom '06)

Biography:
Patrick Traynor is a PhD candidate in the Department of Computer Science and Engineering at the Pennsylvania State University. Prior to entering the PhD program, Patrick earned a BS in Computer Science from the University of Richmond (2002) and an MS in Computer Science and Engineering from the Pennsylvania State University (2004). His research, co-advised by Drs. Patrick McDaniel and Thomas La Porta, focuses on the security of telecommunications networks attached to the Internet. In addition to authoring a number of scholarly articles, Patrick has also served as a program committee member for a number of conferences and workshops.