January 10, 2007January 10, 2007 11
ECET 581/CPET/ECET 499ECET 581/CPET/ECET 499 Mobile Computing Technologies & AppsMobile Computing Technologies & Apps
Mobile and Wireless SecurityMobile and Wireless Security
1 of 21 of 2
Paul I-Hai Lin, Professor Paul I-Hai Lin, Professor Electrical and Computer Engineering TechnologyElectrical and Computer Engineering Technology
Indiana University-Purdue University Fort WayneIndiana University-Purdue University Fort Wayne
January 10, 2007January 10, 2007 22
Mobile and Wireless SecurityMobile and Wireless Security Various Security RisksVarious Security Risks Traditional Security IssuesTraditional Security Issues Mobile and Wireless Security Issues Mobile and Wireless Security Issues Problems in Ad Hoc NetworksProblems in Ad Hoc Networks Additional Issues: CommerceAdditional Issues: Commerce Additional Types of AttacksAdditional Types of Attacks
January 10, 2007January 10, 2007 33
Various Security RisksVarious Security Risks Various Security RisksVarious Security Risks
• Physical SecurityPhysical Security• Communications SecurityCommunications Security• Emission Security (Electronic Signals)Emission Security (Electronic Signals)• Computer SecurityComputer Security• Network SecurityNetwork Security• Information SecurityInformation Security
January 10, 2007January 10, 2007 44
Traditional Security IssuesTraditional Security Issues IntegrityIntegrity ConfidentialityConfidentiality NonrepudiationNonrepudiation AvailabilityAvailability
January 10, 2007January 10, 2007 55
Traditional Security Issues Traditional Security Issues (cont.)(cont.)
IntegrityIntegrity• System Integrity: perform its intended functions in an System Integrity: perform its intended functions in an
unimpaired manner, free from deliberate or unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the systeminadvertent unauthorized manipulation of the system
• Data Integrity: the receiver of the data can verify that Data Integrity: the receiver of the data can verify that the data have not been modified; in addition, no one the data have not been modified; in addition, no one should be able to substitute fake datashould be able to substitute fake data
• Integrity of Files and Information in transmissionIntegrity of Files and Information in transmission ConfidentialityConfidentiality
• Only intended recipient (s) can read the provided dataOnly intended recipient (s) can read the provided data• Confidentiality of Files and Information in transmissionConfidentiality of Files and Information in transmission• Traffic flow confidentiality Traffic flow confidentiality
January 10, 2007January 10, 2007 66
Traditional Security Issues Traditional Security Issues (cont.)(cont.)
NonrepudiationNonrepudiation• The sender should not be able to falsely deny The sender should not be able to falsely deny
(i.e. repudiate) sending data(i.e. repudiate) sending data• ExamplesExamples
AvailabilityAvailability• A third party with no access should not be A third party with no access should not be
able to block legitimate parties from using a able to block legitimate parties from using a resourceresource
• Denial-of-Service Attacks (DoS)Denial-of-Service Attacks (DoS)
January 10, 2007January 10, 2007 77
Types of AttacksTypes of Attacks Access AttacksAccess Attacks Modification AttacksModification Attacks Denial-of-Service Attacks (DoS)Denial-of-Service Attacks (DoS) Repudiation AttacksRepudiation Attacks
January 10, 2007January 10, 2007 88
Types of Attacks Types of Attacks (cont.)(cont.)
Access AttacksAccess Attacks• Snooping (looking through)Snooping (looking through)• Eavesdropping (listens)Eavesdropping (listens)• Interception (active)Interception (active)
Modification AttacksModification Attacks• ChangesChanges• InsertionInsertion• DeletionDeletion
January 10, 2007January 10, 2007 99
Types of Attacks Types of Attacks (cont.)(cont.)
Denial-of-Service Attacks (DoS)Denial-of-Service Attacks (DoS)• Denial of access to informationDenial of access to information• Denial of access to applicationsDenial of access to applications• Denial of access to systemsDenial of access to systems• Denial of access to communicationsDenial of access to communications
Repudiation AttacksRepudiation Attacks• MasqueradingMasquerading• Denying an eventDenying an event
January 10, 2007January 10, 2007 1010
DoS Attacks - InformationDoS Attacks - Information The Computer Emergency Response The Computer Emergency Response
Team Coordination Center (CERT/CC) Team Coordination Center (CERT/CC) www.cert.org/advisories/www.cert.org/advisories/, , Denial of Services: Denial of Services: http://www.cert.org/tech_tips/denial_of_service.hhttp://www.cert.org/tech_tips/denial_of_service.htmltml
SecurityFocus’s bugtraq, SecurityFocus’s bugtraq, http://www.securityfocus.com/archive/1http://www.securityfocus.com/archive/1
SecuriTeam, SecuriTeam, http://www.securiteam.com/ http://www.securiteam.com/
January 10, 2007January 10, 2007 1111
DoS AttacksDoS Attacks Syn_flood, Syn_flood, http://www.cert.org/advisories/CA-1996-http://www.cert.org/advisories/CA-1996-
21.html21.html
• TCP SYNC Flooding and IP Spoofing AttacksTCP SYNC Flooding and IP Spoofing Attacks Smurf, Smurf, http://www.cert.org/advisories/CA-1998-01.html http://www.cert.org/advisories/CA-1998-01.html
• Smurf IP Denial-of-Service AttacksSmurf IP Denial-of-Service Attacks
Ping_of_death, Ping_of_death, http://www.cert.org/advisories/CA-http://www.cert.org/advisories/CA-1996-26.html1996-26.html
• Denial-of-Service via pingDenial-of-Service via ping Teardrop, Teardrop, http://www.cert.org/advisories/CA-1997-http://www.cert.org/advisories/CA-1997-
28.html 28.html
January 10, 2007January 10, 2007 1212
Distributed DoS AttacksDistributed DoS Attacks Distributed Denial of Service (DDos) Distributed Denial of Service (DDos)
Attacks/Tools, Attacks/Tools, http://staff.washington.edu/dittrich/misc/ddos/ http://staff.washington.edu/dittrich/misc/ddos/
““mstream” Distributed DoS,mstream” Distributed DoS, http://www.cert.org/incident_notes/IN-2000-05.html http://www.cert.org/incident_notes/IN-2000-05.html
Distributed DOS attack software,Distributed DOS attack software, http://www.tenebril.com/src/spyware/distributed-dos-http://www.tenebril.com/src/spyware/distributed-dos-attack-software.phpattack-software.php
January 10, 2007January 10, 2007 1313
Mobile and Wireless SecurityMobile and Wireless Security Physical SecurityPhysical Security Information SecurityInformation Security
• EmailEmail• Contact databaseContact database• Price listsPrice lists• Personal Information ManagerPersonal Information Manager• Business plan, documentsBusiness plan, documents
January 10, 2007January 10, 2007 1414
Mobile and Wireless Security IssuesMobile and Wireless Security Issues Physical SecurityPhysical Security
• Detectability Detectability RF signalRF signal Changing frequenciesChanging frequencies Use very directional antennaUse very directional antenna Use minimal powerUse minimal power
• Resource Depletion/Exhaustion attack Resource Depletion/Exhaustion attack Shortens the lifespan of the battery, consumes all Shortens the lifespan of the battery, consumes all
the power in a batterythe power in a battery In Ad Hoc networks – attacks cause key routing In Ad Hoc networks – attacks cause key routing
nodes to fail, and leaving parts of the network nodes to fail, and leaving parts of the network unreachableunreachable
January 10, 2007January 10, 2007 1515
Mobile and Wireless Security Issues Mobile and Wireless Security Issues (cont.)(cont.)
Physical Intercept ProblemsPhysical Intercept Problems• Wireless/broadcastWireless/broadcast• Mitigation: Mitigation:
Directional antennaDirectional antenna Low-power transmissionsLow-power transmissions Frequency-hopping/spread spectrum technologyFrequency-hopping/spread spectrum technology Encryption techniques at higher layers Encryption techniques at higher layers
January 10, 2007January 10, 2007 1616
Mobile and Wireless Security Issues Mobile and Wireless Security Issues (cont.)(cont.)
Theft of DevicesTheft of Devices War DrivingWar Driving
• Wireless card running some detection softwareWireless card running some detection software• GPSGPS• Driving around: detect the presence of wireless Driving around: detect the presence of wireless
networks, and GPS gives the location for later networks, and GPS gives the location for later referencereference
References (detection software):References (detection software):• http://www.netstumbler.com/http://www.netstumbler.com/• http://www.kismetwireless.net/ http://www.kismetwireless.net/ • http://www.wardriving.com/ http://www.wardriving.com/
January 10, 2007January 10, 2007 1717
Mobile and Wireless Security Issues Mobile and Wireless Security Issues (cont.)(cont.)
War WalkingWar Walking• Lightweight computer: PDA PocketPC, laptopLightweight computer: PDA PocketPC, laptop• Walking aroundWalking around
War Chalking (symbols)War Chalking (symbols)• Open networkOpen network• Closed networksClosed networks• WEP (Wired Equivalent Privacy) password protected WEP (Wired Equivalent Privacy) password protected
networknetwork
January 10, 2007January 10, 2007 1818
Problems in Ad Hoc NetworksProblems in Ad Hoc Networks Problems in Ad Hoc NetworksProblems in Ad Hoc Networks
• Data pass through several other Ad Hoc networksData pass through several other Ad Hoc networks• Man in the middle attack to copy or corrupt data in Man in the middle attack to copy or corrupt data in
transittransit Routing (risks)Routing (risks)
• SpoofingSpoofing ARP Spoofing: request an address and pass data to ARP Spoofing: request an address and pass data to
impersonatorimpersonator
• ARP cache poisoning: actively corrupt data as it pass ARP cache poisoning: actively corrupt data as it pass throughthrough
• Resource-exhaustion attackResource-exhaustion attack
January 10, 2007January 10, 2007 1919
Problems in Ad Hoc NetworksProblems in Ad Hoc Networks Key managementKey management
• EncryptionEncryption• AuthenticationAuthentication• Creating, sharing, storing, encryption keysCreating, sharing, storing, encryption keys
Public key encryptionPublic key encryption Private key encryptionPrivate key encryption Prekeying: not practical Prekeying: not practical
January 10, 2007January 10, 2007 2020
Problems in Ad Hoc NetworksProblems in Ad Hoc Networks ReconfiguringReconfiguring
• Dynamic nature Dynamic nature • Topology changes over timeTopology changes over time• Route may no longer workRoute may no longer work
Hostile EnvironmentHostile Environment• Unsecured physical locations (coffee shops, Unsecured physical locations (coffee shops,
airports, etc)airports, etc)• Ad Hoc networks of soldiersAd Hoc networks of soldiers
January 10, 2007January 10, 2007 2121
Additional Issues: CommerceAdditional Issues: Commerce LiabilityLiability Fear, uncertainty, and doubtFear, uncertainty, and doubt FraudFraud Big bucks at stakeBig bucks at stake
January 10, 2007January 10, 2007 2222
Additional Issues: CommerceAdditional Issues: Commerce LiabilityLiability Fear, uncertainty, and doubtFear, uncertainty, and doubt FraudFraud Big bucks at stakeBig bucks at stake
January 10, 2007January 10, 2007 2323
Additional Types of AttacksAdditional Types of Attacks ““Man in the Middle” AttacksMan in the Middle” Attacks Traffic AnalysisTraffic Analysis Reply AttacksReply Attacks
• Reusing data in a packet observed by a malicious Reusing data in a packet observed by a malicious nodenode
Buffer-Overflow AttacksBuffer-Overflow Attacks• Extra data cause the program to execute different Extra data cause the program to execute different
code by changing variables values, program flow, or code by changing variables values, program flow, or similarsimilar