![Page 1: Korea’s Wireless Internet and its New Threats](https://reader036.vdocuments.us/reader036/viewer/2022062423/568146b3550346895db3cf14/html5/thumbnails/1.jpg)
Ahnlab.com
Korea’s Wireless Internet
and its New Threats
Richard Rhee, AhnLab, Inc.
![Page 2: Korea’s Wireless Internet and its New Threats](https://reader036.vdocuments.us/reader036/viewer/2022062423/568146b3550346895db3cf14/html5/thumbnails/2.jpg)
2
Contents
What is the wireless internet ?
The cellular phone is no longer just a telephone.
How to navigate
What is the mobile platform ?
How does it use ?
The threat nears, and many more…
What are your plans against new threats?
![Page 3: Korea’s Wireless Internet and its New Threats](https://reader036.vdocuments.us/reader036/viewer/2022062423/568146b3550346895db3cf14/html5/thumbnails/3.jpg)
3
What is the wireless internet ?Introduction
The environment and technology offering the mobile terminal to get access to information through wireless network.
New services enabling cellular phones and handheld devices access to the internet through wireless network
Specialization
Ubiquity
Accessibility
Security
Convenience
Mobility
Localization
Personality
Customization
![Page 4: Korea’s Wireless Internet and its New Threats](https://reader036.vdocuments.us/reader036/viewer/2022062423/568146b3550346895db3cf14/html5/thumbnails/4.jpg)
4
What is the wireless internet ?CDMA 2000 1x Packet Data Network Component
Mobile Terminal
BTS ( Base Transceiver Station )
BSC ( Base Station Controller )
PDSN ( Packet Data Switching Node )
MSC / VLR / HLR
IWF ( Inter-Working Function )
AAA Server ( Authentication Authorization Accounting )
HA ( Home Agent )
Gateway
![Page 5: Korea’s Wireless Internet and its New Threats](https://reader036.vdocuments.us/reader036/viewer/2022062423/568146b3550346895db3cf14/html5/thumbnails/5.jpg)
5
What is the wireless internet ?CDMA 2000 1x Packet Data Network Architecture
![Page 6: Korea’s Wireless Internet and its New Threats](https://reader036.vdocuments.us/reader036/viewer/2022062423/568146b3550346895db3cf14/html5/thumbnails/6.jpg)
6
What is the wireless internet ?WIBRO is the next wireless network. ( 1 )
Specification 2.3 GHz / 1Mbps Always connected Will be serviced in 2006. IP - Based
Components PSS ( Portable Subscriber Station )
Wireless connection IP based connection
RAS ( Radio Access Station )Resource management & control Hand-off support
QoS ACR ( Access Control Router )
IP Routing IP Multicast Billing information
Authentication / Security model
![Page 7: Korea’s Wireless Internet and its New Threats](https://reader036.vdocuments.us/reader036/viewer/2022062423/568146b3550346895db3cf14/html5/thumbnails/7.jpg)
7
What is the wireless internet ?WIBRO is the next wireless network. ( 2 )
![Page 8: Korea’s Wireless Internet and its New Threats](https://reader036.vdocuments.us/reader036/viewer/2022062423/568146b3550346895db3cf14/html5/thumbnails/8.jpg)
8
The cellular phone is no longer just a telephone.
Telephone Digital Entertainment
MP3 PlayerMovie Player
PIM Data Contacts Calendar
WAP Browsing / Web Browsing File Storage / Exchange And more…
![Page 9: Korea’s Wireless Internet and its New Threats](https://reader036.vdocuments.us/reader036/viewer/2022062423/568146b3550346895db3cf14/html5/thumbnails/9.jpg)
9
How to Navigate : WAP Browser 2.0
WML 1.x, WML 2, xHTML, HTML
WML script
HTTP 1.1 full specification, HTTP 1.1 Cache
OMA Download
SSL 3.0 / TLS 1.0
BMP, WBMP, (animated) GIF, SIS
Pictogram
WAP Push
ARM7, 700 ~ 800 kb
![Page 10: Korea’s Wireless Internet and its New Threats](https://reader036.vdocuments.us/reader036/viewer/2022062423/568146b3550346895db3cf14/html5/thumbnails/10.jpg)
10
What is the Mobile Platform ?Introduction
REX is only a scheduler for mobile terminal.
The market wants a strong functionality.
Common Functionality Terminal H/W and Platform independent
File system support
2D & 3D graphic support
Socket based Network communication
Serial communication
Interoperability with SIS, VOD and Camera
Voice call , SMS, Browser call
Terminal Data Access
Content development kit
![Page 11: Korea’s Wireless Internet and its New Threats](https://reader036.vdocuments.us/reader036/viewer/2022062423/568146b3550346895db3cf14/html5/thumbnails/11.jpg)
11
What is the Mobile PlatformGNEX
GNEX is a content downloader and player.GNEX SDK
GNEX Player
GNEX Architecture GNEX Virtual Machine
GNEX Kernel
GNEX Event Handler
MIDD ( Mobile Interface Device Driver )
![Page 12: Korea’s Wireless Internet and its New Threats](https://reader036.vdocuments.us/reader036/viewer/2022062423/568146b3550346895db3cf14/html5/thumbnails/12.jpg)
12
What is the Mobile PlatformXVM based on J2ME
Clean room implementation of J2ME
Components
XVM
M-Configuration
M-Profile
Telecom Service APIs
Application manager
Supports Garbage Collector
![Page 13: Korea’s Wireless Internet and its New Threats](https://reader036.vdocuments.us/reader036/viewer/2022062423/568146b3550346895db3cf14/html5/thumbnails/13.jpg)
13
What is the Mobile PlatformBREW ( Binary Run-time Environment in Wireless )
Residing on top of the chip system software, BREW provides wireless application with access to a suite of highly integrated chipset functions.
Supports language beyond native C/C++, including Java, XML and Flash
BDS ( BREW Distribution System )
![Page 14: Korea’s Wireless Internet and its New Threats](https://reader036.vdocuments.us/reader036/viewer/2022062423/568146b3550346895db3cf14/html5/thumbnails/14.jpg)
14
What is the Mobile PlatformWIPI 2.0 ( 1 )
Needs the Standard platform
![Page 15: Korea’s Wireless Internet and its New Threats](https://reader036.vdocuments.us/reader036/viewer/2022062423/568146b3550346895db3cf14/html5/thumbnails/15.jpg)
15
What is the Mobile PlatformWIPI 2.0 ( 2 )
Structure
Application Manager
Basic APIs
Dynamic components
Run-Time engine
HAL ( Hardware adaptation Layer )
![Page 16: Korea’s Wireless Internet and its New Threats](https://reader036.vdocuments.us/reader036/viewer/2022062423/568146b3550346895db3cf14/html5/thumbnails/16.jpg)
16
What is the Mobile PlatformWIPI 2.0 ( 3 )
Functionality
Supports C/C++, JavaTM
Execute the binary code through COD server
Stable APIs
API Access control : 3 Level
Data Access control : 3 Level
Memory management
Compaction & Garbage collection
Shared memory management
Supports Unicode and Locale
Dynamic APIs and Components
Application management
![Page 17: Korea’s Wireless Internet and its New Threats](https://reader036.vdocuments.us/reader036/viewer/2022062423/568146b3550346895db3cf14/html5/thumbnails/17.jpg)
17
What is the Mobile PlatformWIPI 2.0 ( 4 )
API Overview
![Page 18: Korea’s Wireless Internet and its New Threats](https://reader036.vdocuments.us/reader036/viewer/2022062423/568146b3550346895db3cf14/html5/thumbnails/18.jpg)
18
What is the Mobile PlatformWIPI 2.0 ( 5 )
Security Model
Access Security
System Level
CP ( Content Provider ) Level
Public Level
APIs Security
Data Security
Private directory
Application shared directory
System shared directory
![Page 19: Korea’s Wireless Internet and its New Threats](https://reader036.vdocuments.us/reader036/viewer/2022062423/568146b3550346895db3cf14/html5/thumbnails/19.jpg)
19
What is the Mobile PlatformWIPI 2.0 ( 6 )
Service Architecture
![Page 20: Korea’s Wireless Internet and its New Threats](https://reader036.vdocuments.us/reader036/viewer/2022062423/568146b3550346895db3cf14/html5/thumbnails/20.jpg)
20
Mobile Transaction
Payments
Banking
Stock Exchange
Mobile office
SFA ( Sales Force Automation )
School Affair Management
Distribution Support
Customer Support
And many, many more…
How do it use ? In business
![Page 21: Korea’s Wireless Internet and its New Threats](https://reader036.vdocuments.us/reader036/viewer/2022062423/568146b3550346895db3cf14/html5/thumbnails/21.jpg)
21
Hacking Mp3 files
mp3 file download & playback : Limited to 3 days of play-back (SK Telecom, KTF)
☞ "UnlimitedSMP.exe“, an illegal program disabling (hacking) 3-day limit of the mp3 file playback
Cloning
Phone Cloning : The most severe attack to the cellular systems through the air
☞ Cellular phones can be easily cloned using ESN (Electronic Serial Number) and MIN (Mobile Identification Number). These numbers are exposed to everyday life, and with equipments pricing from $700 ~ $2000, numbers can easily be obtained.
The threat nears, and many moreThe case (1)
![Page 22: Korea’s Wireless Internet and its New Threats](https://reader036.vdocuments.us/reader036/viewer/2022062423/568146b3550346895db3cf14/html5/thumbnails/22.jpg)
22
Mobile spam More than 30 million subscribers : High rate of mobile handset spam mails
Many users exchange short messages through their high-powered handsets every day, offering spammers something to exploit.
Virus writer group Cabir : Network worm targeting phones running on Symbian
WinCE4.Dust : First known WinCE virus on ARM-based devices
☞29A : International group connected by a common interest in computer security, especially in self-replicating code.
The threat nears, and many moreThe case (2)
![Page 23: Korea’s Wireless Internet and its New Threats](https://reader036.vdocuments.us/reader036/viewer/2022062423/568146b3550346895db3cf14/html5/thumbnails/23.jpg)
23
WIPI : Standard wireless platform in Korea
The Ministry of Information and Communication (MIC) said that the government will oblige the Wireless Internet Platform for Interoperability (WIPI) to new cell phone models from next year.
The Korean government can mandate the open-source WIPI as a standard while mobile carriers are also allowed to support other specifications on top of the compulsory WIPI platform.
Harmful content for children
Disabling the bell sound for digital camera phone.
WIPI Open Source
Opened wireless network
The threat nears, and many moreThe case (3)
![Page 24: Korea’s Wireless Internet and its New Threats](https://reader036.vdocuments.us/reader036/viewer/2022062423/568146b3550346895db3cf14/html5/thumbnails/24.jpg)
24
Attacking EFS
Malicious Contents
Rebooting the Cellular Phone
Hacking Private Information
Unwanted Bill
Mobile Adwares
The threat nears, and many moreThe potential threat
![Page 25: Korea’s Wireless Internet and its New Threats](https://reader036.vdocuments.us/reader036/viewer/2022062423/568146b3550346895db3cf14/html5/thumbnails/25.jpg)
25
Anti-virus and Anti-spam for the cellular phone
WPKI based Authentication
Mobile VPN
Applied TLS / SSL
Protected IWF / Gateway for using Firewall / IDS
Harmful traffic prevention
What are your plans against new threats?
![Page 26: Korea’s Wireless Internet and its New Threats](https://reader036.vdocuments.us/reader036/viewer/2022062423/568146b3550346895db3cf14/html5/thumbnails/26.jpg)
26
http://www.xce.co.kr
http://www.genx.co.kr
http://www.brew.com
http://www.kisa.or.kr
http://www.infraware.co.kr
http://www.kwisforum.org
http://www.koreaharald.co.kr
Telecom’s IP Packet Core IP Packet Core Network Network Overview – SK Telecom
kwisf WIPI 1.2 specification
Attacks on celluar phone - Hai-Ping Ko
휴대인터넷 서비스 및 네트워크 – 강충구 모바일 비즈니스 개념 정의 – 이재원
References