(U)SimMonitor: A mobile application for security evaluation of cellular networks. Issue 60 (July 2016)
- Record Type:
- Journal Article
- Title:
- (U)SimMonitor: A mobile application for security evaluation of cellular networks. Issue 60 (July 2016)
- Main Title:
- (U)SimMonitor: A mobile application for security evaluation of cellular networks
- Authors:
- Xenakis, Christos
Ntantogian, Christoforos
Panos, Orestis - Abstract:
- Abstract: The lack of precise directives in 3GPP specifications allows mobile operators to configure and deploy security mechanisms at their sole discretion. This may lead to the adoption of bad security practices and insecure configurations. Based on this observation, this paper presents the design and implementation of a novel mobile application named (U)SimMonitor that captures and analyzes the security policy that a cellular operator enforces, i.e., the invocation and employment of the specified security measures to protect its users. (U)SimMonitor achieves this by executing AT commands to extract network related parameters including encryption keys, identities, and location of users. Using (U)SimMonitor as our basic analysis tool, we have conducted a set of experiments for three mobile operators in Greece in a time period of 9 months. The obtained results allow us to quantify, compare and evaluate their applied security as well as pinpoint a set of generic critical observations. Numerical results and security measurements show that mobile networks have poor security configurations and practices, exposing subscribers to several attacks.
- Is Part Of:
- Computers & security. Issue 60(2016)
- Journal:
- Computers & security
- Issue:
- Issue 60(2016)
- Issue Display:
- Volume 60, Issue 60 (2016)
- Year:
- 2016
- Volume:
- 60
- Issue:
- 60
- Issue Sort Value:
- 2016-0060-0060-0000
- Page Start:
- 62
- Page End:
- 78
- Publication Date:
- 2016-07
- Subjects:
- Cellular networks -- Mobile application -- Android -- AT commands -- Security measurements
Computer security -- Periodicals
Electronic data processing departments -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/science/journal/01674048 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.cose.2016.03.005 ↗
- Languages:
- English
- ISSNs:
- 0167-4048
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.781000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 253.xml