 Copyright by Sarosh Havewala, 2001 ii SECURITY CHALLENGES IN MOBILE SYSTEMS AND FUZZY LOGIC BASED RISK MODEL FOR SECURE HANDLING OF SMS MESSAGES IN CELLPHONES BY SAROSH CYRUS HAVEWALA B.Engr., University of Mumbai, 1997 THESIS Submitted in partial fulfillment of requirements for the degree of Master of Science in Computer Science in the Graduate College of the University of Illinois at Urbana-Champaign, 2001 Urbana, Illinois Abstract This study explains the authentication and encryption scheme used in GSM It explains the A3, A5 and A8 protocols used in the security mechanism in GSM It explains the different possible attacks on cellular systems, which include SIM cloning, eavesdropping, location tracking, SMS ping, SMS denial of service, authentication denial of service and SMS spam It classifies these attacks on the basis of target of the attack, type of attack, motivation and severity It points out the vulnerabilities that are exploited by attacks on cellular systems It shows that the existing security schemes not provide adequate security and that there is a need to develop new mechanisms that are better suited to the wireless environment The study also looks into how risk analysis, risk modeling and fuzzy logic can be applied to security in mobile systems It proposes a fuzzy logic based risk model to secure Short Message Service in GSM based cellular networks The proposed model uses a hybrid approach towards risk modeling The user begins use of the system with a mature and well-evolved model that has been constructed by using all the information that could be gathered at that stage However, even after the system is operational, the model continues to evolve with constant feedback from the user This approach puts the user in control and allows the model to be refined with time to better match the existing circumstances The model is simple, encourages experimentation and puts the user in an active role iii Acknowledgements I wish to thank my advisor, Prof Roy Campbell for his guidance and help throughout the Master’s program I also wish to thank Prof Dennis Mickunas for always being there whenever I needed help or advice It was a great privilege for me to be a part of the Systems Research Group (SRG) at the University of Illinois at Urbana-Champaign I am grateful to Prof Campbell for allowing me to use SRG resources even when I was not funded by SRG I sincerely thank the Department of Computer Science at the University of Illinois at Urbana-Champaign for providing me with the opportunity to work with some of the best faculty and students in the world I thank Siebel Systems and the Department of Computer Science at the University of Illinois at Urbana-Champaign for the appreciation they have shown for my work in the form of the Siebel Scholar Fellowship I shall prize this honor for life Above all, I would like to thank my parents, to whom I owe everything I have ever accomplished in my life They have been a constant source of inspiration for me and have made great sacrifices for me and I would like to say that mere words seem completely ineffectual in conveying my heartfelt sense of gratitude I would finally like to thank my relatives in India, who have constantly showered me with their affection and moral support iv Table of Contents Chapter Introduction 1.2 Short Message Service in GSM 1.3 Risk Modeling and Fuzzy Logic Chapter Explanation of Acronyms and Terms Used Chapter Security in Cellular Systems 3.1 Need for Security in Cellular Systems 3.2 Essential Features of a Security Scheme 3.3 Overview of Security Mechanism in GSM 10 1.1 Security in Mobile Systems 3.3.1 Overview of A3/A8 13 3.3.2 Overview of A5 14 17 17 4.1.1 SIM Cloning with Physical Access to SIM 18 4.1.2 Over-the-air Cloning of a SIM 19 4.1.3 Possible Damage by SIM Cloning 20 Chapter Attacks on Security in Cellular Systems 4.1 SIM Cloning 4.2 Eavesdropping 21 21 4.2.2 Direct Cryptanalysis Attack on A5 22 4.2.3 Attacking the Signaling Network 23 4.2.4 Possible Damage by Eavesdropping 23 24 4.3.1 Location Management in GSM 24 4.3.2 FCC’s E911 Initiative 25 4.3.3 Possible Damage by Location Tracking 26 4.2.1 SIM Cloning Attack 4.3 Location Tracking 4.4 SMS Ping 26 4.4.1 Possible Damage by SMS Ping 27 27 28 4.5 SMS Denial of Service 4.5.1 Possible Damage by SMS Denial of Service Attack v 4.6 Authentication Denial of Service 29 4.6.1 Possible Damage by Authentication Denial of Service Attack 30 31 4.7.1 Possible Damage by SMS Spam 32 33 4.7 SMS Spam Chapter Classification of Attacks on Cellular Systems 5.1 Classification based on Target 33 5.2 Classification based on Type of Attack 34 5.3 Classification based on Motivation 36 5.4 Classification based on Severity of Loss 36 Basic Concepts of Risk Analysis and Modeling 38 Chapter 6.1 Key Concepts 39 6.1.1 System 39 6.1.2 Threat 39 6.1.3 Asset 39 6.1.4 Vulnerability 40 6.1.5 Safeguard 40 6.1.6 Countermeasure 40 6.1.7 Risk 41 41 6.1.9 Measurement of Characteristics during Risk Analysis 41 6.1.8 Attributes of a Threat 6.2 Approaches to Risk Modeling 42 6.2.1 Incremental Approach 42 6.2.2 All-at-once Approach 43 6.2.3 Hybrid Approach 43 6.3 Problems in Evaluation of Risk 43 6.4 Basic Risk Assessment Methodology 44 46 7.1 Introduction to Fuzzy Logic 46 7.2 Basic Concepts 46 Chapter Fuzzy Logic vi 7.3 Definitions 48 7.3.1 Fuzzy Set 48 7.3.2 Empty Set 48 7.3.3 Equality 48 7.3.4 Complement 48 7.3.5 Containership 49 49 7.4.1 Intersection (AND) 50 7.4.2 Union (OR) 50 51 51 52 7.4 Operations on Fuzzy Sets 7.4.3 Negation (COMPLEMENT) 7.5 Fuzzy Sets and Risk Modeling Chapter Fuzzy Logic based Risk Model for SMS 8.1 System 52 8.2 Assets 52 8.2.1 Cellular Phone Usability 53 8.2.2 Data/Information on the Cellular Device 53 8.2.3 Right to Privacy 53 54 8.2.4 Right to Avoid Unnecessary Billing 8.3 Attacker 54 54 8.3.2 Degree of Motivation 55 8.3.3 Capabilities 57 8.3.4 Resources 59 8.4 Calculation of Risk 60 60 8.4.2 Fuzzy Sets for Risk 60 8.4.3 Countermeasures 62 8.4.4 Calculation of Risk to Cellular Phone Usability 63 65 8.3.1 Goals 8.4.1 Overview 8.4.5 Calculation of Risk to Data/Information on Cellular Device vii 8.4.6 Calculation of Risk to Right to Privacy 66 68 8.4.8 Role of the User in Configuration of the Model 69 70 70 72 78 8.4.7 Calculation of Risk to Right to Avoid Unnecessary Billing 8.5 Examples 8.5.1 SMS Message with Capability and Degree of Motivation 8.5.2 SMS Message with Capability and Degree of Motivation 2.75 under Normal Mode and Normal Billing 8.5.3 SMS Message with Capability and Degree of Motivation 2.75 under Silent Mode and Normal Billing 8.5.4 SMS Message with Capability and Degree of Motivation 2.75 under Normal Mode with the Billing Limit Exceeded Chapter Conclusions 85 92 9.1 Conclusions 92 9.2 Future Work 92 94 List of References viii List of Figures 3.1 Security Mechanism in GSM 10 3.2 COMP 128 Calculation 13 3.3 Keystream Generation 14 3.4 Frame Encryption and Decryption 15 4.1 A Cloned GSM Cellular Phone 19 4.2 Authentication Procedure in GSM 29 4.3 DoS by Spurious Authentication 30 7.1 Sample Fuzzy Set 47 7.2 Membership Function for Fuzzy Set A 49 7.3 Membership Function for Fuzzy Set B 49 7.4 Membership function for Fuzzy Set A  B 50 7.5 Membership function for Fuzzy Set A  B 50 7.6 Membership function for Fuzzy Set A 51 8.1 Membership functions for Fuzzy Sets for Degree of Motivation 56 8.2 Membership functions for Fuzzy Sets for Capability 59 8.3 Membership functions for fuzzy Sets for Risk 61 8.4 Fuzzy Set Membership of Incoming SMS Message 71 8.5 Fuzzy Set for Cumulative Risk to Cellular Phone Usability 72 8.6 Fuzzy Set Membership of Incoming SMS Message 73 8.7 Membership in Fuzzy Set ‘None’ Risk 74 8.8 Membership in Fuzzy Set ‘Very Low’ Risk 74 8.9 Fuzzy Set for Cumulative Risk to Cellular Phone Usability 75 8.10 Membership in Fuzzy Set ‘None’ Risk 76 8.11 Membership in Fuzzy Set ‘Very Low’ Risk 76 8.12 Fuzzy Set for Cumulative Risk to Data/Information on Cellular Phone 77 8.13 Fuzzy Set Membership of Incoming SMS Message 78 8.14 Membership in Fuzzy Set ‘None’ Risk 79 8.15 Membership in Fuzzy Set ‘Very Low’ Risk 79 8.16 Fuzzy Set for Cumulative Risk to Cellular Phone Usability 80 ix 8.17 Membership in Fuzzy Set ‘None’ Risk 81 8.18 Membership in Fuzzy Set ‘Very Low’ Risk 81 8.19 Fuzzy Set for Cumulative Risk to Data/Information on the Cellular Phone 82 8.20 Membership in Fuzzy Set ‘High’ Risk 83 8.21 Membership in Fuzzy Set ‘High’ Risk 83 8.22 Fuzzy Set for Cumulative Risk to Privacy 84 8.23 Fuzzy Set Membership of Incoming SMS Message 85 8.24 Membership in Fuzzy Set ‘None’ Risk 86 8.25 Membership in Fuzzy Set ‘Very Low’ Risk 86 8.26 Fuzzy Set for Cumulative Risk to Cellular Phone Usability 87 8.27 Membership in Fuzzy Set ‘None’ Risk 88 8.28 Membership in Fuzzy Set ‘Very Low’ Risk 88 8.29 Fuzzy Set for Cumulative Risk to Data/Information on Cellular Phone 89 8.30 Membership in Fuzzy Set ‘Low’ Risk 90 8.31 Membership in Fuzzy Set ‘High’ Risk 90 8.32 Fuzzy Set for Cumulative Risk to Right to Avoid Unnecessary Billing x 91 Figure 8.19 Fuzzy Set for Cumulative Risk to Data/Information on the Cellular Phone Using the center of gravity method to defuzzify this set gives a resulting risk value of 0.97043 The degree of risk to data/information on the cellular phone due to this SMS message is 0.97043 Based on this risk value, the countermeasure decided by the system is ‘Accept’ the message Risk to the Right to Privacy: Since the phone is in silent mode, it indicates that the user desires privacy, and hence the ‘Right to Privacy’ becomes an asset that must be protected The degree of membership in the fuzzy set ‘Friend’ is 0.25 and the degree of membership in the fuzzy set ‘Computer’ is 1.0 Hence, for the asset ‘right to privacy’, the degree of membership in fuzzy set ‘High’ risk is 0.25 Degree of membership 1.0 0.25 Risk Figure 8.20 Membership in Fuzzy Set ‘High’ Risk 81 The degree of membership in the fuzzy set ‘Colleague’ is 0.75 and the degree of membership in the fuzzy set ‘Computer’ is 1.0 Hence, for the asset ‘right to privacy’, the degree of membership in fuzzy set ‘High’ risk is 0.75 Degree of membership 1.0 0.75 Risk Figure 8.21 Membership in Fuzzy Set ‘High’ Risk The fuzzy set representing the resulting risk is obtained by the union of the fuzzy sets shown above Degree of membership 1.0 0.75 0.25 3.0 Risk Figure 8.22 Fuzzy Set for Cumulative Risk to Privacy 82 Using the center of gravity method to defuzzify this set gives a resulting risk value of 3.0 The degree of risk to right to privacy due to this SMS message is 3.0 Based on this risk value, the countermeasure decided by the system is ‘Queue’ the message Selection of Countermeasure: Since the cellular phone, is within normal billing limits, there is no risk to the asset ‘right to avoid unnecessary billing’ The most pessimistic counter measure suggested is ‘Queue’ the message Hence, the SMS message is queued by the system A visual indicator on the screen in turned on so that the user knows that there is a message in the queue when she checks the cellular phone 8.5.4 SMS Message with Capability and Degree of Motivation 2.75 under Normal Mode with the Billing Limit Exceeded Degree of The system membership receives an SMS message from a contact that has been categorized as somewhere between a friend and a colleague with a degree of motivation value of 2.75 in 1.0 the PIM 0.75 and the message has been sent using a PC The system automatically assigns a 0.25 value of and uses the degree of motivation 2.75 assigned by the user capability 2.75 Degree of motivation Degree of membership 1.0 83 Capability Figure 8.23 Fuzzy Set Membership of Incoming SMS Message Risk to Cellular Phone Usability: The degree of membership in the fuzzy set ‘Friend’ is 0.25 and the degree of membership in the fuzzy set ‘Computer’ is 1.0 Hence, for the asset ‘cellular phone usability’, the degree of membership in fuzzy set ‘None’ risk is 0.25 Degree of membership 1.0 0.25 Risk Figure 8.24 Membership in Fuzzy Set ‘None’ Risk 84 The degree of membership in the fuzzy set ‘Colleague’ is 0.75 and the degree of membership in the fuzzy set ‘Computer’ is 1.0 Hence, for the asset ‘cellular phone usability’, the degree of membership in fuzzy set Very Low’ risk is 0.75 Degree of membership 1.0 0.75 Risk Figure 8.25 Membership in Fuzzy Set ‘Very Low’ Risk The fuzzy set representing the resulting risk is obtained by the union of the fuzzy sets shown above Degree of membership 1.0 0.75 0.25 Risk 0.97043 Figure 8.26 Fuzzy Set for Cumulative Risk to Cellular Phone Usability Using the center of gravity method to defuzzify this set gives a resulting risk value of 0.97043 The degree of risk to cellular phone usability due to this SMS message is 85 0.97043 Based on this risk value, the countermeasure decided by the system is ‘Accept’ the message Risk to Data/Information on the Cellular Phone: The degree of membership in the fuzzy set ‘Friend’ is 0.25 and the degree of membership in the fuzzy set ‘Computer’ is 1.0 Hence, for the asset ‘data/information on the cellular phone’, the degree of membership in fuzzy set ‘None’ risk is 0.25 Degree of membership 1.0 0.25 Risk Figure 8.27 Membership in Fuzzy Set ‘None’ Risk The degree of membership in the fuzzy set ‘Colleague’ is 0.75 and the degree of membership in the fuzzy set ‘Computer’ is 1.0 Hence, for the asset ‘cellular phone usability’, the degree of membership in fuzzy set ‘Very Low’ risk is 0.75 Degree of membership 1.0 0.75 86 Risk Figure 8.28 Membership in Fuzzy Set ‘Very Low’ Risk The fuzzy set representing the resulting risk is obtained by the union of the fuzzy sets shown above Degree of membership 1.0 0.75 0.25 Risk 0.97043 Figure 8.29 Fuzzy Set for Cumulative Risk to Data/Information on Cellular Phone Using the center of gravity method to defuzzify this set gives a resulting risk value of 0.97043 The degree of risk to data/information on the cellular phone due to this SMS message is 0.97043 Based on this risk value, the countermeasure decided by the system is ‘Accept’ the message Risk to the Right to Avoid Unnecessary Billing: 87 Since the phone has exceeded the normal billing quota, the ‘Right to Avoid Unnecessary Billing’ becomes an asset that must be protected The degree of membership in the fuzzy set ‘Friend’ is 0.25 and the degree of membership in the fuzzy set ‘Computer’ is 1.0 Hence, for the asset ‘right to avoid unnecessary billing’, the degree of membership in fuzzy set ‘Low’ risk is 0.25 Degree of membership 1.0 0.25 Risk Figure 8.30 Membership in Fuzzy Set ‘Low’ Risk The degree of membership in the fuzzy set ‘Colleague’ is 0.75 and the degree of membership in the fuzzy set ‘Computer’ is 1.0 Hence, for the asset ‘right to avoid unnecessary billing’, the degree of membership in fuzzy set ‘High’ risk is 0.75 Degree of membership 1.0 0.75 88 Risk Figure 8.31 Membership in Fuzzy Set ‘High’ Risk The fuzzy set representing the resulting risk is obtained by the union of the fuzzy sets shown above Degree of membership 1.0 0.75 0.25 2.7105 Risk Figure 8.32 Fuzzy Set for Cumulative Risk to Right to Avoid Unnecessary Billing Using the center of gravity method to defuzzify this set gives a resulting risk value of 2.7105 The degree of risk to right to avoid unnecessary billing due to this SMS message is 2.7105 Based on this risk value, the countermeasure decided by the system is ‘Queue’ the message Selection of Countermeasure: 89 Since the cellular phone, is in normal mode, there is no risk to the asset ‘right to privacy’ The most pessimistic counter measure suggested is ‘Queue’ the message Hence, the SMS message is queued by the system A visual indicator on the screen in turned on so that the user knows that there is a message in the queue when she checks the cellular phone 90 Chapter – Conclusions 9.1 Conclusions This study explained and classified the different possible attacks on cellular systems It showed that the existing security schemes not provide adequate security and that there is a need to develop new mechanism that are better suited to the wireless environment It also pointed out the vulnerabilities that are exploited by attacks on cellular systems This study identified the aspects of mobile security that need to be looked into and thus has given directions for future work in mobile security The study also looked into how risk analysis, risk modeling and fuzzy logic can be applied to security in mobile systems It proposed a fuzzy logic based risk model to secure Short Message Service in cellular networks The proposed model uses a hybrid approach towards risk modeling The user begins use of the system with a mature and well evolved model that has been constructed by using all the information that could be gathered at that stage However, even after the system is operational, the model continues to evolve with constant feedback from the user This approach puts the user in control and allows the model to be refined with time to better match the existing circumstances The model is simple, encourages experimentation and puts the user in an active role 9.2 Future Work Security in cellular networks has not received as much attention as security in wired networks This leaves great potential for further research Authentication and encryption 91 schemes in cellular networks can be strengthened by using the algorithms such as RSA, DES and AES that have been proven to be more secure However doing so is sure to impose a performance penalty in terms of increased call setup time and increased frame delays This needs to be looked into further Denial of service attacks in mobile systems can also become a burning issue once such attacks become as rampant as they are in wired systems Significant work can be done in trying to apply some of the denial of denial of service schemes in wired networks to cellular systems As the use of the short message service (SMS) in cellular phones is gaining popularity, so are attacks based on SMS These attacks include SMS spam and SMS DoS The application of risk/trust based models to intelligently filter out undesired messages can be an interesting topic for further research It would also be interesting to compare the performance and effectiveness of the model proposed in this study, with other models that would possibly be developed in the future Thus, much remains to be done in the field of security in mobile systems 92 List of References [1] Anon., Worldwide Cellular Phone Usage Statistics, http://www.cellular.co.za, [referred Nov 2000] [2] David Wagner, GSM Cloning, http://www.isaac.cs.berkeley.edu/isaac/gsm.html, [referred Nov 2000] [3] Anon., GSM Cloning, http://www.isaac.cs.berkeley.edu/isaac/gsm-faq.html, [referred Nov 2000] [4] Anon., GSM Cell phones Cloned, http://jya.com/gsm-cloned.htm, [referred Nov 2000] [5] Anon., GSM Alliance Clarifies False & Misleading Reports of Digital Phone Cloning, http://jya.com/gsm042098.txt, April 20, 1998 [6] Briceno M & Goldberg I & Wagner D., An Implementation of the GSM A3A8 Algorithm, http://www.scard.org/gsm/a3a8.txt, [referred April 2000] [7] Briceno M & Goldberg I & Wagner D., A Pedagogical Implementation of A5/1, http://www.scard.org/gsm/a51.html, [referred April 2000] [8] Anon., A5, http://jya.com/crack-a5.htm, [referred April 2000] [9] Alex Biryukov, Adi Shamir, David Wagner, Real Time Cryptanalysis of the Alleged A5/1 on a PC , Fast Encryption Software Workshop 2000 in New York City, April 10, 2000 [10] Racal Research Ltd., GSM System Security Study, http://jya.com/gsm061088.htm, June 10, 1988 [11] Harri Hansen, Security of Mobile Systems from a User’s Point of View, April 4, 2000 [12] David Margrave, GSM Security and Encryption, [referred March 2000] [13] Lauri Pesonen, GSM Interception, http://www.tml.hut.fi/Opinnot/Tik110.501/1999/papers/gsminterception/netsec.html, Nov 1999 [14] Schneier B., Applied Cryptography, 2nd Ed., Wiley, New York, 1996 [15] Laura Rohde, Messages can freeze popular Nokia phones, http://www.cnn.com/2000/TECH/computing/09/01/nokia.freeze.idg/index.html, Sept 2000 93 [16] iDefence Intelligence Service, Nokia SMS-Enabled Phone Vulnerability, http://www.idefense.com/pages/flashreports/noika_083100.html, Aug 2000 [17] 3rd Generation Partnership Project, http://www.3gpp.org, [referred Nov 2000] 3GPP, UMTS specifications, [18] 3GPP Technical Specifications Group – Services and System Aspects – Security Working Group, ftp://ftp.3gpp.org/TSG_SA/WG3_Security, [referred Nov 2000] [19] Deborah J Bodeau, A Conceptual Model for Computer Security Risk Analysis, The MITRE Corporation [20] Freeman J.W., Darr T.C., Neely R.B., Risk Assessment for Large Heterogeneous Systems, Computer Security Applications Conference, 1997 Proceedings., 13th Annual , 1997 Page(s): 44 –52 [21] Bennett S.P., Kailay M.P., An Application of Qualitative Risk Analysis to Computer Security for the Commercial Sector, Computer Security Applications Conference, 1992 Proceedings., Eighth Annual , 1992 Page(s): 64 –73 [22] Bilbao A., TUAR – A Model of Risk Analysis in the Security Field, Security Technology, 1992 Crime Countermeasures, Proceedings Institute of Electrical and Electronics Engineers 1992 International Carnahan Conference on, 1992 Page(s): 65 –71 [23] John Gordon, Security Modeling, Concept Laboratories, [referred Feb 2001] [24] Otwell K., Aldridge B The Role of Vulnerability in Risk Management, Computer Security Applications Conference, 1989, Fifth Annual, 1990 Page(s): 32 –38 [25] Garrabrants W.M., Ellis A.W III, Hoffman L.J., Kamel M., CERTS: A Comparative Evaluation Method for Risk Management Methodologies and Tools., Computer Security Applications Conference, 1990., Proceedings of the Sixth Annual , 1990 Page(s): 251 – 257 [26] Gove R.A., Friedman A.R., A Structured Risk Analysis Approach To Resolve the Data Protection And Integrity Issues for Computer-aided Acquisition Logistic Support Computer Security Applications Conference, 1989., Fifth Annual , 1990 Page(s): –5 [27] Clifford M., Lavine C., Bishop, M., The Solar Trust Model: Authentication without Limitation, Computer Security Applications Conference, 1998 Proceedings 14th Annual, 1998 Page(s): 300 – 307 94 [28] Marmor-Squires A., McHugh J., Branstad M., Danner B., Nagy L., Rougeau P., Sterne D., A Risk Driven Process Model for the Development of Trusted Systems Computer Security Applications Conference, 1989., Fifth Annual , 1990 Page(s): 184 – 192 [29] Mayer F.L., A Brief Comparison of Two Different Environmental Guidelines for Determining “Levels of Trust”, Computer Security Applications Conference, 1990., Proceedings of the Sixth Annual , 1990 Page(s): 244 –250 95 .. .SECURITY CHALLENGES IN MOBILE SYSTEMS AND FUZZY LOGIC BASED RISK MODEL FOR SECURE HANDLING OF SMS MESSAGES IN CELLPHONES BY SAROSH CYRUS HAVEWALA B.Engr., University of Mumbai, 1997... level of risk that can serve as a basis of decision-making or for initiating a countermeasure Fuzzy Logic has emerged as a profitable tool for the controlling of subway systems and complex industrial... fuzzy Sets for Risk 61 8.4 Fuzzy Set Membership of Incoming SMS Message 71 8.5 Fuzzy Set for Cumulative Risk to Cellular Phone Usability 72 8.6 Fuzzy Set Membership of Incoming SMS Message