Assessing security of mobile telecommunication networks

With the increase in popularity of mobile phones over landlines, the mobile telecommunication network has now become the primary source of communication for not only business and pleasure, but also for the many life and mission critical services such as E-911. These networks have become highly attractive targets to adversaries due to their heavy usage and their numerous vulnerabilities that may be easily exploited to cause major network outages.;Our dissertation is motivated by the numerous vulnerabilities suffered by these networks and the lack of comprehensive mobile telecommunication network specific security assessment. Our dissertation bridges this gap by assessing the current state of security of the mobile telecommunication network, and determining the network characteristics that must be changed to render the network more secure. In our assessment, we: (1) identify and classify possible threats to mobile telecommunication networks; (2) assess potential vulnerabilities that may be exploited to realize these threats; and (3) devise defense strategies to protect from such attacks.;In the first step, we conducted a comprehensive study to identify possible threats to the network, and developed a unique three dimensional taxonomy to classify these threats. This was the first detailed study of this type. Our most significant results from this study include identifying: the unique cascading effect of attacks in the mobile telecommunication network, by which an adversary can attack a network target from a remote location (for example, an adversary may prevent a police officer or an emergency health-care provider from receiving an E-911 call from a remote location); and the cross infrastructure cyber attack---a type of cascading attack where the adversary targets the mobile telecommunication network but attacks the Internet, which propagates the attack to the mobile telecommunication network. The technical impact of our work is that it has created an increased awareness of the threats faced by the mobile telecommunication network due to its numerous vulnerabilities.;In the second step, we developed the Cellular Network Vulnerability Assessment Toolkit - CAT, to assess potential network vulnerabilities. This toolkit allows a user to input specific pre-conditions or vulnerabilities, and provides a visual trace of the possible attacks that may be launched by exploiting the user input vulnerabilities. Visual traces allow users to trace the effect of an attack through a network and determine its side-effects and ultimate service disruption. The toolkit also allows a user to quantify the benefits of a security solution by removing attack effects based on the defenses provided. One major advantage of our toolkit is that potential solutions may be evaluated before expensive development and deployment.;Developing such a tool presented many challenges: telecommunication networks are complex systems that contain hundreds of data elements and support hundreds of services. CAT handles the complex and diverse nature the network using telecommunication specifications to find possible sources and targets of attacks. To trace the effect of an attack through the network we introduced a novel dependency and propagation model. Finally, we superimposed boolean properties on the propagation model to capture the impact of security solutions.;We used this toolkit to evaluate a newly standardized telecommunications security protocol called MAPSec. Our results show that MAPSec provides defenses for a narrow set of attacks, but does not effectively mitigate attacks with the largest potential impact. In fact, we have shown that attacks that have previously occurred would not be prevented by the current versions of MAPSec. The technical impact of this work is that it is now possible to uncover vulnerabilities in the mobile telecommunication network, determine their damage potential, and evaluate potential new solutions to fix these vulnerabilities.;In the third step, we propose a new security protocol, End-to-End Security - EndSec to address the most damaging attacks uncovered from the second part of our work. EndSec provides multi-hop security by inserting cryptographic checks on key parameters, allowing corruption of data or logic to be traced to its source. The technical impact of EndSec is that it brings accountability to the network previously non-existent, and enables real-time tracking of adversary activity.;To the best of our knowledge, our work is the first comprehensive security assessment of the mobile telecommunication network. Our taxonomy is the first to include cross infrastructure cyber attacks and to identify the cascading effect of attacks on telecommunication networks. Our toolkit, CAT, is the first to assess the vulnerability of the mobile telecommunication network and quantify the effectiveness of potential security solutions. Our protocol, EndSec is the first end-to-end security scheme for mobile telecommunication networks. Our results have been used as an important input to the Vulnerabilities Threat Modeling Working Group of the Next Generation Networks Task Force of the President's National Security Telecommunications Advisory Panel.