Research On GSM Network Security Protocol Flaws

With the rapid development of mobile communication technology, people not only can make voice communicationon the mobile communication network, but can also enjoy purchasing, paying and transferring.On the mobile communication network, the openness of the wireless channel makes it significant to design a network security protocol. Once there are security flaws in the security protocols of mobile networks, many informationsecurity problems, such as the leakage of users’information and the spread of fakemessageswill be caused.Although mobile communication network has now grown to3G and4G era, but as a representative of2G, the GSM network still has the widest coverage among the mobile networks and has the largest number of mobile users. Therefore, the study of security flaws in the security protocols of GSM network would not only be conducive to a better understanding of the current security status of mobile network, strengthen the mobile network construction, but also have guidance and reference significance for the future mobile network security design.This thesis mainly studies the security flaws in the security protocols of GSM network, analyzes the reasons of the flaws, designs and implements a flaw verification schemeof GSM network security protocols, demonstrates thedangers of these security flaws, and offers some advices for improvement to strengthen the security of GSM network.The main contents include:1.Analysis of the security flaws in the security protocols of GSM network.Based on study of the overall architecture and protocol stack of GSM network, wefocus on the research and analysis of security protocols of GSM network and the exiting flaws.2. Design and implement a flawverification scheme of GSM network security protocol.We set up a fake BTS by using USRP and OpenBTS structures for the verification scheme, and use this fake BTS as a core system to verify theloopholes of GSM network.On this basis, we give a series of reasonable suggestionsto improve the security of GSM network.3. Design aman-in-the-middle attackscheme aimed at the security flaws of GSM network authentication protocols.It can make the mobile station that has connected to a fake BTS connect to the real GSM network through a fake BTS and a fake mobile station, and monitor or even tamper with theshort messages between the mobile station and a real mobile station in the GSM network. Besides, we offer a method to protect from such an attack took place.