Study, analysis, implement and testing of malware mobile station (mal-MS) using a clone Sim card, an Arduino, AT commands and Qualcomm applications (QXDM, QPST)
When considering security in mobile systems, in common with most other systems, our purpose is in preventing: - Access and use of service to avoid or reduce a legitimate charge. - Loss of confidentiality or integrity of a user’s or operator’s data. - Denial of a specific user’s access to their service or denial of access by all users to a service. However, user expectations for instant communication and ease of use, as well as terminals which are easily lost or stolen, present a number of unique challenges in the mobile environment. Second generation systems such as GSM were designed from the beginning with security in mind. This has stood up to the kind of attacks that were prevalent on the analogue system at the time, thanks mainly to the ability to put responsibility for security in the hands of the Home Environment (HE) operator. The HE operator can control the use of the system by the provision of the Subscriber Identity Module (SIM) which contains a user identity and authentication key. This is specifically arranged so that this long life authentication key is not required by the Serving Network (SN) when roaming, exposed over the air or exposed across the interface between the SIM and the mobile. This keeps to the minimum the level of trust the HE operator needs to place in the User, Serving Network and manufacturer of the Mobile Equipment (ME). It is worth to mention that mobile security or mobile phone security has become increasingly important in mobile computing. It is of particular concern as it relates to the security of personal information now stored on smartphones. More and more users and businesses use smartphones as communication tools but also as a means of planning and organizing their work and private life. Indeed, smartphones collect and compile an increasing amount of sensitive information to which access must be controlled to protect the privacy of the user and the intellectual property of the company. All smartphones, as computers, are preferred targets of attacks. These attacks exploit weaknesses related to smartphones that can come from means of communication like Calls, SMS, MMS, Wi-Fi networks, GSM, 3G etc… The study, analysis, implement and testing of malware mobile station (mal-MS) using clone Sim card, Arduino, AT commands and Qualcomm applications (QXDM, QPST) constitute the subject of present Thesis.