019

Information about 019

Published on September 11, 2007

Author: Arley33

Source: authorstream.com

Content

NEW THREATS ON MOBILE ENVIRONMENT IN KOREA:  NEW THREATS ON MOBILE ENVIRONMENT IN KOREA KYU-BEOM HWANG ([email protected]) AND DEOK-YOUNG JUNG ([email protected]) AGENDA:  AGENDA KOREAN MOBILE ENVIRONMENT TYPE OF PROBLEMS WHAT IS THE PROBLEM ? EXPECTED FORM OF ATTACK COUNTER MEASURES CONCLUSIONS KOREAN MOBILE ENVIRONMENT:  KOREAN MOBILE ENVIRONMENT USED AROUND 81%(39.4million) FOR SEPTEMBER 2005. SERVICED BY SK TELECOM, KT FREETEL, LG TELECOM POPULARIZE GAMES, MOVIE CLIPS ON THE MOBILE PHONE Number of mobile phone users KOREAN MOBILE ENVIRONMENT:  KOREAN MOBILE ENVIRONMENT MORE THAN JUST FOR TELEPHONE Digital Entertainment Digital Mobile Broadcasting MP3 Player Movie Player Digital CAMERA Mobile GAME Device ( 3D Support ) PIM Contacts Calendar WAP Browsing / Web Browsing File Storage / Exchange And more… Satellite DMB (Digital Multimedia Broadcasting) KOREAN MOBILE ENVIRONMENT:  KOREAN MOBILE ENVIRONMENT SMS HAS BECOME MORE POPULAR THAN VOICE GETTING INFORMATION VIA MOBILE PHONE ;.e.g. CAR NAVIGATION SYSTEMS BUS TRACKING and etc. WITH PC TO EXCHANGE MASSIVE DATA MP3 Games Movie Clips Pictures USING USB CABLE TO CONNECT PC Provide the modem driver for mobile phone Provide the software ;i.e. Exchange data Edit phone numbers CAUSES OF THE PROBLEM:  CAUSES OF THE PROBLEM EBOOKMAKER QPST BITPIM PHONEMANAGER CAUSES OF THE PROBLEMS:  CAUSES OF THE PROBLEMS TOOLS USED BY UNTHINKING USERS Many communities which share tools and information Causes error on the phone USING QPST, BITPIM TO EXCHANGE COMMERCIAL DATA WITHOUT PERMISSION To copy disallowed contents Commercial contents (e.g. games) Movie clips E-Books Any other files To analyze unauthorized data on mobile phones CAUSES OF THE PROBLEMS:  CAUSES OF THE PROBLEMS ACCESSING FILES ON EFS Deleting system files ;i.e. The mobile phone could be out of service Copying too many files Short of memory resulting in error REVEALED DOCUMENT ABOUT EXTERNAL INTERFACE OF MOBILE PHONE LEADING TO Unwanted, unnoticed dialing (i.e. International calls ) Sending junk messages ( by SMS ) Simulating user actions WHAT IS THE PROBLEMS?:  WHAT IS THE PROBLEMS? COMPLEX FIRMWARE More functions High complexity Large size DOWNLOADING FIRMWARE Downloading the firmware via internet Problem can happen on the mobile phone By wrong firmware By incomplete Downloads DISCLOSED IMPORTANT INFORMATION SPC (System Programming Code) number ;i.e. The setting of a mobile phone can be changed ESN (Electronic Serial Number) Can clone phone CLONED MOBILE PHONES:  CLONED MOBILE PHONES Confiscating 4718 cloned mobile phones Between Jan and Aug in 2005 CLONED MOBILE PHONES:  CLONED MOBILE PHONES Explosive increase of cloned mobile phone this year CLONED MOBILE PHONES:  CLONED MOBILE PHONES Article about illegal electronic payment by cloned phone using stolen ESN codes CLONED MOBILE PHONES:  CLONED MOBILE PHONES The Korean government intends to prevent cloning of phones by rewarding citizens WHAT IS THE PROBLEMS?:  WHAT IS THE PROBLEMS? EASY ACCESS TO PHONE CLONNING WHAT IS THE PROBLEMS?:  WHAT IS THE PROBLEMS? Tools for cloning phones WHAT IS THE PROBLEMS?:  WHAT IS THE PROBLEMS? Tools for accessing system files WHAT IS THE PROBLEMS?:  WHAT IS THE PROBLEMS? Tools for uploading contents WHAT IS THE PROBLEMS?:  WHAT IS THE PROBLEMS? Information and tools are exposed to the Internet EXPECTED TYPE OF ATTACKS:  EXPECTED TYPE OF ATTACKS CHANGING SERVICE SETTING INFORMATION DELETING, MODIFYING FILES ON EFS ;.i.e. UPLOADING UNWANTED CONTENTS ;.i.e. Obscene games, picture, movie clips Replacing contents Spam advertising UNNOTICED DIALING ( .e.g. international calls ) UNNOTICED SENDING JUNK MESSAGES via SMS DELETING, DISCLOSING INFORMATION ;.e.g. Silent unnoticed retrieval of information to PC E.g.) the telephone number, Email, ESN Silent unnoticed Changing of phones numbers EXPECTED TYPE OF ATTACKS:  EXPECTED TYPE OF ATTACKS EXPECTED TYPE OF ATTACKS:  EXPECTED TYPE OF ATTACKS EXPECTED TYPE OF ATTACKS:  EXPECTED TYPE OF ATTACKS EXPECTED TYPE OF ATTACKS:  EXPECTED TYPE OF ATTACKS COUNTER MEASURES:  COUNTER MEASURES PROTECTING CONTENTS WITH DRM, but still; Attempts to use time limited MP3s Attempts to use commercial contents PREVENTION OF USING CLONED PHONE The new mobile phone with another authentication in addition to ESN and MIN But the mobile phones produced before Aug 2004 still have a problem PHONE MANUFACTURES Patching firmware to disallow tools in use Different ways to encrypt data for each manufacturer’s phone Repairing the phone only at service centers Additional tracking services of mobile phone connection to Service PIN Numbers COUNTER MEASURES:  COUNTER MEASURES MALICIOUS ATTACKS The malicious code itself is hard to spread on CDMA environment The attack so far is possible, but it needs a lot of conditions The possibility can be higher if a user still miss behaviors MEASURES TO FIGHT THE EXPECTED PC MALICIOUS CODE Disabling dialing and sending SMS without user’s consent Disabling sending system files such as ESN through Serial port, USB MEASURES TO FIGHT THE EXPECTED MOBILE CODE Disabling unwanted payment on games without user’s consent CONCLUSIONS:  CONCLUSIONS MOBILE ENVIRONMENT IN KOREA IS RAPIDLY CHANGING The threats so far are partially under control, but it needs more development Threats will increase as there are more services TO GET RID OF CURRENT THREATS, MUST UPDATE FIRMWARE The damage could be extensive if the problems happens Mobiles connected to PCs realistically have low possibility of attacks It’s difficult to spread to around USERS, SERVICE PROVIDERS AND PHONE MANUFACTURES HAVE TO THINK TOGETHER ABOUT THREATS AND COUNT MEASURES

Related presentations


Other presentations created by Arley33

Cold Weather Safety
02. 01. 2008
0 views

Cold Weather Safety

TEN RULES OF FIREARM SAFETY
26. 02. 2008
0 views

TEN RULES OF FIREARM SAFETY

How to succeed
02. 10. 2007
0 views

How to succeed

The Internet Motion Sensor
07. 10. 2007
0 views

The Internet Motion Sensor

Xraydiffraction 2007
12. 10. 2007
0 views

Xraydiffraction 2007

CHM1222Chromatograph yTheory
16. 10. 2007
0 views

CHM1222Chromatograph yTheory

student chap21
17. 10. 2007
0 views

student chap21

Imperialism and World War I
22. 10. 2007
0 views

Imperialism and World War I

kr spam hacking status
11. 09. 2007
0 views

kr spam hacking status

tiger
11. 09. 2007
0 views

tiger

tsg0502 10
09. 10. 2007
0 views

tsg0502 10

atomsmoleculesandions
16. 10. 2007
0 views

atomsmoleculesandions

wipo ip mct 05 3
25. 10. 2007
0 views

wipo ip mct 05 3

Adam Smith Krestinskiy
26. 10. 2007
0 views

Adam Smith Krestinskiy

ROK CP
11. 09. 2007
0 views

ROK CP

R LANQUAR FEMIP
23. 10. 2007
0 views

R LANQUAR FEMIP

rmode potsdam04
15. 11. 2007
0 views

rmode potsdam04

how to spot a turkey
26. 11. 2007
0 views

how to spot a turkey

052407 Gascon
14. 12. 2007
0 views

052407 Gascon

15 whiteCWppt
22. 11. 2007
0 views

15 whiteCWppt

PPA724 queries
28. 09. 2007
0 views

PPA724 queries

IPv6 Forum World Congress Europe
07. 01. 2008
0 views

IPv6 Forum World Congress Europe

v short lcg
17. 10. 2007
0 views

v short lcg

click construct
02. 11. 2007
0 views

click construct

symp apr 02 page e
15. 10. 2007
0 views

symp apr 02 page e

Model PÃster horitzontal
16. 11. 2007
0 views

Model PÃster horitzontal

NTS 101
16. 02. 2008
0 views

NTS 101

ENG 40B DR Mathias P Point
20. 02. 2008
0 views

ENG 40B DR Mathias P Point

Nichols Schwartz 05 Bowenian
24. 02. 2008
0 views

Nichols Schwartz 05 Bowenian

swartz
17. 10. 2007
0 views

swartz

ON VECTOR 022707 final
19. 10. 2007
0 views

ON VECTOR 022707 final

EducationalPowerpoint
19. 11. 2007
0 views

EducationalPowerpoint

lectures256p3
07. 12. 2007
0 views

lectures256p3

W03 Late Ming 3 Lives b
26. 03. 2008
0 views

W03 Late Ming 3 Lives b

germany 1 27 05
07. 04. 2008
0 views

germany 1 27 05

EH HL3 MP TWG1
30. 03. 2008
0 views

EH HL3 MP TWG1

ustrans
10. 04. 2008
0 views

ustrans

CAP12PP2
13. 04. 2008
0 views

CAP12PP2

Dr Jongkon
14. 04. 2008
0 views

Dr Jongkon

WEBS0104
16. 04. 2008
0 views

WEBS0104

Deb Tairas presentation
17. 04. 2008
0 views

Deb Tairas presentation

silverman 06
19. 02. 2008
0 views

silverman 06

SAB EPEAT 050608
28. 04. 2008
0 views

SAB EPEAT 050608

Macsim Mihai
18. 03. 2008
0 views

Macsim Mihai

martes manyana 5a presentacion
28. 12. 2007
0 views

martes manyana 5a presentacion

korea otonwu06
11. 09. 2007
0 views

korea otonwu06

larsen jsm2003
29. 10. 2007
0 views

larsen jsm2003

PHYCS 199B Oct 29 2002
15. 10. 2007
0 views

PHYCS 199B Oct 29 2002

Ryan Henry
23. 12. 2007
0 views

Ryan Henry

ewilaya eforumALAMI 2007
23. 10. 2007
0 views

ewilaya eforumALAMI 2007

ELAN
05. 10. 2007
0 views

ELAN

BELIZE
22. 10. 2007
0 views

BELIZE

Sheena Kim
11. 09. 2007
0 views

Sheena Kim

moscow11
15. 10. 2007
0 views

moscow11

Gavrilova PAA 2005
12. 10. 2007
0 views

Gavrilova PAA 2005

mirror darts
29. 12. 2007
0 views

mirror darts

bruxelles dd
17. 10. 2007
0 views

bruxelles dd

EC Baron DCC abridged
11. 03. 2008
0 views

EC Baron DCC abridged

Image53967
07. 01. 2008
0 views

Image53967

GSA dlese teaching boxes
30. 10. 2007
0 views

GSA dlese teaching boxes

Illarionovs Projections
26. 10. 2007
0 views

Illarionovs Projections