Mobile Phone Infrastructure - Modern Information and Communications Technology

List of Abbreviations

Chapter 2. Literature Review

2.8 Modern Information and Communications Technology

2.8.4 Mobile Phone Infrastructure

with a space to comment on stories or items. Web 2.0 came to full strength when the users generated their own content, and comment on the content that others have shared online. As many mobile devices now have integrated social networking capabilities, users can access and share content on the move.

More technical vulnerabilities and threats are exhibited by Web 2.0 technologies compared to the traditional Web 1.0 sites due to the scripting requirements that provide the user with the ability to upload content (Lawton, 2007). Common threats in Web 2.0 are cross-site scripting, cross-site request forgery, and mobile worms (ibid.). YouTube was affected by a cross-site scripting attack that appeared to have targeted the singer Justin Bieber (Barnett, 2010), as was Twitter, where attackers used a cross-site scripting flaw to open unauthorised marketing pop-ups when the user's mouse cursor moved over a link (Twitter, 2010). Many Web 2.0 sites use applications that allow video and audio playing; these applications may also have vulnerabilities which can be exploited (Lawton, 2007). Davidson and Yoran (2007) suggest that users are coming to expect the same interactivity and collaborative ability in the workplace as Web 2.0 provides; however, Naraine (2009) states that users do not have the same restraint with personal information on Web 2.0 as they would when disclosing the information in person. These factors may result in Web 2.0 posing a risk regarding information leaks. The security implications of Web 2.0 will be discussed in more detail in Section 5.6.

The devices themselves form mobile stations (MS), and they communicate to the base station (BS), or mobile phone tower, wirelessly. In South Africa this wireless link follows the Global System for Mobile Communications (GSM) standard and the Third Generation (3G) Wideband Code Division Multiple Access (WCDMA) standard, the other major 3G standard is known as CDMA2000 (Global Mobile Suppliers Association, 2010). The link from the mobile device to the base stations is known as the uplink, whereas the link from the base station to the device is known as the downlink. The reason the term cellular phone is commonly used is that the coverage area is divided into cells, each of which covered by a base station transceiver (BST). The mobile devices are free to roam within a cell, or into a different cell, at which time it will be handed over to the relevant base station.

The base station systems (BS) comprise of the BST, and the base station controller (BSC); multiple BSTs may connect to a single BSC (Ojanpera & Prasad, 1998; Xenakis & Merakos, 2006). The base stations connect to the mobile switching centre (MSC) via fibre-optic cable or wireless microwave data links between the BSC and MSC; the MSC connects the mobile phone infrastructure to the public switched telephone network (PSTN), which allows calls between the mobile devices and the fixed-line infrastructure (Enck, Traynor, McDaniel, & La Porta, 2005). The MSC is responsible for any circuit-switched services, such as voice calls, and connects to the core network and also provides a gateway to other network providers (Enck, Traynor, McDaniel, & La Porta, 2005; Xenakis & Merakos, 2006). The home location register (HLR) manages permanent information regarding the mobile users, including billing information (Enck, Traynor, McDaniel, &

La Porta, 2005); the visitor location register (VLR) contains information related to the handling of the mobile station services (Xenakis & Merakos, 2006). The equipment identity register (EIR) contains information regarding the identity of the mobile equipment, and the authentication centre (AuC) contains security information for the subscribers‟ identity (ibid.).

There is little difference between the GSM and 3G network architectures as described by Ojanpera and Prasad (1998). The following descriptions cover the additional services such as short messages and data transfer for the GSM infrastructure. Short messages are routed via the short messaging service centre (SMSC); these may connect to external short message entities (ESME) which allow SMSs to be received from external locations, such as the web-based SMS services (Enck, Traynor, McDaniel, & La Porta, 2005). In simulations, Traynor et al. (2009) estimated that each HLR could operate with ten MSCs, and each MSC could control up to two hundred towers.

Data transfer was initially done through the global packet radio services (GPRS), which utilises the majority of the GSM infrastructure (Xenakis & Merakos, 2006). A serving GPRS support node (SGSN) is responsible for delivering the packets to and from the mobile station; a gateway GPRS support node (GGSN) provides external connection to the Internet and other data packet networks (ibid.).

The descriptions of the network architecture for the voice, SMS and GPRS services provide a picture of a generic mobile phone infrastructure, which is shown in Figure 2.25.

MSC

EIR

SGSN

SMSC

ESME PSTN

HLR MS

BTS

BSC BS

Channel

AuC

GGSN BTS

Backbone network External networks

Internet

Other MSCs

VLR Other

VLRs

Figure 2.25: Mobile Phone Infrastructure

2.8.4.2 Wireless Physical Layer

The wireless physical layer in mobile phones provides the uplink from the device to the base station, and the downlink from the base station to the device. Two standards are used in South Africa: global system for mobile communications (GSM) and wideband code-division multiple- access (the abbreviation for the standard is WCDMA, whereas the abbreviation for general

wideband CMDA technology is W-CDMA), which is the deployed third generation (3G) standard in the country. The other major 3G standard is cdma2000.

GSM is a second generation (2G) mobile communications standard. It has four major operating frequencies: 850MHz, 900 MHz, 1800 MHz, and 1900 MHz, and uses 200 kHz channel (Ojanpera

& Prasad, 1998). Multiple users are accommodated through time-division multiple-access, where each user or channel is allocated time slot to broadcast in (ibid.). GSM has evolved with the introduction of data services through GPRS, and data rates were increased through and enhanced data rated for GSM evolution (EDGE).

Both WCDMA and CDMA2000 uses DS-CDMA as discussed in Section 2.5.5, which is a form of LPI communications and has inherent noise-cancellation and anti-jam features. As WCDMA is the main standard used in South Africa, this will be focussed on. The spreading is performed with the aid of pseudo-noise sequences, which generate a series of chips. The digital signal is spread with the chips so that the signal is transmitted over a larger bandwidth than the original data signal would have required (Ojanpera & Prasad, 1998; Taub & Schilling, 1991). The correlation characteristics of the pseudo-noise sequences are also used to separate the users, as they have high auto-correlation and low cross-correlation. The same code is used for spreading and despreading; therefore any interference from other signals is cancelled due to the low-cross correlation (Ojanpera & Prasad, 1998; Taub & Schilling, 1991), as illustrated in Section 2.5.5. WCDMA uses Gold codes for the spreading sequence, and has possible chip rates of 4.096 Mcps (mega chips per second), 8.192 Mcps, and 16.384 Mcps for channel bandwidths of 5 MHz, 10 MHz, and 20 MHz, respectively (Ojanpera & Prasad, 1998).

For the purpose of simulating a mobile communications environment where multiple users are present, the environment will need to be described mathematically. Multi-user DS-CDMA communications can be described in matrix form as (Proakis, 2001; Verdu, 1998):

2.18

where y(i) is the ith bit or symbol for each user, S is the spreading sequence for each user, A is a diagonal matrix with the amplitude of each user's signal, b(i) is the ith bit for each user, and n(i) is the noise or interference experienced by the ith bit of each user.

The output of a basic decorrelating multiuser detector can be described by (Proakis, 2001; Verdu, 1998):

2.19

where r is the bit stream that is the output of the matched filters for each user, R is a correlation matrix of all the spreading sequences described by S, b is the bits, and n is the interference. The purpose of the correlation matrix is to take into account interference between the signals; while the spreading sequences have low cross-correlation, there is still some interference. The simulations will be presented in Chapter 7.

The channels used for GSM and WCDMA are similar, and can be divided into two types: traffic channels and control channels (Enck, Traynor, McDaniel, & La Porta, 2005). The paging channel and random access channel are used to initiate voice and data services; devices are instructed by the base station to monitor a stand-alone dedicated control channel (SDCCH) which is used for authentication, enable encryption, and deliver SMS messages. Once the authentication is complete, a traffic channel is allocated for voice traffic. For the purposes of the dissertation, the SDCCH will be the primary channel considered in Chapter 7.

2.8.4.3 Prevalence of Mobile Phones

During the second quarter of 2010, it was reported that there were approximately 535 million WCDMA subscribers and approximately 4 billion GSM subscribers globally; this accounts for 89.7% of the approximately 4.933 billion mobile subscription worldwide (Global Mobile Suppliers Association, 2011a). In Africa there are approximately 350 million GSM subscribers and 20 million WCDMA subscribers (Global Mobile Suppliers Association, 2011b).

According to the State of the Cities Report (South African Cities Network, 2011b) 16% of households have access to both mobile phones and fixed line telecommunications; 67% only have access to mobile phones, 1% only has access to fixed line telecommunications, and 16% has no access. These figures are for 2009, and indicate a total of 83% of households have access to mobile phone, compared to 17% with access to fixed line telecommunications. The International Telecommunications Union (2011) estimates that there are 92.67 mobile subscriptions per 100 people in South Africa in 2009, compared to 8.62 fixed telephone lines per 100 inhabitants. This is a ratio of 10.75 mobile subscriptions per fixed line. There are an estimated 8.82 Internet users per 100 inhabitants in South Africa, and approximately 0.97 fixed broadband subscribers per 100 inhabitants, compared to 10.52 mobile broadband subscriptions per 100 inhabitants (International Telecommunications Union, 2011). This is a ratio of 10.85 mobile broadband subscriptions per fixed broadband subscriptions. These statistics illustrate the overwhelming prevalence of mobile

communications in South African society. The number of fixed line telecommunications has exhibited an annual decease from 2004 to 2009, whereas the mobile subscriptions have continued to grow (ibid.). This indicates that mobile communications are becoming more prevalent, to the detriment of the fixed line communications.

The prevalence of mobile phones may increase with the introduction of mobile commerce (m- commerce); online banking services use SMS for providing one-time codes, and mobile money such as M-Pesa has had huge success in Kenya (Aker & Mbiti, 2010). In addition, many development projects in Africa revolve around the innovative use of mobile phones and mobile applications; these projects include the health, education, and governance sectors (Aker & Mbiti, 2010). This additional functionality increases the importance of mobile communications in South Africa and elsewhere on the continent; it is possibly the backbone of the continent's telecommunications infrastructure.

2.8.4.4 The Mobile Infrastructure and Information Warfare and Security

This section relates aspects of IW to the mobile infrastructure. A previous version was published in van Niekerk and Maharaj (2010b). As electronic warfare targets the electro-magnetic spectrum, all wireless channels (particularly the physical layer) can be considered as falling under the auspices of electronic warfare. The infrastructure hardware and logical connections fall under network warfare, and the entire infrastructure will fall under information infrastructure warfare. Figure 2.26 shows a simplified mobile infrastructure and the relationships to these IW functional areas. It is also conceivable that the legitimate functionality of the mobile services may be used for malicious intent; in Kenya SMS services were used to distribute hate messages (Okeowo, 2008).

As with traditional computer-based systems and networks, mobile devices and infrastructures have security vulnerabilities and may be attacked. Modern mobile devices, in particular smartphones, are capable of being infected by malicious code or applications (Morales, 2009a); Fleizach et al. (2007) model the spreading of mobile worm infections using MMS and voice over IP. The simulations indicate that all mobile phones that could possibly be infected would be within a matter of minutes should there be no bandwidth constraints; taking bandwidth limitations into consideration the maximum number of infections could take up to 12 hours. This is attributed to the mobile infrastructure network reaching its processing capacity early in the malware propagation (Fleizach et al., 2007); this indicates that a DoS attack on the mobile infrastructure is possible. Enck et al.

(2005) discusses and calculates the capacity of the logical control channels in order to illustrate the

possibility of using SMS services to perform a DoS attack on the mobile infrastructure; this is expanded in Traynor et al. (2009), who illustrate a possible DoS attack on the core mobile infrastructure.

The applications that run on mobile devices, as well as the communication capabilities may be attacked and the mobile device compromised (Dwivedi, Clark, & Thiel, 2010). It is also possible to eavesdrop on the wireless channels (Nohl & Paget, 2009), or attack the mobile infrastructure in order to eavesdrop, as occurred in Greece in 2004 (Prevelakis & Spinellis, 2007). The security and IW aspects of the mobile infrastructure will be discussed in greater detail in Chapter 5, and the simulations and calculations will be expanded to the South African situation in Chapter 7.

Dalam dokumen Vulnerability assessment of modern ICT infrastructure from an information warfare perspective. (Halaman 113-119)