Towards a Fraud-Prevention Framework for Software Defined Radio Mobile Devices (pdf)

Article PDF cannot be displayed. You can download it here:

https://link.springer.com/content/pdf/10.1155%2FWCN.2005.401.pdf

Towards a Fraud-Prevention Framework for Software Defined Radio Mobile Devices

EURASIP Journal on Wireless Communications and Networking 2005:3, 401–412 c 2005 A. Brawerman and J. A. Copeland Towards a Fraud-Prevention Framework for Software Defined Radio Mobile Devices Alessandro Brawerman School of Electrical and Computer Engineering, Georgia Institute of Technology, Atlanta, GA 30318, USA Email: John A. Copeland School of Electrical and Computer Engineering, Georgia Institute of Technology, Atlanta, GA 30318, USA Email: Received 29 September 2004; Revised 8 March 2005 The superior reconfigurability of software defined radio mobile devices has made it the most promising technology on the wireless network and in the communication industry. Despite several advantages, there are still a lot to discuss regarding security, for instance, the radio configuration data download, storage and installation, user’s privacy, and cloning. The objective of this paper is to present a fraud-prevention framework for software defined radio mobile devices that enhances overall security through the use of new pieces of hardware, modules, and protocols. The framework oﬀers security monitoring against malicious attacks and viruses, protects sensitive information, creates and protects an identity for the system, employs a secure protocol for radio configuration download, and finally, establishes an anticloning scheme, which besides guaranteeing that no units can be cloned over the air, also elevates the level of diﬃculty to clone units if the attacker has physical access to the mobile device. Even if cloned units exist, the anticloning scheme is able to identify and deny services to those units. Preliminary experiments and proofs that analyze the correctness of the fraud-prevention framework are also presented. Keywords and phrases: cellular frauds, cloning, security and privacy issues, security protocols, software defined radio mobile devices. 1. INTRODUCTION Software defined radio [1] allows multiple radio standards to operate on common radio frequency hardware, thereby ensuring compatibility among legacy, current, and evolving wireless communication technologies. A software defined radio mobile device (SDR-MD) is capable of having its operation changed by dynamically loading radio reconfiguration data (R-CFG files) over the air. With diﬀerent R-CFGs, the device can operate using diﬀerent wireless communication technologies while having a single transceiver. A typical SDR-MD can manage communication via satellite, over diﬀerent cellular technologies, VoIP (voice over internet protocol), and operations over the internet. One of the key issues in SDR wireless communication involves security. According to the SDR Forum [2], some of This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. the concerns are the R-CFG download, storage, and installation; user’s privacy, that is, protection of the user’s identity, location, and communication with other devices; and finally, SDR-MD cloning, that is, illegally using services that are billed to someone else’s device. To address the SDR Forum concerns and greatly enhance the overall security of SDR-MDs, a fraud-prevention framework is proposed. The proposed framework oﬀers security monitoring against malicious attacks and viruses that may aﬀect the configuration data, protects sensitive information through the use of protected storage, creates and protects an identity for the system, employs a secure protocol for R-CFG download, and finally, establishes an anticloning scheme which guarantees that no units can be cloned over the air, and elevates the level of diﬃculty to clone units if the attacker has physical access to the SDR-MD. Even if cloned units exist, the anticloning scheme is able to identify and deny services to those units. Preliminary practical experiments using java 2 microedition (J2ME) [3] and proofs that analyze the correctness of the fraud-prevention framework are also presented. 402 2. EURASIP Journal on Wireless Communications and Networking BACKGROUND Research work has been done for each of the SDR concerns previously described; however, no published work has developed a solution that encompasses more than one of the concerns at once. This section is divided according to the SDR Forum concerns. For each subsection, some of the relevant related research is presented. 2.1. R-CFG download, storage, and installation In [4], the authors discuss a model for securing the R-CFG download and installation that involves the use of secret device keys and signatures. All security operations take place within tamper-proof hardware that also contains the programmable components of the transceiver. This approach provides good security for the radio software that lies within the tamper-proof hardware, but leads to some drawbacks such as the use of nonstandard security methods, lack of a means for third-party vendors to provide R-CFGs, and, most important, lack of a means for securing radio software that resides outside the tamper-proof hardware. 2.2. User’s privacy Some eﬀorts, called privacy extension to Mobile IPv6, deal with user’s privacy. The basic idea of these eﬀorts is to replace the MAC address of a mobile device with a random one, called a temporal mobile identifier (TMI) [5] or pseudorandom interface identifier (PII) [6]. In those schemes, personal mobile location privacy control relies on either the home administration, the foreign administration, or both. Moreover, the home administration is required to share some secrets with the foreign administration to prevent eavesdroppers from having any knowledge about the binding users temporal identifiers and real identifiers. These eﬀorts cannot completely control mobile location privacy by a mobile user since the administration can associate any identifier (PII or TMI) with the corresponding real ID of the mobile device. 2.3. SDR-MD cloning The advanced mobile phone system (AMPS) [7] is the analog mobile phone system standard introduced in the Americas during the early 1980s. Despite the fact that it was a great advance in its time, the AMPS presented several security flaws, and multiple copies of cloned mobile stations were created with little diﬃculty. The global system for mobile communication (GSM) [8] is a globally accepted standard for digital cellular communication. The GSM authentication framework relies on special cryptographic codes to authenticate customers and bill them appropriately. A personalized smart card, called a SIM card, stores a secret key that is used to authenticate the customer; knowledge of the key is suﬃcient to make calls billed to that customer. The SIM card is easily removable so that the user can use other cell phones. The drawback is that someone who has physical access to the SIM card can copy the information to another card, thereby cloning the authentication infor (...truncated)