Session:Detecting IMSI-catchers and other mobile network attacks

From Camp_2015_Wiki
Jump to: navigation, search

Description In this workshop, we explain common attacks on mobile phones, and how these attacks can be detected.
Website(s) https://opensource.srlabs.de/projects/snoopsnitch
Type Workshop
Kids session No
Keyword(s) software
Tags GSM, Mobile Networks, IMSI catchers
Processing village Village:BER
Person organizing User:Lasse
Language
{{{Held in language}}}
Other sessions... ... further results

Starts at 2015/08/15 17:00
Ends at 2015/08/15 18:00
Duration 60 minutes
Location Village:BER

Mobile Phone Attacks

Mobile phones are vulnerable to a number of attack scenarios. Standard phones fall for these attacks without further notification to the user. However, open source tools exists that can expose these previously hidden attacks:

  1. IMSI-catchers, also known as "Stingrays" have recently aroused more and more public interest, as they are often times used in espionage and law enforcement settings without proper legal grounds.
  2. Silent SMS are used to track mobile phones and have become commonplace in covert surveillance.

Workshop Agenda

We explain the attack approaches, then drill down to the protocol level and derive detection rules. Finally, we want to present our open source implementation of these rules for the Android platform and demonstrate their effectiveness.

Useful things to bring

  • Camp network SIM card (can be acquired at the Static:POC)
  • Android phone with Qualcom baseband [1]
  • Micro-USB-cable (or whatever fits your phone)

Even without these, the workshop will be informative, and provide free training material including PCAPs for later analysis.

This workshop will be held by luca, dexter and linuzifer

[1] https://opensource.srlabs.de/projects/snoopsnitch#Incompatible-Devices

Retrieved from "http://events.ccc.de/camp/2015/wiki/index.php?title=Session:Detecting_IMSI-catchers_and_other_mobile_network_attacks&oldid=8751"