Presentation Title: Real World Attacks Against 3G Networks Using Subscriber Devices
Cellular networks, like any other data network, requires careful attention to network design such as proper segmentation of subscriber generated traffic from network management & signaling traffic. We present an attack penetration method using only standard subscriber equipment to compromise an operator network.
We will demonstrate how standard IP network reconnaissance techniques were used to identify critical infrastructure in a GSM network. We will further demonstrate how an attacker can use this knowledge to cripple the GSM network. We will also show how an in-depth analysis of the network infrastructure and the IP routing information stored on L3 devices allowed us to create a complete end to end network diagram of the cellular network.
Finally, a brief comparative analysis will be made between GSM, WiMAX, LTE, and CDMA standards to identify which (if any) 3G/4G technologies mitigate these attacks using their security architecture.
Ben Hagen brings experience in investigating security incidents, monitoring IDS solutions, and developing software, procedures and policies for effective and robust security monitoring. He has developed sophisticated software for identifying and correlating security events across a wide spectrum of network devices, and following the events to eventual issue resolution. Hagen has specific interests in penetration testing, protocol and malware analysis, and developing “usable” security solutions.
Hagen holds an M.S. degree in Information Assurance and a B.A. in Political Science and International Studies from Iowa State University. His thesis research involved an analysis of national information filtering mechanisms. He also holds SANS GIAC certifications in Intrusion Analysis, Reverse Engineering Malware, and Secure Web Presence (LAMP), as well as a Security+ certification. Hagen is proficient in Japanese, and has spent time living and studying in Japan, China and South Korea.