Short Messaging Systems - PowerPoint PPT Presentation

1 / 6
About This Presentation
Title:

Short Messaging Systems

Description:

ESME's External Short Messaging Entities (email, paging systems) ... Example: Verizon Wireless Website. NPA/NXX Database. Attackers can search online for NPA / NXX. ... – PowerPoint PPT presentation

Number of Views:263
Avg rating:3.0/5.0
Slides: 7
Provided by: mnlabCs
Category:

less

Transcript and Presenter's Notes

Title: Short Messaging Systems


1
Short Messaging Systems
Hardeek Patel
  • 2 ways
  • Mobile to Mobile
  • ESMEs External Short Messaging Entities
    (email, paging systems)
  • Provides a method to communicate when a high
    volume of voice traffic brings voice
    communication to standstill.
  • SMSC (Short Messaging Service Centers) capable
    of holding approx. 500 messages. Phones capable
    of 30-50.
  • Once the finite buffer is filled, all messages
    will be dropped. However, when target devices
    cannot accept any additional messages, those
    whose source is the internet will results in a
    line at the SMSC. For a successful attack to
    occur, attacker must target multiple end devices

All images are results of searches on Google
Images.
2
Attacks via the Internet
Example Verizon Wireless Website
3
NPA/NXX Database
Attackers can search online for NPA / NXX. NPA
Numbering Plan Area (Area Code) NXX Numbering
Plan Exchange (First 3 Digits) Can also search
for other information such as email with mobile
phone. Does not generate 100 accurate results
4
Hit-List
Sending messages to random numbers and wait for a
response. Can design worms to collect stored
information from device address books, as well as
collect information from Bluetooth devices.
5
Outcomes of Attack
  • Similar to Internet driven attacks
  • Flooding the user.
  • Outcomes
  • Buffer overflow and message is lost
  • Message delayed longer than the value of the
    contents of the message
  • User ignores or discards the important message
    due to a large amount meaningless messages.
  • Can yield a battery depletion attack large
    amounts of data which consumes a significant
    amount of battery power.

6
Threats / Solutions
  • Due to the popularity and increased functionality
    that competes with email. Threats such as SPAM,
    Viruses and Phishing can be expected.
  • Current solutions are ineffective. Suggestions
  • Separation of voice and data can help reduce
    attackers ability to take down voice
    communications.
  • Like 9/11 where voice is overloaded, SMS
    originating from the Internet can be used to fill
    data channels and limit legit messages.
  • Deploy addl base stations and resources to
    critical areas reducing Internet based SMS
    attacks.
  • Cost of purchasing and placing equipment too
    high.
  • For all Internet messages, only acknowledge
    submission is being processed whether it is
    successful or not.
  • Limits the creation of accurate generated hit
    lists.
Write a Comment
User Comments (0)
About PowerShow.com