Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Short Message ServiceVulnerability Analysis: An attempt to attack the Serial Line on Symbian Smartphone In Orderto Inject Arbitrary SMS
KTH, School of Information and Communication Technology (ICT).
2011 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

Short Message Service (SMS) is a permanently available service on mobile phone networks. In addition to text messages, it supports binary messages to provide various services to mobile phones. SMS security has a strong relationship to the security of mobile phones. Due to the open functionality of mobile phone networks, SMS can be exposed to dierent kind of attacks.

To cope with the increasing demand for secure SMS, it is crucial to perform a vulnerability analysis of SMS-implementations to nd out potential security vulnerabilities that smartphones may be exposed to. Conducting vulnerability analyses of SMS is dicult, as one would need to send a large amount of SMS through the mobile phone network in order to conduct such analyses. However, if the need for a mobile phone network is removed from the vulnerability analysis, the diculties of performing it can be considerably reduced.

Collin Mulliner and Challie Miller (2009) presented a testing platform (without the engagement of a mobile phone network) for this purpose in three popular mobile phone operating systems: the iPhone, Android and Windows Mobile. They claimed that their testing platform could be ported to other smartphone operating systems (OS).

Since the Symbian operating system is one of the most popular smartphone platforms, this thesis focuses on how to port this testing platform to the Symbian OS for vulnerability analysis of SMS-implementations. The research methodology behind this study was an experimental research method, conducted by presenting a hypothesis and developing an artifact to test it.

This research produced a key finding: that it is not feasible to implement this vulnerability analysis for SMS-implementations on the Symbian OS, when considering the prerequisites that Collin Mulliner and Charlie Miller dened in their work. They claimed that, if there is an application level access to the serial line for the modem or the ability to add or remove the arbitrary driver, then it is feasible to port their testing framework to other operating systems. This research discovers that neither of these conditions exists in the Symbian OS.

Place, publisher, year, edition, pages
2011. , 90 p.
Series
Trita-ICT-EX, 2011:307
Keyword [en]
Smartphone Security, Vulnerability Analysis, Short Message Service Injection, Symbian
National Category
Engineering and Technology
Identifiers
URN: urn:nbn:se:kth:diva-105869OAI: oai:DiVA.org:kth-105869DiVA: diva2:572652
Educational program
Master of Science - Information and Communication Systems Security
Uppsok
Technology
Examiners
Available from: 2012-11-28 Created: 2012-11-28 Last updated: 2012-11-28Bibliographically approved

Open Access in DiVA

fulltext(1846 kB)428 downloads
File information
File name FULLTEXT01.pdfFile size 1846 kBChecksum SHA-512
0642e892ba476b7920e282ff4027746cc811bb5e49df6ed83684ca1e031c524d9816406884693f6f9e7bf06591b9a7ad5d64e8426848f07a4dc410d1f78bf11f
Type fulltextMimetype application/pdf

By organisation
School of Information and Communication Technology (ICT)
Engineering and Technology

Search outside of DiVA

GoogleGoogle Scholar
Total: 428 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 157 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf