Detects SS7 Network Attacks Through Phone Conversations and Alerts Callers in Real Time
This mobile phone security system detects Signaling System 7 (SS7) redirection attacks during phone calls. SS7 is a global network that links together mobile phones, but unfortunately, hackers can abuse necessary functions of SS7 to reroute phone calls, track locations and intercept SMS messages. These attacks are difficult to identify due to the lack of detection techniques, so existing practices often fail to determine intended targets. Additionally, conventional carrier-based approaches neglect to inform consumers of incidents in real time. The universal impact of these attacks, noted in telecommunication networks across the globe, highlights the need for a for a user-side detection system.
Researchers at the University of Florida have developed a consumer-friendly, SS7-based detection system which alerts users about attempts to reroute their calls or eavesdrop on them. This is the first detection system that informs users when their calls are being covertly attacked.
Mobile phone security system that detects and alerts users of rerouting and eavesdropping attacks using audio-based distance bounding
- Prevents eavesdropping, enabling secure communications and privacy to government users, companies and other organizations who place sensitive phone calls
- Operates during the targeted points of a phone call, improving existing attack identification systems
- Adapts to multiple production methods, allowing manufactures to include as part of either hardware or software
- Utilizes a strong detection mechanism, informing users of call monitoring or rerouting
This security system uses audio-based distance bounding by transmitting cryptographically generated audio challenges and responses between cell phones while on a call. By measuring the time it takes for a signal to travel a return journey from one mobile phone to another, this application can securely estimate the round trip travel time (RTT) over the audio channel. Rerouting attacks add significant latency to call audio and cause abnormally high RTTs. This system therefore uses its estimated RTT to determine if a call is being attacked. Furthermore, the challenges and responses are encoded, meaning they cannot be imitated by hackers seeking to obscure their presence.