GSM and GPRS Security Using OsmocomBB
MetadataVis full innførsel
This thesis analyzes the security of Norwegian GSM and GPRS networksusing the OsmocomBB project, which aims to create a free and open sourceGSM baseband software implementation. OsmocomBB was used to understandthe GSM system, and to understand and implement two types of attacks.The first one is an eavesdropping attack, and the second one is a set ofDenial-of-Service attacks: the RACH flood attack, the IMSI attach floodattack, the IMSI detach attack, and an attack based on race conditionsin the paging process. The feasibility of these attacks on Norwegian networks was assessed. Itwas found that both Telenor and Netcom seem protected from theeavesdropping attack. The IMSI detach attack is effective on Telenor,but not on Netcom. The other Denial-of-Service attacks are probablyeffective, but were not tested since they could damage the networks.