Do-It-Yourself Cellular IDS
Hacked smartphones pose extreme risks to security. Infected smartphones can record surrounding audio, intercept text messages, capture location, and usage data, and send all that stolen data back to an attacker. Enterprise security pros have no visibility into the cellular network, and therefore can’t do network traffic inspection or IDS, even for devices that are physically within their facilities.
At LMG, we wanted to be able to keep tabs on smartphones in our facility! For less than $300 in parts, we built a proof-of-concept Cellular Intrusion Detection System, leveraging commercial femtocells to create a 3G cellular network sniffer. Then we infected a smartphone with the Android.Stels malware and showed how Snort was able to detect and alert upon the malicious smartphone traffic. Oh, and for fun, we remotely took control of the bot and made it do our bidding.
LMG’s project demonstrates that low-cost cellular intrusion detection systems are not only possible, but they are also an inexpensive and effective way to combat mobile malware. In this talk, we’ll show you our method for capturing and analyzing cellular traffic using locally-deployed femtocells, which any security professional can build.