Unit-1Mobile Security Notes Mobile Communication

Mobile Communication refers to the technology that enables the transmission of voice, data, and multimedia content over wireless networks to mobile devices such as smartphones, tablets, and laptops. This communication takes place through a network of interconnected cell towers and base stations, which transmit and receive signals from mobile devices. Key components of mobile communication include: Cellular Networks: Divided into cells, each with a base station connecting to mobile devices. 2. Radio Frequency (RF) Signals: Wireless communication over allocated frequency bands. 3. Mobile Network Generations : Evolving from 1G to 5G, improving speed and connectivity. 4. Mobile Switching Centers (MSCs): Routing calls and data between mobile devices and networks. 5. Protocols and Standards: Mobile communication follows various protocols and standards, such as GSM (Global System for Mobile Communications), CDMA (Code Division Multiple Access), LTE (Long-Term Evolution), and 5G NR (New Radio). Mobile Communication

Generations of Mobile Networks: 1G : The first generation of mobile networks, primarily for voice communication. 2G: Introduced digital voice encoding and SMS (Short Message Service). 3G: Provided higher data rates, enabling internet access and video calls. 4G: Offered faster data speeds and supported high-definition video streaming and other data-intensive applications. 5G: The latest generation, with ultra-fast data rates, low latency, and support for massive IoT (Internet of Things) connectivity.

1.1 MOBILE COMMUNICATION HISTORY Evolution in wireless mobile network architectures are: Interpersonal Communication: Uses regulated electromagnetic bands for communication between people. IT and Network Device Communication: Replaces wires with wireless tech, using either regulated or unregulated spectrum(range of radio frequencies used to carry information and a key component of wireless communication ) . Man-Machine Interaction: Facilitates command exchange and information transfer between humans and machines.

Cellular Networks Early Systems (1928): First mobile system used by Detroit Police, marking the start of commercial mobile communication. 1G Era (1970s): AMPS (Advanced Mobile Phone System): Emerged in the early 1970s as part of the first generation of mobile systems. The FCC (Federal Communications Commission) allocated spectrum space for cellular systems to standardize the deployment of various non standardized technologies. IMTS (Intelligent Multi-mode Transit System): One of the broadcasting techniques used before the standardization of cellular systems. . European Developments : In Europe, early mobile communication systems were based on broadcasting telephone systems rather than cellular technology. These systems were primarily analog with some encryption features added for privileged communications. Key Systems in the 1980s NMT (Nordic Mobile Telephone) 450 System (1981): An analog system operating on the 450MHz band in North-European countries like Sweden, Norway, Denmark, and Finland. C- Netz 450 System: Introduced by Siemens in Germany, similar to the NMT 450 system. AMPS (Advanced Mobile Phone Service): Launched with some delays in service due to administrative obstacles, it became the standard in many European countries in the 800MHz band in the second half of the 1980s.

Technology and Network Architecture FDMA (Frequency Division Multiple Access): The primary technology for radio spectrum exploitation during this era, with geographically distributed radio base stations (RBS). Key Features of Network Systems: Radio Controller: Managed the RBSs. Switching Functions: Handled communications. Mobility Management: Limited to hard hand-over management. Subscriber Database Management: Managed subscriber information. Signalling Management: Handled signalling processes. Interconnection Functionalities: Managed network interconnections. Radio Access and Network Architecture : While network architectures across different systems were relatively similar, there were minor differences in radio access, particularly in channel bandwidth GSM : GSM, originally named "Groupe Special Mobile" and later "Global System for Mobile Communications," is a digital mobile system based on a TDM (Time Division Multiplexing) radio interface. Initially designed for voice communications at 9 Kbit/s, and minimal broadcasting capabilities. GSM is a digital mobile system initially designed for voice communication, later extended to support data services like SMS, FAX, and Circuit Switched Data. Enhanced with higher data rates through EDGE (Enhanced Data rates for GSM), GSM evolved into UMTS (Universal Mobile Telecommunication System), a 3G system integrating GSM features with W-CDMA ( Code Division Multiple Access)( allows multiple users to share frequency) technology under the 3GPP standardization.

VLR - Visitor Location Register NSS - Network Switching Subsystem HLR - Home Location Register Abis Interface - Interface between Base Station Controller (BSC) and Base Transceiver Station (BTS) AuC - Authentication Center MSC - Mobile Switching Center BSC - Base Station Controller BTS - Base Transceiver Station MS - Mobile Station PSDN - Packet Switched Data Network ISDN - Integrated Services Digital Network PSTN - Public Switched Telephone Network PLMN - Public Land Mobile Network

GPRS (General Packet Radio Service) enhances GSM by using a packet-oriented approach, allowing for higher data rates and efficient slot allocation. It supports dynamic slot assignment and multiple slot allocation to improve transmission speed, with adjustable error protection based on radio conditions. GPRS is mainly used for data communication. GPRS is an extension of GSM and is used for sending and receiving data over mobile networks. GPRS is particularly useful for mobile internet access as it allows for faster data transfer rates than GSM. GPRS also allows for an “always-on” data connection, meaning that users do not need to connect and disconnect every time they want to access the internet or send/receive data.

EDGE and UMTS: EDGE (Enhanced Data Rates for GSM Evolution) is a digital mobile phone technology that enhances data transmission rates on GSM networks. Often referred to as 2.75G , it bridges the gap between 2G and 3G technologies EDGE enhances mobile data services by enabling faster internet browsing, email access, multimedia messaging, and better app performance. UMTS (Universal Mobile Telecommunication System) introduces a new radio access method based on CDMA, integrating with GSM, GPRS, and EDGE into a unified system that supports multiple types of network access. UMTS enables high-speed internet, video calling, multimedia messaging, mobile TV, online gaming, mobile commerce, and remote work. Wireless Data Networks : WPAN : Covers ~10 meters, for personal device connections. WLAN : Covers ~100 meters, for PC and server connections. WMAN : Covers ~10 kilometres, for building interconnections Wireless LAN : Frequency Hopping : A method where signals jump between frequencies to avoid interference. Evolution : WLAN began from early wireless systems used in World War II. Basic Service Set (BSS) : Core component with one Access Point (AP) and connected devices. Access Point (AP) : Acts as a bridge for devices within the BSS Basic Service Set . to communicate. Ad Hoc Network : A peer-to-peer WLAN setup without an AP.

Mobile Ad Hoc Networks Mobile Ad Hoc Networks (MANETs) are decentralized wireless networks where autonomous nodes communicate directly without relying on fixed infrastructure like routers or access points. Key Characteristics of MANETs: Decentralization : No central control; each node can act as a router. Dynamic Topology : Network structure changes frequently due to node mobility. Multi-hop Communication : Data is relayed through multiple nodes for long-distance communication. Peer-to-Peer Communication : Nodes communicate directly with each other without hierarchy. Versatility : Supports various wireless technologies like WLAN, Bluetooth, and GSM. Wireless PAN A Wireless Personal Area Network (WPAN) is a short-range, cable-free network that connects devices within about 10 meters, typically using Bluetooth. It offers seamless connectivity, selective access to prevent interference, low power consumption, and supports secure voice and data communication for portable devices. The technology is evolving towards global interconnectivity.

Important Features of WPAN: Short-Range Communication : Typically operates within a 10-meter range. Plug and Use : Devices can connect seamlessly when in close proximity, mimicking a wired connection. Selective Access : Ability to lock out other devices to prevent interference and unauthorized access. Low Power Consumption : Designed for small, portable devices with minimal power usage. Support for Voice and Data : Enables communication for both voice and data across connected devices. Security : Ensures secure communication with features like authorization, authentication, and encryption. Interconnectivity : Aims for global interconnectivity of WPANs across different devices and networks.

Integrated Networks Diverse Wireless Access : Supports various wireless technologies for user access. Intelligent Access Layers : Intelligence resides in access layers; the backbone focuses on packet transport. Scalable Data Flows : Handles billions of concurrent micro and mega flows with varying QoS requirements. Mobility Management : Ensures seamless handovers and continuous connectivity for mobile users across different domains. Heterogeneous Networks : Accommodates diverse traffic profiles, including transaction-oriented and multimedia traffic. IP-Based Services : All services are delivered over IP, with data encapsulated in IP packets. Security and Adaptability : Requires robust security infrastructure that can adapt to environments with limited resources and evolve as more resources become available. Seamless User Experience : Maintains service continuity and security during user roaming and handovers.

SECURITY—WIRED vs WIRELESS Increased Vulnerability : Wireless communications are more susceptible to security attacks than wired systems due to the open nature of the medium. Eavesdropping Risk : Anyone can listen to wireless transmissions, and such eavesdropping is undetectable. Lack of Origin Identification : Wireless communication does not uniquely identify the originator, unlike wired systems. Early System Weaknesses : 1G and 2G systems lacked robust security features, making them vulnerable to attacks like eavesdropping. Need for Cryptography : Cryptographic techniques are essential for ensuring security, authentication, and access control in wireless networks. User Privacy Protection : Security measures are crucial for preventing unauthorized use of communication resources and protecting user privacy. SECURITY ISSUES IN WIRELESS AND MOBILE COMMUNICATIONS Communication security involves ensuring data confidentiality, integrity, authentication, and nonrepudiation, often using cryptographic methods. It also includes protecting the privacy of traffic, location, and addresses. Basic security is often provided implicitly, such as through the need for proximity and special equipment for eavesdropping, or casual authentication via caller ID and voice recognition.

Cryptography : Provides strong security but can be inconvenient; essential for sensitive applications. Vulnerabilities often stem from poor management rather than flaws in cryptographic algorithms. Confidentiality : Achieved through encryption of data. In GSM networks, for example, encryption occurs only between the mobile terminal and the base station, not throughout the entire network. Authentication : Ensures the identity of communicating parties. It is asymmetric, meaning authentication of A by B is separate from authentication of B by A. Options vary by protocol, e.g., SSL supports different levels of authentication. Non-Repudiation : Ensures that the sender cannot deny sending a message and that the recipient can prove the message's origin to third parties. Achieved through digital signatures, which differ from simple authentication in their ability to convince third parties. Applications and Interests : Network operators focus on authentication for billing and fraud prevention, while users and service providers are concerned with mutual authentication and verifying network service providers. Implementation depends on technology and business models.

Key Characteristics Making Mobile Networks Vulnerable: Open Medium : Wireless links are prone to various attacks, including eavesdropping, interference, information leakage, and node impersonation. Distributed Decision-Making : Decentralized decision-making and reliance on cooperative participation can expose networks to security risks. Dynamic Topology : Changing network topology and location-dependent operations create unique communication patterns and vulnerabilities. Absence of Central Authority : Difficulty in tracking and managing mobile nodes on a global scale. Lack of Clear Defense : Inadequate standard security software and protocols.

Security Requirements for Wireless and Mobile Communications: High Complexity : Securing wireless communications is more difficult than desktop applications. Vulnerabilities : Mobile devices face risks of unauthorized use and attacks due to the open radio interface. Proactive and Reactive : Effective security needs both preventative measures and post-attack analysis. Integrated Approach : Combine proactive and reactive strategies for comprehensive protection. Following are some of the requirements while designing the security solutions for mobile networks: Roaming Support : Secure user authentication across different networks. Data Integrity : Verify and protect sensitive data from alterations. Prevent Theft : Use cryptographic methods to prevent misuse of stolen devices and services. Clone Resistance : Protect against cloning of personal equipment. User Identification : Ensure accurate user identification for billing and authentication. Equipment Identification : Use unique, tamper-resistant identifiers for devices. Resource Efficiency : Optimize cryptographic processes to conserve power, bandwidth, and processing.

SECURITY FOR MOBILE APPLICATIONS Network Security Goals: Prevent Unauthorized Access : Protect against unauthorized data reading, modification, and resource misuse, including denial of service. User-Based Protection : Traditionally, security focused on user authentication and protecting users from each other. Application Management : Ensure applications are managed to prevent unintended behaviors that could lead to significant security issues. Two concepts can aid in security design at the application level. Application as a Unit of Protection : Treat applications as the primary security units, ensuring they operate within defined parameters and are managed independently. Application as a Unit of Reasoning : Adapt to modern complexities by maintaining a clear view of all code and processes on a system, allowing users to make informed security decisions and detect malicious software.

Application-level Security Architecture Architecture : Applications interact with cryptographic modules (software, hardware, or smart cards). Device Management : Handled by device drivers, which manage multiple devices and transactions. Interface : Applications use simple API calls, hiding complexity of cryptographic processes. Security Functions : Security schemes are categorized into five main functions for effective implementation.

Trust-based Context-aware Security Trust and Security Management : Trust drives a decentralized security approach that can manage partial information but involves risks. Clear trust relationships enable effective security measures and informed decision-making. A hospital trusts external vendors to manage patient data, but this trust comes with risks if a vendor's security fails. Context Definition : Context includes various factors like location, identity, environment, and social situations, characterizing the dynamic states of people and objects in computing environments. The hospital system considers factors like location, identity, and environment to determine access, such as allowing a doctor to access specific records in the operating room. Context-Sensitive Security : Security must adapt to changing contexts, making mechanisms more flexible and dynamic. Predicting how security policies should evolve based on context is a key challenge. Security adapts based on context, like restricting data access to specific times or locations, ensuring data is protected dynamically.

Role-based Security Role-Based Security : Permissions are grouped into Roles assigned to Principals (logins), allowing for efficient management of user access. User Roles : Users can switch between roles by logging in with different Principals (e.g., a user might be both head-Sales and admin-Standard). Credentials like passwords are attached to users, allowing them to log in with the same password regardless of the role. Role-Based Access Control (RBAC) : RBAC assigns permissions to roles, and users are assigned roles based on their job functions , simplifying permission management and allowing flexible policy updates as needs change. Policy Neutrality : RBAC doesn’t enforce a specific security policy but provides a framework for defining and modifying policies to meet the organization’s changing needs.

Behaviours-based Security Signature-Based Security : Detects threats by matching traffic to known attack patterns but struggles with new or altered threats. Eg: Antivirus software detects known viruses by matching their specific code patterns. Behavior-Based Security : Monitors and analyzes normal traffic patterns to identify anomalies and new threats based on behavior. Eg: An intrusion detection system (IDS) that monitors network traffic for unusual patterns, like a sudden surge of outgoing emails from a single account. If it detects behavior indicative of a potential worm or data breach, it flags the activity for further investigation. Advantages and Drawbacks : Can detect new threats but may produce more false alerts compared to signature-based security. Behavior-based security can catch new threats but may produce more false alerts. Implementation : Behavior-based systems analyze and adapt to traffic patterns and can be deployed throughout a network for enhanced security. A behavior-based firewall analyses and adapts to traffic patterns throughout a network to detect anomalies.

ISP-based Behavioural Security ISPs use large-scale security systems to monitor and filter network traffic for anomalies(Deviating from the normal or expected pattern) . This approach reroutes and cleans problematic packets before reaching customer networks, saving bandwidth and resources. It can detect attacks early due to its broad network view but lacks fine-grained control for individual users. Security-Provider-Based Behavioural Security : Security systems are installed at the edge of a corporate LAN to monitor and analyze incoming traffic. They detect suspicious behavior, issue alerts, and filter out malicious packets . User-Based Security : These systems are installed on individual computers to protect specific applications. They monitor for anomalies in application behavior or system changes, blocking suspicious traffic or requesting user approval before allowing it.

Agents-Based Security : This approach uses Mobile Agents (MAs) for intrusion detection. MAs can move between hosts, monitoring for unauthorized activities. Unlike traditional IDS, which are centralized and suited for wired networks, agents-based systems offer flexibility but face challenges in wireless networks due to their unique properties. M-commerce transactions involve business activities conducted via mobile devices over wireless networks. They differ from traditional transactions due to three key issues: Open Environment: Increased risk of disguised or forged identities. Device Vulnerability: Mobile devices can be stolen or misused, making them unreliable for user authentication. Communication Autonomy: Devices often experience connectivity issues, requiring transaction mechanisms that don't rely on constant network availability. Transactions-based Security

ADVANTAGES OF APPLICATION-LEVEL SECURITY End-to-End Security: Ensures security from the user or business application all the way through. Flexibility: Allows for a wide range of cryptographic services, like digital signatures and selective encryption. Protection Against Attacks: Provides defense against insider attacks and limits damage from external breaches. Device Re-use: A single security device can support multiple applications. Support for Multiple Devices: Can accommodate different device types and ensure redundancy. Secure Audit Trails: Offers secure tracking through hardware-generated sequence numbers and digital signatures. Mandated Use: Required in many banking applications, such as inter-bank transactions and point-of-sale systems.

DISADVANTAGES OF APPLICATION-LEVEL SECURITY Application Dependence: Changes in applications may require corresponding updates to the security solution. Maintenance Difficulties: Managing security across large organizations can be challenging, especially for distributing updates. Application Security Weaknesses: Interdependence between applications and security can introduce vulnerabilities. Difficult to Retrofit: Adding security after the fact is often complex and costly due to its tight integration with applications.

Unit-1Mobile Security Notes Mobile Communication

About This Presentation

Slide Content

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

Unit-1Mobile Security Notes Mobile Communication

About This Presentation

Slide Content

Slide 1

Slide 2

Slide 3

Slide 4

Slide 5

Slide 6

Slide 7

Slide 8

Slide 9

Slide 10

Slide 11

Slide 12

Slide 13

Slide 14

Slide 15

Slide 16

Slide 17

Slide 18

Slide 19

Slide 20

Slide 21

Slide 22

Slide 23

Slide 24

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

8-top-ai-courses-for-customer-support-representatives-in-2025.pptx

7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx

25-essential-ai-courses-for-user-support-specialists-in-2025.pptx

8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx

Know for Certain

PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx