For less than $500, you can build your own cellular intrusion detection system to detect malicious activity through your own local femtocell. Our team will show how we leveraged root access on a femtocell, reverse engineered the activation process, and turned it into a proof-of-concept cellular network intrusion monitoring system.
We leveraged commercial Home Node-Bs (""femtocells"") to create a 3G cellular network sniffer without needing to reimplement the UMTS or CDMA2000 protocol stacks. Inside a Faraday cage, we connected smartphones to modified femtocells running Linux distributions and redirected traffic to a Snort instance. Then we captured traffic from infected phones and showed how Snort was able to detect and alert upon malicious traffic. We also wrote our own CDMA protocol dissector in order to better analyze CDMA traffic.
The goal of this project was to develop a low-cost proof-of-concept method for capturing and analyzing cellular traffic using locally-deployed femtocells, which any security professional can build.
Sherri Davidoff (@sherridavidoff) is a principal and Senior Security Consultant at LMG Security. She has over a decade of experience as an information security professional, specializing in penetration testing, forensics, social engineering testing and web application assessments. Sherri is the co-author of "Network Forensics: Tracking Hackers Through Cyberspace" (Prentice Hall, 2012). She is a GIAC-certified forensic examiner (GCFA) and penetration tester (GPEN), and holds her degree in Computer Science and Electrical Engineering from MIT.br />Facebook
Scott Fretheim is an expert penetration tester and risk assessment consultant. His clients include Fortune 500 companies, financial institutions, insurance companies, health care organizations, and more. He is a GIAC Certified Web Application Penetration Tester (GWAPT) and is trained in smart grid and SCADA security. He is a founding member of the Montana HTCIA, and holds his B.S. in Management of Information Systems. Scott is an instructor at Black Hat.
David Harrison specializes in digital and mobile device forensics as well as information security research. He is a principal author of the DEFCON 2012 Network Forensics Contest. David holds a A.S. in Computer Science from FVCC and is pursuing a B.S. in Software Design from Western Governor's University.
Randi Price is a security consultant at LMG Security. She specializes in policy and procedure review and development, including ISO 27001 assessments and HIPAA risk analyses. Randi provides security management consulting for large enterprises such as financial and health care organizations. She is a certified digital forensic examiner and holds her GIAC forensic certification (GCFE). Randi holds two BS degrees in Management of Information Systems and Accounting from the University of Montana.