iVisher: Real-Time Detection of Caller ID Spoofing

Song, JaeSeung; Kim, Hyoungshick; Gkelias, Athanasios

doi:10.4218/etrij.14.0113.0798

Cited by 16 publications

(17 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As for Attack-1 , the caller ID shown on the callee side is not forged. Therefore, the found attack can bypass any state-of-the-art defense mechanisms for caller ID spoofing, i.e., callee-end defense [21] and in-network defense [55]. Additionally, the adversary could also receive callbacks from the callee for confirmation.…”

Section: Attack 1: Ue Screen Lock Bypassingmentioning

confidence: 99%

Discovering emergency call pitfalls for cellular networks with formal methods

Hou¹,

Li²,

et al. 2021

Proceedings of the 19th Annual International Conference on Mobile Systems, Applications, and Services

View full text Add to dashboard Cite

Availability and security problems in cellular emergency call systems can cost people their lives, yet this topic has not been thoroughly researched. Based on our proposed Seed-Assisted Specification method, we start to investigate this topic by looking closely into one emergency call failure case in China. Using what we learned from the case as prior knowledge, we build a formal model of emergency call systems with proper granularity. By running model checking, four public-unaware scenarios where emergency calls cannot be correctly routed are discovered. Additionally, we extract configurations of two major U.S. carriers and incorporate them as model constraints into the model. Based on the augmented model, we find two new attacks leveraging the privileges of emergency calls. Finally, we present a solution with marginal overhead to resolve issues we can foresee. CCS CONCEPTS• Networks → Formal specifications; Protocol testing and verification; Mobile networks; • Security and privacy → Mobile and wireless security.

show abstract

Section: Attack 1: Ue Screen Lock Bypassingmentioning

confidence: 99%

Discovering emergency call pitfalls for cellular networks with formal methods

Hou¹,

Li²,

et al. 2021

Proceedings of the 19th Annual International Conference on Mobile Systems, Applications, and Services

View full text Add to dashboard Cite

show abstract

“…In SS7 or VOIP, there is no caller ID verification mechanism between carriers along with other vulnerabilities [24] [25]. So, 1.…”

Section: Network Interconnection Protocolsmentioning

confidence: 99%

End-to-End Detection of Caller ID Spoofing Attacks

Mustafa

Sadeghi

et al. 2018

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

Caller ID (caller identification) is a service provided by telephone operators where the phone number and/or the name of the caller is transmitted to inform the callee who is calling. Today, most people trust the caller ID information and some banks even use Caller ID to authenticate customers. However, with the proliferation of smartphones and VoIP, it is easy to spoof caller ID information by installing a particular application on the smartphone or by using service providers that offer Caller ID spoofing. As the phone network is fragmented between countries and companies and upgrades of old hardware is costly, no mechanism is available today to let end-users easily detect Caller ID spoofing attacks. In this article, we propose a new approach of using end-to-end caller ID verification schemes that leverage features of the existing phone network infrastructure (CallerDec). We design an SMS-based and a timing-based version of CallerDec that works with existing combinations of landlines, cellular and VoIP networks and can be deployed at the liberty of the users. We implemented both CallerDec schemes as an App for Android-based phones and validated their effectiveness in detecting spoofing attacks in various scenarios.

show abstract

“…The major tasks of an intrusion detection system (IDS) are to collect data from multiple sources (e.g., host, network), analyze these data to find security-relevant behaviors, and report the results to the system administrator [6,7,[11][12][13][14][15][16][17][18][19][20][21][22]. As shown in Fig.…”

Section: Intrusion Detection Systemmentioning

confidence: 99%

Host-based intrusion detection system for secure human-centric computing

2015

View full text Add to dashboard Cite

With the advancement of information communication technology, people can access many useful services for human-centric computing. Although this advancement increases work efficiency and provides greater convenience to people, advanced security threats such as the Advanced Persistent Threat (APT) attack have been continuously increasing. Technical measures for protecting against an APT attack are desperately needed because APT attacks, such as the 3.20 Cyber Terror and SK Communications hacking incident, have occurred repeatedly and cause considerable damage, socially and economically. Moreover, there are limitations of the existing security devices designed to cope with APT attacks that continue persistently using zero-day malware. For this reason, we propose a malware detection method based on the behavior information of a process on the host PC. Our proposal overcomes the limitations of the existing signature-based intrusion detection systems. First, we defined 39 characteristics for demarcating malware from benign programs and collected 8.7 million characteristic parameter events when malware and benign programs were executed in a virtual-machine environment. Further, when an executable program B Daesung Moon daesung@etri.re.kr Sung Bum Pan 123 D. Moon et al.is running on a host PC, we present the behavior information as an 83-dimensional vector by reconstructing the frequency of each characteristic parameter's occurrence according to the process ID for the collected characteristic parameter data. It is possible to present more accurate behavior information by including the frequency of characteristic parameter events occurring in child processes. We use a C4.5 decision tree algorithm to detect malware in the database. The results of our proposed method show a 2.0 % false-negative detection rate and a 5.8 % false-positive detection rate.

show abstract

iVisher: Real-Time Detection of Caller ID Spoofing

Cited by 16 publications

References 18 publications

Discovering emergency call pitfalls for cellular networks with formal methods

Discovering emergency call pitfalls for cellular networks with formal methods

End-to-End Detection of Caller ID Spoofing Attacks

Host-based intrusion detection system for secure human-centric computing

Contact Info

Product

Resources

About