Femtocell: Femtostep to the Holy Grail

March 30, 2011 (at 4 p.m.) in Attacks & Research

Femtocells are now being rolled out across the world to enhance third generation (3G) coverage and to provide assurance of always best connectivity in the 3G telecommunication networks. It acts as an access point that securely connect standard mobile handset to the mobile network operator’s core network using an existing wired broadband connection. In this talk, we will evaluate security mechanisms used in femtocells and discuss practical & potential misuse scenarios of the same. In particular, our talk will cover:

<ul> <li>Femtocell and Telecom business model</li> <li>Security architecture of the femtocell</li> <li>Location verification techniques and how to beat them for free roaming calls</li> <li>Hacking of the device</li> </ul> <ul> <li style="padding-left: 30px;"> r00ting</li> <li style="padding-left: 30px;"> accessing confidential information stored on the device</li> <li style="padding-left: 30px;"> installing malicious application into the device</li> <li style="padding-left: 30px;"> accessing mobile network operator’s infrastructural element</li> </ul> <ul> <li>Possible countermeasures</li> <li>Demo</li> </ul>

Ravishankar Borgaonkar

Ravishankar works as a research fellow in Oxford University. His research themes are related to mobile telecommunication and involved security threats. This ranges from GSM/UMTS/LTE network security to end-user device security.

Kevin Redon

Kévin Redon first learned about telecommunication networks during a lecture at University. He preferred computer networks though, which are far less complicated and cumbersome. Later another teacher gave him the opportunity to play with a base station. Since then he looked at the security of different aspects, going from the SIM card, through basebands, to femtocells. After showing several vulnerabilities at conferences, he joined the product security team of Qualcomm to try improve the state.