Mobile Cloning
SECURITY MANAGEMENT AGAINST CLONING MOBILE PHONES
Mirela Sechi Moretti Annoni Notare1 Azzedine Boukerche2 Fernando A. S. Cruz1 Bernardo G. Riso1 Carlos B. Westphall1
1 Network and Management Laboratory Federal University of Santa Catarina (UFSC)
{mirela, cruz, riso, westphal}@lrg.ufsc.br
2 Department of Computer Sciences University of North Texas boukerche@silo.csci.unt.edu Abstract: This work presents the development of a distributed security management system for telecommunication networks. The system consists in reducing the use of cloned mobile telephones using three main techniques: (1) An ISO Formal Technique (LOTOS) is used to specify and validate the system; (2) A Pattern Recognition Technique is used to classify the telephone users into classes in order to identify if a call does not correspond to the patterns of a specific user; and (3) Distributed Object Technique is used for the implementation of this distributed system (i.e., manager and agents). Keywords: Distributed Management, Telecommunication Security, Formal Description Technique, Pattern Recognition, CORBA.
1. INTRODUCTION
The security management service is responsible for providing a safe environment for both the operation and management of resources in a domain [14, 15]. Safety and Security are two reliability properties of a system. A ‘safe’ system provides protection against errors of trusted users, while ‘secure’ system protects against errors introduced by untrusted users [1]. A comprehensive network security plan must encompass all the elements that make up the network and provide important services: Access (authorized users), Confidentiality, (information remains private), Authentication (sender is who he claims to be), Integrity (message has not been modified in transit) and Nonrepudiation (originator cannot deny that he sent the message) [4]. Our main objective is to augment the security in telecommunication networks, avoiding frauds of cloned mobile phones. In order to
Mirela Sechi Moretti Annoni Notare1 Azzedine Boukerche2 Fernando A. S. Cruz1 Bernardo G. Riso1 Carlos B. Westphall1
1 Network and Management Laboratory Federal University of Santa Catarina (UFSC)
{mirela, cruz, riso, westphal}@lrg.ufsc.br
2 Department of Computer Sciences University of North Texas boukerche@silo.csci.unt.edu Abstract: This work presents the development of a distributed security management system for telecommunication networks. The system consists in reducing the use of cloned mobile telephones using three main techniques: (1) An ISO Formal Technique (LOTOS) is used to specify and validate the system; (2) A Pattern Recognition Technique is used to classify the telephone users into classes in order to identify if a call does not correspond to the patterns of a specific user; and (3) Distributed Object Technique is used for the implementation of this distributed system (i.e., manager and agents). Keywords: Distributed Management, Telecommunication Security, Formal Description Technique, Pattern Recognition, CORBA.
1. INTRODUCTION
The security management service is responsible for providing a safe environment for both the operation and management of resources in a domain [14, 15]. Safety and Security are two reliability properties of a system. A ‘safe’ system provides protection against errors of trusted users, while ‘secure’ system protects against errors introduced by untrusted users [1]. A comprehensive network security plan must encompass all the elements that make up the network and provide important services: Access (authorized users), Confidentiality, (information remains private), Authentication (sender is who he claims to be), Integrity (message has not been modified in transit) and Nonrepudiation (originator cannot deny that he sent the message) [4]. Our main objective is to augment the security in telecommunication networks, avoiding frauds of cloned mobile phones. In order to