Abstract
Wireless communications coprocessors are a vital component of numerous Internet of Things and mobile devices. These subsystems enable devices to communicate directly with peers and supporting network infrastructures. Previous research has shown that wireless communications coprocessors lack fundamental security mechanisms to combat attacks originating from the air-interface and application processor (main CPU). To mitigate the risk of exploitation, methods are needed to retroactively add security mechanisms to communications coprocessors.
This chapter focuses on securing a cellular baseband processor from attacks by hostile applications in the application processor. Such attacks often leverage attention (AT) commands to exploit vulnerabilities in baseband firmware. The attacks are mitigated by installing an AT command intrusion prevention system between the application processor and baseband processor interface.
Chapter PDF
Similar content being viewed by others
References
Aleph One, Smashing the stack for fun and profit, Phrack, vol. 7(49), 1996
N. Artenstein, Broadpwn: Remotely compromising Android and iOS via a bug in Broadcom’s Wi-Fi chipsets, presented at Black Hat USA, 2017
G. Beniamini, Over the Air: Exploiting Broadcom’s Wi-Fi Stack (Part 1), Project Zero Team, Google, Mountain View, California (googleprojectzero.blogspot.com/2017/04/over-air-exploiting-broadcoms-wi-fi_4.html), April 4, 2017
G. Beniamini, Over the Air: Exploiting Broadcom’s Wi-Fi Stack (Part 2), Project Zero Team, Google, Mountain View, California (googleprojectzero.blogspot.com/2017/04/over-air-exploiting-broadcoms-wi-fi\_11.html), April 11, 2017
G. Beniamini, Over the Air - Vol. 2, Pt. 3: Exploiting the Wi-Fi Stack on Apple Devices, Project Zero Team, Google, Mountain View, California (googleprojectzero.blogspot.com/2017/10/over-air-vol-2-pt-3-exploiting-wi-fi.html), October 11, 2017
A. Blanco and M. Eissler, One firmware to monitor ’em all, presented at the Ekoparty Security Conference, 2012
G. Delugre, Reverse engineering a Qualcomm baseband, presented at the Twenty-Eighth Chaos Communication Congress, 2011
J. Drake, P. Fora, Z. Lanier, C. Mulliner, S. Ridley and G. Wicherski, Android Hacker’s Handbook, John Wiley and Sons, Indianapolis, Indiana, 2014
European Telecommunications Standards Institute, Digital Cellular Telecommunications System (Phase 2+), AT Command Set for GSM Mobile Equipment (ME), GSM 07.07, Version 5.5.5, TS/SMG-040707Q, Sophia Antipolis, France, 1996
N. Golde and D. Komaromy, Breaking band: Reverse engineering and exploiting the Shannon baseband, presented at REcon, 2016
History of Computers, The modem of Dennis Hayes and Dale Heatherington (history-computer.com/ModernComputer/Basis/modem.html), 2016
B. Hond, Fuzzing the GSM Protocol, Master’s Thesis, Computing Science Program, Radboud University, Nijmegen, The Netherlands, 2011
iPhone Dev Team, ultrasn0w, The iPhone Wiki (www.theiphonewiki.com/wiki/Ultrasn0w), 2009
iPhone Dev Team, Purplesn0w, The iPhone Wiki (www.theiphonewiki.com/wiki/Purplesn0w), 2015
P. Kocialkowski, Samsung Galaxy Back-Door (redmine.replicant.us/projects/replicant/wiki/SamsungGalaxyBackdoor), February 4, 2014
B. Krebs, Mirai botnet authors avoid jail time, Krebs on Security (krebs onsecurity.com/tag/mirai-botnet), September 19, 2018
A. Lonzetta, P. Cope, J. Campbell, B. Mohd and T. Hayajneh, Security vulnerabilities in Bluetooth technology as used in IoT, Journal of Sensor and Actuator Networks, vol. 7(3), article no. 28, 2018
L. Miras, The baseband playground, presented at the Ekoparty Security Conference, 2011
M. Moe, Go ahead, hackers. Break my heart, Wired, March 14, 2016
C. Mulliner, S. Liebergeld, M. Lange and J. Seifert, Taming Mr. Hayes: Mitigating signaling based attacks on smartphones, Proceedings of the Forty-Second Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2012
J. Nivethan and M. Papa, A Linux-based firewall for the DNP3 protocol, Proceedings of the IEEE Symposium on Technologies for Homeland Security, 2016
M. Palattella, N. Accettura, X. Vilajosana, T. Watteyne, L. Grieco, G. Boggia and M. Dohler, Standardized protocol stack for the Internet of (important) Things, IEEE Communications Surveys and Tutorials, vol. 15(3), pp. 1389–1406, 2013
F. Sanglard, Tracing the Baseband: Part 1 (fabiensanglard.net/cell phoneModem/index.php), May 11, 2010
F. Sanglard, Tracing the Baseband: Part 2 (fabiensanglard.net/cell phoneModem/index2.php), May 11, 2010
M. Sauter, From GSM to LTE: An Introduction to Mobile Networks and Mobile Broadband, John Wiley and Sons, Chichester, United Kingdom, 2014
B. Seri and A. Livne, Exploiting BlueBorne in Linux-based IoT devices, Armis, Palo Alto, California, 2019
W. Shaw, Cybersecuriy for SCADA Systems, PennWell, Tulsa, Oklahoma, 2006
SIMCom Wireless Solutions, AT Commands Set, SIM900\_ATC\_V1.00, Shanghai, China, 2010
Statista, Internet of Things (IoT) connected devices installed based worldwide from 2015 to 2025 (in billions), Frankfurt, Germany (www.statista com/statistics/471264/iot-number-of-connected-devices-worldwide), 2018
D. Tian, G. Hernandez, J. Choi, V. Frost, C. Ruales, P. Traynor, H. Vijayakumar, L. Harrison, M. Grace and K. Butler, ATtention spanned: Comprehensive vulnerability analysis of AT commands within the Android ecosystem, Proceedings of the Twenty-Seventh USENIX Security Symposium, pp. 273–290, 2018
Tofino Security, Tofino Firewall LSM, Lantzville, Canada (www.tofino security.com/products/Tofino-Firewall-LSM), 2017
P. Tsang and S. Smith, YASIR: A low-latency, high-integrity security retrofit for legacy SCADA systems, Proceedings of the Twenty-Third IFIP TC 11 International Information Security Conference, pp. 445–459, 2008
R. Weinmann, All your baseband are belong to us, presented at the Hack.lu Conference, 2010
R. Weinmann, Baseband attacks: Remote exploitation of memory corruptions in cellular protocol stacks, Proceedings of the Sixth USENIX Conference on Offensive Technologies, 2012
H. Welte, Anatomy of Contemporary GSM Cellphone Hardware (ondoc.logand.com/d/373/pdf), 2010
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 IFIP International Federation for Information Processing
About this paper
Cite this paper
Staggs, J., Shenoi, S. (2019). Securing Wireless Coprocessors from Attacks in the Internet of Things. In: Staggs, J., Shenoi, S. (eds) Critical Infrastructure Protection XIII. ICCIP 2019. IFIP Advances in Information and Communication Technology, vol 570. Springer, Cham. https://doi.org/10.1007/978-3-030-34647-8_9
Download citation
DOI: https://doi.org/10.1007/978-3-030-34647-8_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-34646-1
Online ISBN: 978-3-030-34647-8
eBook Packages: Computer ScienceComputer Science (R0)