Home Short Bio Research Publications Services Teaching
My current research interest is the security and privacy in Cellular Networks and Secure SMS based mobile applications. Check here.
RESEARCH PROJECTS
Analysis of Attacks on GSM Phone using Open Source Software: OsmocomBB, OpenBSC, and OpenBTS
Brief Description: In this project work, I tried to explore various services and functionalities provided by these open sources softwares namely OsmocomBB, OpenBSC, and OpenBTS, observed the outcomes of different applications (like mobile, ccch_scan etc.) with these software and wireshark, and analyzed the GSM protocol stack more closely for possibilities of attacks in GSM networks.
Design of Authentication Protocols and Message Security Algorithms in Cellular Networks
Brief Description: Cellular and mobile communication has become an important part of our daily life. Besides using cell phones for voice communication, people are now able to use cell phones to access the Internet, conduct monetary transactions, send text messages for value added services, and many other services. It is important to provide end users with secure channel to communicate information among them. Various security and performance issues of 2G, 3G, and 4G cellular networks need to be considered in order to develop a complete security system for the communication of information over the network. End-to-end security of SMS in cellular networks can lead to many advantages and opens the door for new creative and innovative applications. Applications of cellular networks include secure mobile-commerce, mobile-banking, delivering value added services, health care applications, payment reminders, military applications, stock and news alert etc. Presently, the SMS is not secure, as it is not transmitted in encrypted form.
The efficient and secure authentication and key agreement (AKA) protocols are proposed and analyzed in order to overcome various security and performance issues of cellular networks. Further, secure and efficient AKA protocols for the secure delivery of value added services using SMS and end-to-end secure transmission of SMS for mobile users, are proposed and simulated which are maintained by providing the security services like authentication, confidentiality, integrity, and non-repudiation. These AKA protocols are extended to provide secure delivery of value added services using SMS and end-to-end SMS security to multiple recipients simultaneously where authentication server is able to handle multiple requests in a batch.
Enhancing Security System of Short Message Service for M-Commerce in GSM
Brief Description: The message generated from a mobile phone is in plain text which can be easily read and modified before it reaches SMSC. Any wrong information received by the recipient can prove fatal for the user. To exploit the popularity of SMS in M-commerce and mobile banking, it is necessary to provide the proper security to SMS so that it could reach to the receiver’s mobile safely to provide data confidentiality, integrity, authentication, and non-repudiation. However, such requirements are not provided by the traditional SMS messaging. It is very necessary to secure the SMS by encryption techniques and prevent it from the various attacks applied on SMS like man-in-middle attack, replay attack, non-repudiation etc. so that it could provide the data security like confidentiality, authentication, integrity and non-repudiation. The main concept of the proposal of this work is that do the ciphering on SMS first, and then the digital signature are imposed. This signed encrypted SMS is finally transmitted.