direkt zum Inhalt springen

direkt zum Hauptnavigationsmenü

Sie sind hier

TU Berlin

Inhalt des Dokuments

SMS Client Security

In this project we analyzed the security of Short Message Service (SMS) client implementations on mobile and smartphones. SMS is one of the most used features in the mobile telephony world.

The project is separated into three parts. Security analysis of SMS on smartphones. Security analysis of SMS on feature phones. SMS vulnerability countermeasures.

The project lead to multiple publications and several talks and further to the completion of one Diploma Thesis. This project got a lot of media attention and was featured in many different online and print articles and a few radio shows.

Publications:

  • SMS-of-Death: from analyzing to attacking mobile phones on a large scale [1] Collin Mulliner, Nico Golde, Jean-Pierre Seifert, In the proceedings of the 20th USENIX Security Symposium, August 8–12, 2011, in San Francisco, CA
  • SMS Vulnerability Analysis on Feature Phones, Diploma Thesis Nico Golde February 2011 Berlin, Germany
  • Countering SMS Attacks [2]: Filter Recommendations Nico Golde and Collin Mulliner Technical Report: 2011-04 ISSN: 1436-9915 Berlin, Germany April 2011
  • Injecting SMS Messages into Smart Phones for Security Analysis [3] C. Mulliner and C. Miller In the Proceedings of the 3rd USENIX Workshop on Offensive Technologies (WOOT) Montreal, Canada August 2009

Talks:

  • SMS-o-Death: from analyzing to attacking mobile phones on a large scale [4]Nico Golde and Collin Mulliner CanSecWest 2011 Vancouver, Canada March 9-11 2011
  • Attacking SMS Collin Mulliner SISCTI 36 Monterrey, Mexico March 3-5 2011 (invited)
  • SMS-o-Death: from analyzing to attacking mobile phones on a large scale Nico Golde and Collin Mulliner 27th Chaos Communication Congres (27c3) Berlin, Germany December 27-30 2010
  • Vulnerability Analysis of SMS Implementations on Mobile and Smart Phones Collin Mulliner Columbia University New York City, New York, USA August 9th, 2010
  • Vulnerability Analysis of SMS Implementations on Mobile and Smart Phones Collin Mulliner Stanford University Palo Alto, CA, USA August 5th, 2010 (invited)
  • Vulnerability Analysis of SMS Implementations on Mobile and Smart Phones Collin Mulliner Samsung R&D San Jose, CA, USA August 4th, 2010
  • Fuzzing the Phone in your Phone [5] Collin Mulliner 26th Chaos Communication Congress (26C3) Berlin, Germany December 28th 2009
  • Fuzzing the Phone in your Phone Collin Mulliner RSS (Recurity Labs Security Symposium) Berlin, Germany October 27th 2009 (invited)
  • Fuzzing the Phone in your Phone Collin Mulliner SEC-T Stockholm, Sweden September 2009 (invited)
  • Fuzzing the Phone in your Phone Collin Mulliner, Charlie Miller Black Hat USA 2009 Las Vegas, Nevada, USA July 2009

Media (selected):

  • Hintertüren und Killer-SMS Hacker knacken Handys und Smartphones [6] 03.11.2011 (Der Spiegel)
  • "SMS of Death" Could Crash Many Mobile Phones [7] 01.04.2011 (TechnologyReview)
  • Simplest Phones Open to 'SMS of Death' [8] 12.28.2010 (Wired)
  • Viele Handymodelle lassen sich per SMS lahmlegen [9] 12.28.2010 (Handelsblatt)
  • Researchers attack my iPhone via SMS [10] 07.29.09 (cnet.com)
  • How To Hijack 'Every iPhone In The World' [11] 07.28.09 (forbs.com)


Downloads:

  • SMS-o-Death demo video: http://www.youtube.com/watch?v=vseY9kFCkIc [12]
  • SMS-o-Death talk from 27c3: http://mirror.fem-net.de/CCC/27C3/mp4-h264-HQ/27c3-4060-en-attacking_mobile_phones.mp4 [13]


People:

  • Collin Mulliner
  • Nico Golde [14]

Postal Address

Technische Universität Berlin - An-Institut Telekom Innovation Laboratories
Fakultät IV
Sekr. TEL16
Ernst-Reuter-Platz 7
10587 Berlin

Assistant

Claudia Petzsch
+49 - 30 - 8353 58 681
TEL
Raum TEL16
E-Mail-Anfrage [15]

Map

  • Security in Telecommunications [16]
------ Links: ------

Zusatzinformationen / Extras

Direktzugang

Schnellnavigation zur Seite über Nummerneingabe

Copyright TU Berlin 2008