29-08-2014, 10:26 AM
MOBILE PHONES CLONING
[attachment=67286]
ABSTRACT:
Mobile communications has been readily available
for several years, and is major business today. It
provides a valuable service to its users who are
willing to pay a considerable premium over a fixed
line phone, to be able to walk and talk freely.
Because of its usefulness and the money involved in
the business, it is subject to fraud. Unfortunately,
the advance of security standards has not kept pace
with the dissemination of mobile communication.
Some of the features of mobile communication
make it an alluring target for criminals. It is a
relatively new invention, so not all people are quite
familiar with its possibilities, in good or in bad. Its
newness also means intense competition among
mobile phone service providers as they are
attracting customers. The major threat to mobile
phone is from cloning. If someone is suffering from
unexpectedly high mobile phone bills then there is
a chance of mobile cloning. It is also known as
‘cell phone piracy’. Today millions of mobile
phones users, be it Global System for Mobile
Introduction
Mobile phone cloning is basically a technique
where in the transfer or copying the identity or
security data of one cellular phone to another is
done. The other cell phone becomes the exact
replica of the original cell phone like a clone. As a
result, while calls can be made from both phones
and only the original phone is billed. This is usually
done for the purpose of making fraudulent phone
calls. The bills for the calls go to the legitimate
subscriber. The cloner is also able to make
effectively anonymous calls, which attracts another
group of interested users. Though the
communication channels are equipped with
security algorithms, yet cloner get away with the
help of loop holes in the system. So when one get
huge bills, the chances are that the phone is being
cloned. Cloning is the process of taking the
programmed information that is stored in a
legitimate mobile phone and illegally programming
the identical information into another mobile
phone. The result is that the “cloned” phone can
make and receive calls and the charges for those
calls are billed to the legitimate subscriber. The
service provider network does not have a way to
differentiate between the legitimate phone and the
“cloned” phone. Million of cell phone users, be it
GSM or CDMA, run at a risk of having their
phones cloned. As a cell phone user if you have
been receiving exorbitantly high bills for calls that
were never placed, chances are that your cell phone
could be cloned. Unfortunately, there is no way the
subscriber can detect cloning. Event like call
dropping or anomalies in monthly bills can act as
tickers. According to media reports, recently the
Delhi police arrested a person with 20 cell phones,
a laptop, a SIM scanner and a writer. The accused
was running an exchange illegally where he cloned
CDMA based cell phones. He used software named
Pantagonia for the cloning and provided cheap
international calls to Indian immigrants in West
Asia. This paper describes about the cell phone
cloning with implementation in GSM and CDMA
technology phones. It gives an insight into the
security mechanism in CDMA and GSM phones
along with the loop holes in the systems and
discusses on the different ways of preventing this
cloning. Moreover, the future threat of this fraud is
being elaborated.
Cloning GSM Cell Phones:
Cloning has been done easier on CDMA but rare
on Global System for Mobile communication
(GSM), one of the most widely used mobile phone
communication systems. However, cloning GSM
phones is achieved by cloning the SIM card
contained within, not necessarily any of the
phone’s internal data as GSM phones do not have
ESN number. There are various methods used to
obtain the ESN, the most common are to crack the
cellular company, or eavesdrop on the cellular
network. GSM SIM card are usually copied by
removing the SIM card and placing a device
between the handset and the SIM card and allowing
it to operate for a few days and extracting the secret
code.
3. Process of Cloning
Cloning involves modifying or replacing the
EPROM in the phone with a new chip which would
allow you to configure an ESN (Electronic Serial
Number) via software. MIN (Mobile Identification
Number) should also have to change. When the
ESN/MIN pair had changed successfully then an
effective clone of the original phone has created.
Cloning required access to ESN and MIN pairs.
ESN/MIN pairs were discovered in several ways:
Future Threats
Resolving subscriber fraud can be a long and
difficult process for the victim. It may take time to
discover that subscriber fraud has occurred and
even longer time to prove that you did not incur the
debts. As described in this paper that there are
many ways to abuse telecommunication system,
and to prevent abuse from occurring it is absolutely
necessary to check out the weakness and
vulnerability of existing telecoms system. If it is
planned to invest in new telecom equipment, a
security plan should be made and the system tested
before being implemented. It is therefore
mandatory to keep in mind that a technique which
is described as safe today can be the most
unsecured technique in the future.
8. Conclusion
Presently the cellular phone industry relies on
common law (fraud and theft) and in house counter
measures to address cellular phone fraud. Existing
cellular systems have a number of potential
weaknesses that were need to be considered. It is
crucial that business and staff take mobile phone
security seriously. Awareness and a few simple
precautions as a part of the overall enterprise
security policy will deter all but the most
sophisticated criminal. It is also mandatory to keep
in mind that a technique which is described as safe
today can be most unsecured technique in the
future. Therefore it is absolutely important to check
the function of a security system once a year and if
necessary update or replace it. Finally, cell phones
have to go a long way in security before they can
be used in critical applications.
[attachment=67286]
ABSTRACT:
Mobile communications has been readily available
for several years, and is major business today. It
provides a valuable service to its users who are
willing to pay a considerable premium over a fixed
line phone, to be able to walk and talk freely.
Because of its usefulness and the money involved in
the business, it is subject to fraud. Unfortunately,
the advance of security standards has not kept pace
with the dissemination of mobile communication.
Some of the features of mobile communication
make it an alluring target for criminals. It is a
relatively new invention, so not all people are quite
familiar with its possibilities, in good or in bad. Its
newness also means intense competition among
mobile phone service providers as they are
attracting customers. The major threat to mobile
phone is from cloning. If someone is suffering from
unexpectedly high mobile phone bills then there is
a chance of mobile cloning. It is also known as
‘cell phone piracy’. Today millions of mobile
phones users, be it Global System for Mobile
Introduction
Mobile phone cloning is basically a technique
where in the transfer or copying the identity or
security data of one cellular phone to another is
done. The other cell phone becomes the exact
replica of the original cell phone like a clone. As a
result, while calls can be made from both phones
and only the original phone is billed. This is usually
done for the purpose of making fraudulent phone
calls. The bills for the calls go to the legitimate
subscriber. The cloner is also able to make
effectively anonymous calls, which attracts another
group of interested users. Though the
communication channels are equipped with
security algorithms, yet cloner get away with the
help of loop holes in the system. So when one get
huge bills, the chances are that the phone is being
cloned. Cloning is the process of taking the
programmed information that is stored in a
legitimate mobile phone and illegally programming
the identical information into another mobile
phone. The result is that the “cloned” phone can
make and receive calls and the charges for those
calls are billed to the legitimate subscriber. The
service provider network does not have a way to
differentiate between the legitimate phone and the
“cloned” phone. Million of cell phone users, be it
GSM or CDMA, run at a risk of having their
phones cloned. As a cell phone user if you have
been receiving exorbitantly high bills for calls that
were never placed, chances are that your cell phone
could be cloned. Unfortunately, there is no way the
subscriber can detect cloning. Event like call
dropping or anomalies in monthly bills can act as
tickers. According to media reports, recently the
Delhi police arrested a person with 20 cell phones,
a laptop, a SIM scanner and a writer. The accused
was running an exchange illegally where he cloned
CDMA based cell phones. He used software named
Pantagonia for the cloning and provided cheap
international calls to Indian immigrants in West
Asia. This paper describes about the cell phone
cloning with implementation in GSM and CDMA
technology phones. It gives an insight into the
security mechanism in CDMA and GSM phones
along with the loop holes in the systems and
discusses on the different ways of preventing this
cloning. Moreover, the future threat of this fraud is
being elaborated.
Cloning GSM Cell Phones:
Cloning has been done easier on CDMA but rare
on Global System for Mobile communication
(GSM), one of the most widely used mobile phone
communication systems. However, cloning GSM
phones is achieved by cloning the SIM card
contained within, not necessarily any of the
phone’s internal data as GSM phones do not have
ESN number. There are various methods used to
obtain the ESN, the most common are to crack the
cellular company, or eavesdrop on the cellular
network. GSM SIM card are usually copied by
removing the SIM card and placing a device
between the handset and the SIM card and allowing
it to operate for a few days and extracting the secret
code.
3. Process of Cloning
Cloning involves modifying or replacing the
EPROM in the phone with a new chip which would
allow you to configure an ESN (Electronic Serial
Number) via software. MIN (Mobile Identification
Number) should also have to change. When the
ESN/MIN pair had changed successfully then an
effective clone of the original phone has created.
Cloning required access to ESN and MIN pairs.
ESN/MIN pairs were discovered in several ways:
Future Threats
Resolving subscriber fraud can be a long and
difficult process for the victim. It may take time to
discover that subscriber fraud has occurred and
even longer time to prove that you did not incur the
debts. As described in this paper that there are
many ways to abuse telecommunication system,
and to prevent abuse from occurring it is absolutely
necessary to check out the weakness and
vulnerability of existing telecoms system. If it is
planned to invest in new telecom equipment, a
security plan should be made and the system tested
before being implemented. It is therefore
mandatory to keep in mind that a technique which
is described as safe today can be the most
unsecured technique in the future.
8. Conclusion
Presently the cellular phone industry relies on
common law (fraud and theft) and in house counter
measures to address cellular phone fraud. Existing
cellular systems have a number of potential
weaknesses that were need to be considered. It is
crucial that business and staff take mobile phone
security seriously. Awareness and a few simple
precautions as a part of the overall enterprise
security policy will deter all but the most
sophisticated criminal. It is also mandatory to keep
in mind that a technique which is described as safe
today can be most unsecured technique in the
future. Therefore it is absolutely important to check
the function of a security system once a year and if
necessary update or replace it. Finally, cell phones
have to go a long way in security before they can
be used in critical applications.