With the advancement of science and technology and people’s demand for mobile communication services, building access control intercom systems are being applied to various communities. At present, the building access control intercom mobile communication network will continue to move forward, and it will be able to more perfectly realize the communication service needs of the majority of building intercom mobile communication users.
Insecurity in wireless interfaces
In the building intercom mobile communication network, all communication between the mobile station and the fixed network is transmitted through the wireless interface, but the wireless interface is open, and the perpetrator may eavesdrop through the wireless interface to obtain the transmission information therein. It is even possible to modify, insert, delete, or retransmit messages in the wireless interface to achieve the purpose of spoofing mobile user identities to deceive the network terminal. According to the different types of attacks, it can be divided into three types: unauthorized access to data, unauthorized access to network services, and threat integrity.
1. Unauthorized access to data attacks
The main purpose of unauthorized access to data attacks is to obtain the user data and/or signaling data transmitted in the wireless interface. There are several ways to do this:
Eavesdropping on User Data - Obtaining User Information Content Eavesdropping Signaling Data - Obtaining Network Management Information and Other Information for Proactive Attacks Wireless Tracking - Obtaining Mobile User Identity and Location Information to Enable Wireless Tracking Passive Transport Stream Analysis - Guess User Communication Content and Purpose Active Transport Stream Analysis - Get Access Information
Unauthorized access to network service attacks
In an unauthorized access network service type attack, an attacker defrauds the network by impersonating a legitimate mobile user identity, obtains authorization to access the network service, and evades payment, and the counterfeit mobile user pays for the attacker.
Threat Data Integrity Attacks
The target of the threat data integrity attack is the user data flow and signaling data flow in the wireless interface. The attacker realizes the purpose of deceiving the data receiver by modifying, inserting, deleting, or retransmitting these data flows. .
In the building intercom mobile communication network, the composition of the network is relatively complicated. It not only contains many functional units, but also the communication media between different units is not the same. Therefore, there are also some insecure factors that cannot be ignored in the security mobile network, such as wireless wiretapping, identity counterfeiting, falsification of data and denial of service. According to the type of attack, there are the following four categories:
1. Unauthorized access to data attacks
The main purpose of unauthorized access to data attacks is to obtain user data and/or signaling data transmitted between network-end units. The specific methods are as follows:
Eavesdropping on User Data - Obtaining User Communication Content Eavesdropping Signaling Data - Obtaining Security Management Data and Other Information Facilitating Active Attacks Counterfeit Communication Receivers - Obtaining User Data, Signaling Data, and Other Passive Information for Proactive Attacks Stream analysis - access to information access to illegally stored data in the system - access to data stored in the system such as legitimate user authentication parameters, etc.
Unauthorized access to network service attacks
The main purpose of non-authorized access to network service attacks is to access the network and avoid payment. The specific manifestations are as follows:
Counterfeit Legal Use—Acquisition of counterfeit service network for access to network services—Access to network services to counterfeit home networks—Acquire authentication parameters that can be used to impersonate legitimate users Misuse of users’ authority—Enjoy network services without payment and abuse of network services— Obtaining illegal profits
Threat Data Integrity Attacks
The threat data integrity attacks on the building intercom mobile communication network include not only the threats of data integrity attacks in the wireless interface, but also the communication interface between the BSS and the MSC may be a wireless interface. Moreover, it also includes wired communication networks. The specific performance is as follows:
Manipulate user data streams - gain access to network services or intentionally interfere with traffic manipulation signalling data streams - gain access to network services or intentionally interfere with communications Counterfeit communications participants - gain access to network services or intentionally interfere with communications manipulation Downloadable applications - Interfering with the normal operation of the mobile terminal Manipulating the mobile terminal - Normal operation of the mobile terminal Manipulating data stored in the network unit - Obtaining network service access rights Intentionally interfering with communication
4. Deficit attacks after service
After the service, the repudiation attack is whether or not the communication occurred after the communication, thus avoiding payment or evading responsibility. The specific performance is as follows:
Payment repudiation - rejection of payment sender's denial - unwillingness to pay for messaging service responsibilities Recipient repudiation - unwillingness to pay for the received messaging service
There are various insecurity factors in radio communication networks - such as wireless wiretapping, identity counterfeiting, falsification of data and denial of service. These security factors directly affect the security of the community, then how to avoid these problems, it depends on the efforts of various manufacturers to delve into.