Stealth Attack Drains Cell Phone Batteries

August 24, 2006

Cell phones that can send or receive multimedia files could be targeted by an attack that stealthily drains their batteries, leaving cellular communications networks useless, according to computer security researchers at UC Davis.

"Battery power is the bottleneck for a cell phone," said Hao Chen, assistant professor of computer science at UC Davis. "It can't do anything with a dead battery." Cell phones are designed to conserve battery life by spending most of their time in standby mode.

Chen, and graduate students Denys Ma and Radmilo Racic, found that the MMS protocol, which allows cell phones to send and receive pictures, video and audio files, can be used to send packets of junk data to a cell phone. Every time the phone receives one of these packets, it "wakes up" from standby mode, but quickly discards the junk packet without ringing or alerting the user. Deprived of sleep by repeated pulses of junk data, the phone's batteries run down up to 20 times faster than in regular use.

The attacker needs to know the number and Internet address of the victim's cell phone, but those are easy to obtain, Chen said. The computer used to launch the attack could be anywhere on the Internet.

Chen and his students have tested the concept in the laboratory. They have also found other vulnerabilities in the MMS protocol -- one, for example, would allow users to circumvent billing for multimedia services and send files for free.

As cell phone providers offer more services, such as e-mail, Web surfing and file sharing, they become vulnerable to the same attacks as computers, as well as to new types of attack that exploit their specific vulnerabilities.

"It's important to evaluate security now, while cell phones are being connected to the broadband Internet," Chen said.

The work was presented at the 15th USENIX security symposium, July 31-Aug. 4 in Vancouver, Canada, and will be presented at IEEE Securecomm '06 in Baltimore, Md., Aug. 28-Sept. 1. The researchers notified service providers about the potential vulnerability before publishing their findings.

Source: UC Davis

Rate this story - 3.6 /5 (14 votes)

rank
1
2
3
4
5

view popular

Other News

Intel wants a chip implant in your brain

Technology / Hi Tech

19 hours ago | 4.1 / 5 (16) | 28

(PhysOrg.com) -- Computer chip maker Intel wants to implant a brain-sensing chip directly into the brains of its customers to allow them to operate computers and other devices without moving a muscle.

IBM Researchers Lower Language Barrier With Text Translator

Technology / Computer Sciences

9 hours ago | 4 / 5 (2) | 0

IBM Researchers are helping to break the language barrier with the advent of technology dubbed "n.Fluent" -- smart software that translates text between English and 11 other languages. IBM employees use it to instantaneously ...

Microsoft has held talks with Rupert Murdoch's News Corp over removing its news websites from Google, a report said

News Corp, Microsoft hold talks on Google: report

Technology / Internet

20 hours ago | 1.8 / 5 (6) | 4

Microsoft has held talks with Rupert Murdoch's News Corp over a possible plan for the software giant to pay the media company to remove its news websites from Google, a report said Monday.

Just in time for Black Friday: students turn iPhone into barcode scanner

Technology / Software

7 hours ago | 4 / 5 (1) | 0

(PhysOrg.com) -- Comparing prices over the Internet has become a common practice for consumers. Now, just in time for Black Friday, a group of Missouri University of Science and Technology students is putting ...

Workers at the Statkraft Osmotic power plant prototype in Tofte

Harnessing the power of salt, Norway tries osmotic power

Technology / Energy

20 hours ago | 3.3 / 5 (3) | 2

After wind, sun, currents and tides, a company is preparing to make clean electricity by harnessing another natural phenomenon, the energy-unleashing encounter of freshwater and seawater.