ASMONIA – Attack analysis and Security concepts for MObile Network infrastructures, supported by collaborative Information exchAnge
Protecting telecommunication networks and applications from attacks requires the implementation of a multitude of previously established technical and organizational countermeasures. This is due to the complex interplay between different technical components, end devices, protocols, servers, and tools found in access networks. It further relates to the need for collaboration between different administrative domains, such as network operators, manufacturers, service providers, government authorities, and users of these telecommunication services and applications.
Recent cyberwar incidents and the iPhone worm demonstrate the need for protection and collaborative early warning concepts tailored to the telecommunication sector. Additionally, threats to mobile networks will increase with the growing use of untrusted and malicious applications on modern mobile devices. Simultaneously, the utilization of mobile networks becomes more multifaceted (e.g., public/private use), and the technical heterogeneity (3G, 4G, non-3G and future generations) and complexity (roaming, interworking) of the overall system grows due to its interconnectedness. This trend will likely continue well into the future, due to the growing number of heterogeneous (e.g., wireless) interfaces on end devices and the increasing use of applications whose integrity cannot be guaranteed a priori.
The overall goal of ASMONIA is the development of a holistic security concept for mobile network infrastructures that satisfies the diverse requirements of modern networks. Integrity protection and attack detection solutions that exploit characteristics of resilient and flexible systems like cloud computing will therefore be integrated. The additional integration of collaborative information exchange mechanisms will improve the security level of modern communication networks. ASMONIA is funded by the German Federal Ministry of Education and Research (BMBF) within the IT Security Research work program.
The tasks of Fraunhofer AISEC involve, among others:
- Risk analysis of mobile networks and end devices
- Defining holistic and collaborative protection concepts
- Protecting the integrity of network devices
- Incorporation of resilient and flexible systems as essential protection components
- Development of attack detection and assessment techniques