The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.06 - June (2012 vol.11)
pp: 983-994
Patrick Traynor , Georgia Institute of Technology, Atlanta
ABSTRACT
Cellular text messaging services are increasingly being relied upon to disseminate critical information during emergencies. Accordingly, a wide range of organizations including colleges and universities now partner with third-party providers that promise to improve physical security by rapidly delivering such messages. Unfortunately, these products do not work as advertised due to limitations of cellular infrastructure and therefore provide a false sense of security to their users. In this paper, we perform the first extensive investigation and characterization of the limitations of an Emergency Alert System (EAS) using text messages as a security incident response mechanism. We show emergency alert systems built on text messaging not only can meet the 10 minute delivery requirement mandated by the WARN Act, but also potentially cause other voice and SMS traffic to be blocked at rates upward of 80 percent. We then show that our results are representative of reality by comparing them to a number of documented but not previously understood failures. Finally, we analyze a targeted messaging mechanism as a means of efficiently using currently deployed infrastructure and third-party EAS. In so doing, we demonstrate that this increasingly deployed security infrastructure does not achieve its stated requirements for large populations.
INDEX TERMS
SMS, campus alert, denial of service, security.
CITATION
Patrick Traynor, "Characterizing the Security Implications of Third-Party Emergency Alert Systems over Cellular Text Messaging Services", IEEE Transactions on Mobile Computing, vol.11, no. 6, pp. 983-994, June 2012, doi:10.1109/TMC.2011.120
REFERENCES
[1] “Earthquake and Tsunami Warning System (ETWS); Requirements and Solutions,” Technical Report 3GPP TS 23.828 v2.0.0., 3rd Generation Partnership Project, 2008.
[2] “Technical Realization of Short Message Service Cell Broadcast (SMSCB),” Technical Report 3GPP TS 03.41 v7.5.0., 3rd Generation Partnership Project, 2000.
[3] “Technical Realization of the Short Message Service (SMS),” Technical Report 3GPP TS 03.40 v7.5.0., 3rd Generation Partnership Project, 2002.
[4] Agence France-Presse, “Hoax Text Message Spreads Tsunami Terror in Indonesia,” http://www.breitbart.comarticle.php?id= 070606101917.31jf2eyb&show_arti , 2007.
[5] D. Andersen, “Mayday: Distributed Filtering for Internet Services,” Proc. USENIX Symp. Internet Technologies and Systems (USITS), 2003.
[6] T. Anderson, T. Roscoe, and D. Wetherall, “Preventing Internet Denial of Service with Capabilities,” Proc. ACM Workshop Hot Topics in Networking (HotNets), 2003.
[7] K. Argyraki and D.R. Cheriton, “Scalable Network-Layer Defense against Internet Bandwidth-Flooding Attacks,” ACM/IEEE Trans. Networking, vol. 17, no. 4, pp. 1284-1297, Aug. 2009.
[8] Associated Press, “Man Admits Sending ‘Monkey Out of Cage’ Message,” http://www.google.com/hostednews/ap/article ALeqM5gjBi_YGzVmUqV0YDKifMv, 2009.
[9] S. Blons, “Emergency Team Aids Efforts,” http://graphic. pepperdine.edu/special2007-10-24-emergencyteam.htm , 2007.
[10] M. Casado, P. Cao, A. Akella, and N. Provos, “Flow Cookies: Using Bandwidth Amplification to Defend against DDoS Flooding Attacks,” Proc. Int'l Workshop Quality of Service (IWQoS), 2006.
[11] Cellular-News, “Malaysian Operators Dismiss Hoax SMS,” http://www.cellular-news.com/story31247.php , 2008.
[12] T. Christensen, “Ga. Tech Building Cleared After Blast,” http://www.11alive.com/life/petsstory.aspx?storyid=106112 , 2007.
[13] CollegeSafetyNet.com, http:/www.collegesafetynet.com, 2008.
[14] Courant.com, “University Emergency SMS Service Doesn't Deliver,” http:/www.courant.com, Nov. 2007.
[15] B.K. Daly, “Wireless Alert & Warning Workshop,” http://www. oes.ca.gov/WebPage/oeswebsite.nsf/ ClientOESFileLibrary Wirel, 2011.
[16] e2Campus, “Mass Notification Systems for College, University & Higher Education Schools by e2Campus: Info on the Go!” http:/www.e2campus.com, 2008.
[17] A.-M. Elliott, “Texters to Experience 6 Hour Delays on New Year's Eve,” http://www.pocket-lint.co.uk/news/news.phtml/ 11895/12919palm-new-years, 2007.
[18] “Analysis of the Short Message Service (SMS) and Cell Broadcast Service (CBS) for Emergency Messaging Applications; Emergency Messaging; SMS and CBS,” Technical Report ETSI TR 102 444 V1.1.1., European Telecomm. Standards Inst., 2006.
[19] J. Gambrell, “School Shooting Text Rumours Emptied Elementary School by 10 am,” http://www.washingtonpost.com/wp-dyn/content/ article/2007/12/29AR20071, 2007.
[20] L. Ganosellis, “UF to Test Texting Alerts After LSU Glitch,” http://www.alligator.org/news/uf_administration article_3c1a9de6-670e-54fe-a882-c7e71309f83e.html , 2008.
[21] D. Geer, “Wireless Victories, Sept. 11th, 2001,” Wireless Business & Technology, 2005.
[22] J. Hedden, “Math::Random::MT::Auto - Auto-Seeded Mersenne Twister PRNGs,” http://search.cpan.org/~jdhedden/Math-Random-MT-Auto-6.18/ lib/Math/Random/MTAuto.pm , Version 5.01, 2011.
[23] HTC Corporation, “HTC Tattoo Specifications,” http://www.htc. com/europe/product/tattoo specification.html, 2009.
[24] Inspiron Logistics, “Inspiron Logistics Corporation WENS - Wireless Emergency Notification System for Emergency Mobile Alerts,” http:/www.inspironlogistics.com, 2008.
[25] Jakarta Post, “INDONESIA: Police Question Six More over SMS Hoax,” http://www.asiamedia.ucla.eduarticle-southeastasia. asp?parentid=50410 , 2006.
[26] E. Jaramillo, “UT Director: Text Alerts Effective,” http://www. dailytexanonline.com1.752094 , 2008.
[27] A. Keromytis, V. Misra, and D. Rubenstein, “SOS: Secure Overlay Services,” Proc. ACM SIGCOMM, 2002.
[28] C. Luders and R. Haferbeck, “The Performance of the GSM Random Access Procedure,” Proc. Vehicular Technology Conf. (VTC), pp. 1165-1169, June 1994.
[29] R. Mahajan, S.M. Bellovin, S. Floyd, J. Ioannidis, V. Paxson, and S. Shenker, “Controlling High Bandwidth Aggregates in the Network,” Computer Comm. Rev., vol. 32, no. 3, pp. 62-73, July 2002.
[30] A. Mahimkar, J. Dange, V. Shmatikov, H. Vin, and Y. Zhang, “dFence: Transparent Network-Based Denial of Service Mitigation,” Proc. USENIX Conf. Networked Systems Design and Implementation (NSDI), 2007.
[31] K. Maney, “Surge in Text Messaging Makes Cell Operators :-),” http://www.usatoday.com/money2005-07-27-text-messaging_ x.htm , July 2005.
[32] J. McAdams, “SMS Does SOS,” http://www.fcw.com/print/12_11/news92790-1.html , 2006.
[33] J. Mirkovic and P. Reiher, “A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms,” ACM SIGCOMM Computer Comm. Rev., vol. 34, no. 2, pp. 39-53, 2004.
[34] Nat'l Comm. System, “SMS over SS7,” technical report, Technical Information Bull. 03-2 (NCS TIB 03-2), Dec. 2003.
[35] Nat'l Notification Network (3n), “3n InstaCom Campus Alert - Mass Notification for Colleges and Universities,” http://www. 3nonline.comcampus-alert, 2008.
[36] C. Nettles, “iPhone 3 to Have Broadcom BCM4329, 802.11N/5GHz Wireless, FM Transmitter/Receiver,” http://www. 9to5mac.combroadcom-BCM4329-iphone-802.11n-FM , 2009.
[37] M. Nizza, “This Is Only a (Text Messaging) Test,” http://thelede. blogs.nytimes.com/2007/09/ 25this-is-only-a-text-messagi, 2007.
[38] Nyquetek, Inc., “Wireless Priority Service for National Security,” http://wireless.fcc.gov/releasesda051650PublicUse.pdf , 2002.
[39] Oregon State Police, “False Amber Alerts Showing up on Cell Phones,” http://www.katu.com/news/local26073444.html , 2008.
[40] B. Parno, D. Wendlandt, E. Shi, A. Perrig, and B. Maggs, “Portcullis: Protecting Connection Setup from Denial of Capability Attacks,” Proc. ACM SIGCOMM, 2007.
[41] Reverse 911, “Reverse 911 - The Only COMPLETE Notification System for Public Safety,” http://www.reverse911.comindex. php, 2008.
[42] Roam Secure, “Roam Secure,” http:/www.roamsecure.net, 2008.
[43] shelbinator.com, “Evacuate! or Not,” http://shelbinator.com/2007/11/08evacuate-or-not , 2007.
[44] Simon Fraser Univ., “Special Report on the Apr. 9th Test of SFU Alerts,” http://www.sfu.ca/sfualertsapril08_report.html , 2008.
[45] A. Stavrou, D.L. Cook, W.G. Morein, A.D. Keromytis, V. Misra, and D. Rubenstein, “WebSOS: An Overlay-Based System for Protecting Web Servers from Denial of Service Attacks,” J. Computer Networks, Special Issue on Web and Network Security, vol. 48, no. 5, pp. 781-807, 2005.
[46] A. Stavrou and A. Keromytis, “Countering DOS Attacks with Stateless Multipath Overlays,” Proc. ACM Conf. Computer and Comm. Security (CCS), 2005.
[47] The 109th Senate of the United States of Am., “Warning, Alert, and Response Network Act,” http://thomas.loc.gov/cgi-bin/queryz?c109:H.R.1753: , 2005.
[48] P. Traynor, “Characterizing the Security Implications of Third-Party EAS over Cellular Text Messaging Services,” Proc. Second IEEE Int'l Conf. Security and Privacy in Comm. Networks (SecureComm), 2010.
[49] P. Traynor, W. Enck, P. McDaniel, and T. La Porta, “Exploiting Open Functionality in SMS-Capable Cellular Networks,” J. Computer Security, vol. 16, no. 6, pp. 713-742, 2008.
[50] P. Traynor, W. Enck, P. McDaniel, and T. La Porta, “Mitigating Attacks on Open Functionality in SMS-Capable Cellular Networks,” IEEE/ACM Trans. Networking, vol. 17, no. 1, pp. 40-53, Feb. 2009.
[51] P. Traynor, M. Lin, M. Ongtang, V. Rao, T. Jaeger, T. La Porta, and P. McDaniel, “On Cellular Botnets: Measuring the Impact of Malicious Devices on a Cellular Network Core,” Proc. ACM Conf. Computer and Comm. Security (CCS), 2009.
[52] P. Traynor, P. McDaniel, and T. La Porta, “On Attack Causality in Internet-Connected Cellular Networks,” Proc. USENIX Security Symp., 2007.
[53] TXTLaunchPad, “TXTLaunchPad Provides Bulk SMS Text Message Alerts,” http:/www.txtlaunchpad.com, 2007.
[54] Voice Shot, “Automated Emergency Alert Notification Call - VoiceShot,” http://www.voiceshot.com/publicurgentalert.asp? ref=uaemergencyalert , 2008.
[55] M. Walfish, M. Vutukuru, H. Balakrishnan, D. Karger, and S. Shenkar, “DDoS Offense by Offense,” Proc. ACM SIGCOMM, 2006.
[56] Wikipedia, “Virginia Polytechnic Institute and State University,” http://en.wikipedia.org/wikiVirginia_Tech , 2008.
[57] X. Yang, D. Wetherall, and T. Anderson, “TVA: A DoS-Limiting Network Architecture,” IEEE/ACM Trans. Networking (TON), vol. 16, no. 6, pp. 1267-1280, Dec. 2008.
25 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool