In today's residential communities, access control intercom systems are basically installed, which brings convenience to residents and also brings about some annoyances. In the higher end areas, there are potential security risks, such as attacks on access control systems. This article gives you a detailed introduction to the attack on the wireless interface and network in the access control system.
Wireless interface-based attack
In the building intercom mobile communication network, all communication between the mobile station and the fixed network is transmitted through the wireless interface, but the wireless interface is open, and the perpetrator may eavesdrop on the channel through the wireless interface and obtain the transmission information therein. It is even possible to modify, insert, delete, or retransmit messages in the wireless interface to achieve the purpose of spoofing mobile user identities to deceive the network terminal. According to the different types of attacks, it can be divided into three types: unauthorized access to data, unauthorized access to network services, and threat integrity.
1, unauthorized access to data attacks
The main purpose of unauthorized access to data attacks is to obtain the user data and/or signaling data transmitted in the wireless interface. There are several ways to do this:
Eavesdropping on User Data - Obtaining User Information Content Eavesdropping Signaling Data - Obtaining Network Management Information and Other Wireless Tracking for Proactive Attacks - Obtaining Mobile User Identity and Location Information for Wireless Tracking Passive Transport Stream Analysis - Guess User Communication Content and Purpose Active Transport Stream Analysis - Get Access Information
2. Unauthorized access to network service attacks
In an unauthorized access network service type attack, an attacker defrauds the network by impersonating a legitimate mobile user identity, obtains authorization to access the network service, and evades payment, and the counterfeit mobile user pays for the attacker.
3, threat data integrity attacks
The target of the threat data integrity attack is the user data flow and signaling data flow in the wireless interface. The attacker realizes the purpose of deceiving the data receiver by modifying, inserting, deleting, or retransmitting these data flows. .
Network-based attacks
In the building intercom mobile communication network, the composition of the network is more complicated. It not only contains many functional units, but also the communication media between different units is not the same. Therefore, there are also some insecure factors that cannot be ignored in the security mobile network, such as wireless wiretapping, identity counterfeiting, falsification of data, and denial of service. According to the type of attack, there are the following four categories:
1, unauthorized access to data attacks
The main purpose of unauthorized access to data attacks is to obtain user data and/or signaling data transmitted between network-end units. The specific methods are as follows:
Eavesdropping on User Data - Obtaining User Communication Content Eavesdropping Signaling Data - Obtaining Security Management Data and Other Information Facilitating Active Attacks Counterfeit Communication Receivers - Obtaining User Data, Signaling Data, and Other Passive Transfer of Information Facilitating Active Attacks Stream analysis - access to information access to illegally stored data in the system - access to data stored in the system such as legitimate user authentication parameters, etc.
2. Unauthorized access to network service attacks
The main purpose of non-authorized access to network service attacks is to access the network and avoid payment. The specific manifestations are as follows:
Counterfeit legal use - access to network services authorized counterfeit service network - access to network services to counterfeit the home network - access to authentication parameters that can impersonate a legitimate user's identity abuse of user power - to enjoy network services without payment and misuse of network services - Obtaining illegal profits
3, threat data integrity attacks
The threat data integrity attacks on the building intercom mobile communication network include not only the threats of data integrity attacks in the wireless interface, but also the communication interface between the BSS and the MSC may be a wireless interface. Moreover, it also includes wired communication networks. The specific performance is as follows:
Manipulate user data streams - gain network service access rights or intentionally interfere with traffic manipulation signalling data flow - gain access to network services or intentionally interfere with communications Counterfeit communication participants - gain access to network services or intentionally interfere with communication manipulation Downloadable applications - Interfering with the normal operation of the mobile terminal Manipulating the mobile terminal - Normal operation of the mobile terminal Manipulating data stored in the network unit - Obtaining network service access rights Intentionally interfering with communications
4, after the service denial attacks
After the service, the repudiation attack is whether or not the communication occurred after the communication, thus avoiding payment or evading responsibility. The specific performance is as follows:
Payment repudiation - rejection of payment sender's denial - unwillingness to pay for the message service delivered Respondent repudiation - unwilling to pay for the received message service
Wireless interface-based attack
In the building intercom mobile communication network, all communication between the mobile station and the fixed network is transmitted through the wireless interface, but the wireless interface is open, and the perpetrator may eavesdrop on the channel through the wireless interface and obtain the transmission information therein. It is even possible to modify, insert, delete, or retransmit messages in the wireless interface to achieve the purpose of spoofing mobile user identities to deceive the network terminal. According to the different types of attacks, it can be divided into three types: unauthorized access to data, unauthorized access to network services, and threat integrity.
1, unauthorized access to data attacks
The main purpose of unauthorized access to data attacks is to obtain the user data and/or signaling data transmitted in the wireless interface. There are several ways to do this:
Eavesdropping on User Data - Obtaining User Information Content Eavesdropping Signaling Data - Obtaining Network Management Information and Other Wireless Tracking for Proactive Attacks - Obtaining Mobile User Identity and Location Information for Wireless Tracking Passive Transport Stream Analysis - Guess User Communication Content and Purpose Active Transport Stream Analysis - Get Access Information
2. Unauthorized access to network service attacks
In an unauthorized access network service type attack, an attacker defrauds the network by impersonating a legitimate mobile user identity, obtains authorization to access the network service, and evades payment, and the counterfeit mobile user pays for the attacker.
3, threat data integrity attacks
The target of the threat data integrity attack is the user data flow and signaling data flow in the wireless interface. The attacker realizes the purpose of deceiving the data receiver by modifying, inserting, deleting, or retransmitting these data flows. .
Network-based attacks
In the building intercom mobile communication network, the composition of the network is more complicated. It not only contains many functional units, but also the communication media between different units is not the same. Therefore, there are also some insecure factors that cannot be ignored in the security mobile network, such as wireless wiretapping, identity counterfeiting, falsification of data, and denial of service. According to the type of attack, there are the following four categories:
1, unauthorized access to data attacks
The main purpose of unauthorized access to data attacks is to obtain user data and/or signaling data transmitted between network-end units. The specific methods are as follows:
Eavesdropping on User Data - Obtaining User Communication Content Eavesdropping Signaling Data - Obtaining Security Management Data and Other Information Facilitating Active Attacks Counterfeit Communication Receivers - Obtaining User Data, Signaling Data, and Other Passive Transfer of Information Facilitating Active Attacks Stream analysis - access to information access to illegally stored data in the system - access to data stored in the system such as legitimate user authentication parameters, etc.
2. Unauthorized access to network service attacks
The main purpose of non-authorized access to network service attacks is to access the network and avoid payment. The specific manifestations are as follows:
Counterfeit legal use - access to network services authorized counterfeit service network - access to network services to counterfeit the home network - access to authentication parameters that can impersonate a legitimate user's identity abuse of user power - to enjoy network services without payment and misuse of network services - Obtaining illegal profits
3, threat data integrity attacks
The threat data integrity attacks on the building intercom mobile communication network include not only the threats of data integrity attacks in the wireless interface, but also the communication interface between the BSS and the MSC may be a wireless interface. Moreover, it also includes wired communication networks. The specific performance is as follows:
Manipulate user data streams - gain network service access rights or intentionally interfere with traffic manipulation signalling data flow - gain access to network services or intentionally interfere with communications Counterfeit communication participants - gain access to network services or intentionally interfere with communication manipulation Downloadable applications - Interfering with the normal operation of the mobile terminal Manipulating the mobile terminal - Normal operation of the mobile terminal Manipulating data stored in the network unit - Obtaining network service access rights Intentionally interfering with communications
4, after the service denial attacks
After the service, the repudiation attack is whether or not the communication occurred after the communication, thus avoiding payment or evading responsibility. The specific performance is as follows:
Payment repudiation - rejection of payment sender's denial - unwillingness to pay for the message service delivered Respondent repudiation - unwilling to pay for the received message service
Tungsten Carbide Tools,Tungsten Carbide Rings ,Carbide Rings ,Tungsten Carbide Inserts
Machine Tools Accessories Co., Ltd. , http://www.nbtungstencarbide.com