Cellular Intrusion Detection System (CIDS) DIY | LMG Security

LMG’s researchers have created the world’s first proof-of-concept cellular intrusion detection system (CIDS), which will enable enterprise security professionals to detect hacked smartphones cheaply and effectively, even in BYOD environments. Click here to download the full whitepaper with details.

• Hacked smartphones pose extreme risks to national security. Infected
  smartphones can record surrounding audio, intercept text messages,
  capture location and usage data, and send all that stolen data back to
  an attacker.
• For less than $300, LMG created a CIDS by modifying a Verizon Samsung femtocell and redirecting traffic to a server running the open-source intrusion detection software (Snort).
• LMG then infected a smartphone with the Android.Stels malware and developed custom-written Snort rules to detect it.
• LMG’s CIDS successfully detected and alerted upon the infection and the malware’s subsequent command-and-control (C&C) communications with the attacker’s server.
• No software needs to be installed on the smartphone itself.
• LMG also found a weakness in the Android.Stels malware’s C&C channel and remotely took control of the bot over the network.
• LMG’s project demonstrates that low-cost cellular intrusion detection systems (CIDSs) are not only possible, they are an inexpensive and effective way to combat mobile malware.

Click here for the whitepaper with full details on how to build your own DIY Cellular IDS.

UPDATE: Source code released! Check out the CellularIDS repository on SourceForge.

More info:
** Full details were released Thursday, August 1 2013 at the Black Hat Conference: https://www.blackhat.com/us-13/briefings.html#Davidoff
** Email [email protected] for questions and interviews.
** Video demonstration to follow– check back soon!