Stealth Attack Drains Cell Phone Batteries

Aug 24, 2006

Cell phones that can send or receive multimedia files could be targeted by an attack that stealthily drains their batteries, leaving cellular communications networks useless, according to computer security researchers at UC Davis.

"Battery power is the bottleneck for a cell phone," said Hao Chen, assistant professor of computer science at UC Davis. "It can't do anything with a dead battery." Cell phones are designed to conserve battery life by spending most of their time in standby mode.

Chen, and graduate students Denys Ma and Radmilo Racic, found that the MMS protocol, which allows cell phones to send and receive pictures, video and audio files, can be used to send packets of junk data to a cell phone. Every time the phone receives one of these packets, it "wakes up" from standby mode, but quickly discards the junk packet without ringing or alerting the user. Deprived of sleep by repeated pulses of junk data, the phone's batteries run down up to 20 times faster than in regular use.

The attacker needs to know the number and Internet address of the victim's cell phone, but those are easy to obtain, Chen said. The computer used to launch the attack could be anywhere on the Internet.

Chen and his students have tested the concept in the laboratory. They have also found other vulnerabilities in the MMS protocol -- one, for example, would allow users to circumvent billing for multimedia services and send files for free.

As cell phone providers offer more services, such as e-mail, Web surfing and file sharing, they become vulnerable to the same attacks as computers, as well as to new types of attack that exploit their specific vulnerabilities.

"It's important to evaluate security now, while cell phones are being connected to the broadband Internet," Chen said.

The work was presented at the 15th USENIX security symposium, July 31-Aug. 4 in Vancouver, Canada, and will be presented at IEEE Securecomm '06 in Baltimore, Md., Aug. 28-Sept. 1. The researchers notified service providers about the potential vulnerability before publishing their findings.

Source: UC Davis

Explore further: Phone firms and the quest for the 5G Holy Grail

add to favorites email to friend print save as pdf

Related Stories

Hackers could make smart homes stupid—or worse

Jan 07, 2015

Imagine the smart home of the future. Thanks to a central controller and wi-fi, not only does the thermostat power up and warm or cool the house as you are heading home. Smart light bulbs come on low at dusk ...

A look at North Korea's limited Internet capabilities

Dec 23, 2014

An hours-long Internet outage Tuesday in one of the world's least-wired countries was probably more inconvenient to foreigners than to North Korean residents, most of whom have never gone online. Even for wired Koreans south ...

UK rolls out eLoran as GPS backup for safe navigation

Nov 04, 2014

The UK is on top of being GPS-fail proactive with its rollout of eLoran stations along the UK coastline. eLoran is now available at Dover and along the East coast of the UK. The rollout is for the purpose ...

CloudFlare tackles lost SSL key risk with Keyless SSL

Sep 19, 2014

Organizations looking for and concerned about optimal security protection are the targets of a new service announced by San Francisco-based CloudFlare. The offering is called Keyless SSL. CloudFlare explained ...

Recommended for you

Phone firms and the quest for the 5G Holy Grail

8 hours ago

Lightning-quick downloads, driverless cars and remote surgery: telecom firms are racing to develop a new generation of "5G" mobile networks that could start to change the world in five years.

Google to offer own cellular network plan

Mar 02, 2015

Google will soon be offering cellular network plans in a bid to bridge the gap between the realms of Internet services and mobile device software it dominates.

'Slow motion at the speed of light'

Mar 02, 2015

New technology developed by a collaboration between the UA and the University of California, Los Angeles, provides real-time monitoring of streaming video to optimize network traffic.

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.