The new generation mobile devices, such as smart phones, provide more and more enhanced computational functionalities via open network connections. Such mobile devices are e.g. capable of receiving e-mail, share software with one another through short-range connections, downloading and executing software from the Internet, making automated calls and act under remote control. Hence, similar to a personal computer, mobile devices and in particular the software components involved in the setting up of a connection between the mobile device to the network, are vulnerable to attacks of malicious code (malware). Typically malware attempts to make misuse of mobile device or to simply disrupt legitimate use of a mobile device.
Typically, malware makes use of security flaws in the authentication procedure which provides a subscriber access to a network. For example the GSM authentication and key agreement (AKA) only authenticates the mobile device to the network, but not the other way around. The GSM AKA is therefore vulnerable to so-called false base station attacks wherein an attacker pretends to be a valid base station. In the UMTS AKA part of these threats are mitigated by using a mutual authentication wherein the mobile device has to authenticate itself to the Visitor Location Register (VLR) and the VLR has to authenticate itself to the mobile device. An overview of the security threats in the GSM AKA and the way a number of these threats are counteracted by the UMTS AKA are described in ETSI TS 33.900.
From TS 33.900 it follows that the UMTS AKA is still vulnerable to security attacks. For example, the UMTS AKA is vulnerable to the so-called man-in-the-middle attacks, wherein a mobile device of an attacker may use authentication information from the (U)SIM of the victim in order to obtain access to the network. Such a man-in-the-middle attack allows network access as if the connection was set up by the victim. As the network cannot distinguish between a legal situation and such attack the malware allows to set up calls on the expenses of the victim thereby causing substantial damage.