A Review of Counter-Measures for Simjacker Attacks

A Review of Counter-Measures for Simjacker Attacks

연구 분야: Strategies

학회: International Conference on Recent Developments in Cyber Security

In the realm of automotive telematics, where software within telematics systems interacts with GSM modems and Universal Integrated Circuit Cards (UICCs), this paper investigates the vulnerability to Simjacker attacks. The integration of software within telematics gateways and the communication between modems and UICCs are critical components for enabling remote connectivity and services in vehicles. However, inadequate encryption and authorization practices expose these systems to unauthorized Protocol Data Unit (PDU) bytecode execution, exemplified by SIMJacker attacks. This research assesses compliance with ISO standards within automotive telematics systems, focusing on interfaces, security features, and processes involving modems, UICCs, and embedded software. By addressing vulnerabilities specific to telematics environments, our goal is to develop robust security measures against SIMJacker and similar threats. These measures aim to ensure industry-standard compliance, enhance end-user trust, and safeguard automotive telematics ecosystems. We have to fuzz our SIM card against different set of PDU and thereafter we can asses risk for product and achieve Cybersecurity Goals as stated in ISO 21434 clause 9.