Security Issues and challenges in – GSM, 1G, 2G, 3G, 4G

What is Security?(2 marks)

Security refers to the measures and practices used to protect systems, data, networks, and
individuals from unauthorized access, harm, or attacks.
− Ensures that information is accessible only to those authorized to access it.
o Eg. Encrypting sensitive data like passwords to prevent unauthorized access.
− Protects information from being altered or tampered with by unauthorized entities.
o Eg. Digital signatures ensure the authenticity and unaltered state of documents.
− Ensures that authorized users have reliable access to resources and information when
needed. Eg. Implementing backups and redundant systems to prevent downtime.
#imp
Sorting of security issues in GSM- or Security issues and challenges in GSM (9 marks)
1. Sorting Based on the Layer of Occurrence
GSM security vulnerabilities can be classified into three layers of the communication system:
a. Air Interface (Wireless Communication) Vulnerabilities
• GSM relies on encryption for wireless communication between the Mobile Station (MS)
and Base Transceiver Station (BTS). Vulnerabilities include:
1. Short encryption range: Encryption protects only the communication between
MS and BTS. Beyond this, in the fixed network, data is transmitted in plain text.
2. False BTS attacks: Attackers can set up rogue BTSs to deactivate encryption,
forcing MS to send unencrypted data. Users are not notified when this happens.
3. Eavesdropping: Weak encryption (64-bit key) makes it easier for attackers to
intercept calls and messages.
b. Fixed Network Vulnerabilities
• Communication within the fixed network (e.g., between BTS, BSC, and MSC) lacks
encryption, making it vulnerable to:
1. Attackers can capture unencrypted signaling traffic to steal sensitive information.
2. Sensitive user data is transmitted unprotected in the core network.
c. Authentication and Integrity Flaws
• GSM only provides one-way authentication:
1. No user authentication of the network: Users cannot verify the legitimacy of the
network, enabling rogue BTS attacks.
2. No integrity protection: There is no mechanism to ensure that the data being
transmitted has not been altered, allowing attackers to modify or corrupt data
during transmission.

2. Sorting Based on the Type of Threat

GSM security challenges can also be grouped into types of threats:
a. Passive Threats
• Involve listening or observation without interfering with the system. Examples:
1. Eavesdropping: Intercepting calls and messages due to weak encryption.
2. Privacy issues: Location tracking based on GSM signals.
b. Active Threats
• Involve interfering with the system or manipulating data. Examples:
1. Replay attacks: Capturing authentication data and retransmitting it to gain
unauthorized access.
2. Denial of Service (DoS) attacks: Flooding the network with excessive traffic to
disrupt legitimate services.
c. Fraudulent Activities
• These exploit GSM vulnerabilities for financial gain or malicious purposes:
 1. SIM cloning: Duplicating a subscriber’s SIM card to use their account
fraudulently.
2. Account suspension: GSM detects duplicate SIMs and disables the affected
account, disrupting legitimate services.

3. Sorting Based on the Source of Vulnerability

The source of vulnerabilities can be divided into two categories:
a. Internal Vulnerabilities (Inherent to GSM Technology)
• Weak encryption standards (64-bit keys).
• Lack of integrity protection for transmitted data.
• No provision for mutual authentication (user cannot verify the network).
b. External Exploits (Caused by Attackers)
• Rogue BTS attacks to disable encryption.
• Replay attacks using intercepted authentication data.
• SIM cloning and unauthorized access.

4. Sorting Based on Impact

The issues can also be grouped based on whom they affect:
a. User-Level Impact
• Loss of privacy due to eavesdropping.
• Financial losses and legal risks from SIM cloning.
• Disruption of services when accounts are suspended after SIM duplication detection.
b. Network-Level Impact
• Overloading of network resources due to DoS attacks.
• Breaches of sensitive signaling traffic in the core network.
#imp
Security Issues in 1G, 2G, 3G, and 4G (2 marks each)
1G Security Issues
1G refers to the first generation of wireless communication technology introduced in the 1980s.
It was entirely analog and lacked significant security features.
1. No Encryption: Communication was transmitted in plain analog signals, making it easy
for attackers to intercept calls using simple radio scanners.
2. No Authentication: 1G did not authenticate users or devices, allowing anyone to
impersonate another user’s device or identity.
3. Easy Eavesdropping: Attackers could listen to conversations by tuning into the same
frequency as the ongoing communication.
4. Cloning of Mobile Devices: Without proper authentication, attackers could clone the
identity of a mobile device and make unauthorized calls using the victim’s account.
5. Billing Fraud: Due to the lack of encryption and authentication, attackers could make
fraudulent calls, leading to financial losses for subscribers.
6. No Data Security: 1G only supported voice communication with no mechanisms to
secure emerging data transmissions.

2G Security Issues (#can write same issues from GSM)

2G introduced digital communication and basic encryption but still had notable weaknesses.
1. Weak Encryption: 2G used 64-bit encryption keys, which were relatively weak by modern
standards and vulnerable to brute-force attacks.
2. One-Way Authentication: The network authenticated the user, but the user could not
authenticate the network, enabling fake BTS (Base Transceiver Station) attacks.
3. SIM Cloning: The use of SIM cards introduced identity-based access, but attackers could
clone SIMs to impersonate legitimate users.
 4. Man-in-the-Middle Attacks: Fake BTSs could intercept communications, forcing
devices to disable encryption and transmit unencrypted data.
5. No Integrity Protection: Data transmitted over 2G lacked mechanisms to detect and
prevent unauthorized alterations.

3G Security Issues
3G improved security by adding mutual authentication and stronger encryption, but challenges
persisted.
1. Backward Compatibility Flaws: 3G devices supporting 2G networks inherited the
vulnerabilities of 2G, such as weak encryption and one-way authentication.
2. Privacy Issues: Though 3G encrypted user data, metadata like location and call
durations could still be tracked by attackers.
3. Fake BTS Attacks: While 3G required mutual authentication, attackers could still exploit
fallback mechanisms to connect devices to fake BTSs.
4. Key Management Issues: The complexity of encryption key distribution and
management created risks of key compromise.
5. Denial of Service (DoS) Attacks: Attackers could flood the network with excessive
traffic, disrupting services for legitimate users.

4G Security Issues
4G introduced IP-based communication, offering better encryption and mutual authentication,
but new challenges arose due to its internet-like architecture.
1. IP Spoofing: Since 4G relies on IP communication, attackers can spoof IP addresses to
impersonate legitimate users or network entities.
2. Denial of Service (DoS) Attacks: The all-IP nature of 4G networks makes them
susceptible to DoS attacks that can overwhelm the network.
3. Rogue Base Stations: Attackers can set up rogue base stations to intercept user traffic
or force devices to downgrade to less secure 2G or 3G networks.
4. DNS Spoofing: Manipulating Domain Name System (DNS) entries allows attackers to
redirect users to malicious websites.
5. Core Network Vulnerabilities: The IP-based core network introduces risks like packet
sniffing and man-in-the-middle attacks if encryption is improperly implemented.
6. Lack of End-to-End Encryption: While 4G secures the wireless link, end-to-end
encryption for user data is often not implemented, leaving sensitive data vulnerable to
interception.
What is Multimedia Security? (3 marks)
Multimedia Security refers to the set of techniques and measures implemented to protect
multimedia content, such as images, audio, video, and interactive applications, from
unauthorized access, theft, modification, and misuse. It ensures the confidentiality,
integrity, and availability of multimedia data throughout its lifecycle—from creation to
distribution and storage.
1. Prevents unauthorized copying and distribution of copyrighted content.
2. Safeguards sensitive multimedia data like medical images or personal videos.
3. Maintains the integrity of multimedia files by ensuring they are not altered or
manipulated.
4. Confirms the origin and authenticity of the multimedia content.
5. Protects multimedia content shared over networks from interception and misuse.
Challenges in Multimedia Security
1. Multimedia files like HD videos or high-quality audio are large, making encryption and
transmission resource intensive.
2. Ensuring security while maintaining performance in real-time streaming.
 3. Numerous multimedia formats complicate the implementation of uniform security
measures.
4. Multimedia content can be prone to malware or hacking attempts.

Multimedia Security in 5G and 6G (9 marks) #imp

The emergence of 5G and the conceptualization of 6G networks have transformed multimedia
communication. With faster speeds, lower latency, and advanced applications like augmented
reality (AR), virtual reality (VR), and Internet of Things (IoT), these networks demand robust
security measures to safeguard multimedia content.

1. Multimedia Security in 5G Networks

5G networks offer high-speed data transfer, massive connectivity, and low-latency
communication, enabling a wide range of multimedia applications. However, these
advancements introduce significant security challenges.
1. Increased Attack Surface: With billions of connected devices, multimedia traffic
becomes a prime target for attackers. Example: IoT-enabled multimedia devices like
smart TVs are vulnerable to hacking.
2. Real-Time Data Transmission: Ensuring the security of multimedia content in real-time,
especially in AR/VR applications, is complex.
3. Interoperability Issues: Multimedia data may pass through multiple network providers
and technologies, increasing risks of interception and misuse.
4. Denial of Service (DoS) Attacks: Overwhelming multimedia streaming platforms with
excessive requests can disrupt services.
5. Deepfake Threats: Advanced 5G-enabled AI tools can manipulate multimedia content
to create deepfakes, posing risks to authenticity.
6. Privacy Concerns: Location-based multimedia services and personalized
advertisements rely on user data, raising privacy issues.
5G Multimedia Security Solutions
1. End-to-End Encryption (E2EE): Encrypts multimedia content from the source to the
destination, preventing unauthorized access. 5G-enabled video conferencing uses E2EE
to secure conversations.
2. AI-Based Threat Detection: AI systems detect and mitigate anomalies in multimedia
traffic in real-time. Example: Identifying unusual patterns in streaming data to prevent
tampering.
3. Blockchain for Content Authentication: Blockchain secures the provenance and
ownership of multimedia content, protecting against piracy and deepfake threats.
4. Network Slicing Security: 5G supports network slicing, allowing dedicated slices for
multimedia applications with tailored security measures.

2. Multimedia Security in 6G Networks

6G is expected to build on 5G advancements, offering speeds up to 100 times faster, ultra-low
latency, and seamless integration of AI-driven technologies. This evolution will enable immersive
multimedia experiences, such as holographic communication (Real-time, 3D visual interactions
for remote meetings and entertainment.), but will also bring unique security challenges.
1. Quantum Computing Threats: Traditional encryption methods may be vulnerable to
quantum computers capable of breaking current cryptographic algorithms.
2. Hyper-Connected Ecosystem: With trillions of devices connected, ensuring secure
multimedia transmission becomes increasingly complex.
3. AI-Generated Content Risks: AI-driven tools in 6G may create undetectable deepfakes
and fake multimedia content.
4. Data Localization and Privacy: Handling multimedia content across international
borders raises regulatory and privacy concerns.
 5. Holographic Content Manipulation: Intercepting or altering real-time holographic
communication poses new risks.
6. Energy Constraints for Security: Advanced security mechanisms must operate
efficiently to meet 6G's energy-saving goals.
6G Multimedia Security Solutions
1. Post-Quantum Cryptography: Deploys encryption algorithms resistant to quantum
computing attacks, securing multimedia content.
2. Blockchain-Integrated AI: Combines blockchain with AI to verify multimedia content
authenticity in real-time.
3. Self-Healing Networks: AI-powered networks can detect and recover from attacks on
multimedia systems automatically.
4. Zero-Trust Architecture: Assumes no device or network node is inherently secure,
requiring continuous verification for multimedia access.

Visible Light Communication (VLC) #imp

Visible Light Communication (VLC) is a wireless communication technology that uses visible
light (wavelength range 380–750 nm) to transmit data.
VLC primarily uses LED lights due to their ability to modulate light at high speeds.

The architecture of VLC consists of three main layers:

1. Application Layer:
o This is the topmost layer that directly interacts with users and applications. It
provides the interface through which users can access VLC services.
o It is responsible for defining how data is presented to users and how user
commands are sent to the network.
o Examples of applications using VLC include indoor positioning systems, data
transfer between devices, and smart lighting systems.
2. MAC Layer:
o The MAC layer acts as a bridge between the application layer and the physical
layer. It manages how devices share the medium (light) for communication.
o It controls the access to the shared light medium to avoid collisions when
multiple devices try to communicate simultaneously.
o Key functions of the MAC layer include:
▪ Mobility Support: Ensures that devices can maintain communication
while moving within the VLC coverage area.
▪ Dimming Support: Allows for the adjustment of light intensity, which can
affect the transmission of data.
▪ Security Support: Implements measures to protect data being
transmitted against unauthorized access.
▪ Data Transmission: It decides the direction in which the data packets
should go to reach their destination.
3. Physical Layer:
o The physical layer is responsible for the actual transmission of data over the
visible light medium. It defines the characteristics of the VLC system.
o It includes components such as light-emitting diodes (LEDs) as transmitters and
photodiodes as receivers. LEDs modulate light to encode data, while
photodiodes detect the light and convert it back into data.
o The physical layer outlines the processes involved in sending and receiving data:
 ▪ Input bits are processed and modulated into light signals, which are then
transmitted.
▪ The receiving device captures these light signals, demodulates them, and
translates them into usable data.
Interaction Between Layers:
o The Application Layer sends data to the MAC Layer, which manages the
transmission to ensure it reaches the correct destination without interference.
o The MAC Layer interacts with the Physical Layer to control how data is physically
transmitted using light.
o The Physical Layer handles the actual sending and receiving of data, making sure
that the signals are clear and accurate.
Applications of Visible Light Communication (VLC) (5 marks)
1. Vehicle & Transportation:
o VLC can facilitate communication between vehicles, enhancing road safety and
traffic management. For instance, cars equipped with VLC can share information
about road conditions, obstacles, or traffic signals, helping to prevent accidents.
o Traffic lights can use VLC to communicate with vehicles, providing real-time
updates about signal changes and traffic patterns. This allows for smoother
traffic flow and reduces congestion.
2. Hospitals and Healthcare:
o VLC can be used to transmit data from medical devices to monitors or healthcare
professionals. This ensures that patient data, such as vital signs, is continuously
and securely communicated without interfering with other wireless signals.
o VLC can enhance indoor navigation within hospitals. Patients and staff can use
VLC-enabled devices to find their way through complex hospital layouts,
improving efficiency and patient care.
3. Underwater Communication:
o Submarine Communication: VLC can provide an effective alternative by using
light to transmit data, making it suitable for submarine communication.
Underwater sensors can use VLC to transmit data regarding water quality,
temperature, and other environmental factors to surface stations, facilitating
real-time monitoring and data collection.
4. LiFi (Light Fidelity):
o High-Speed Internet Access: LiFi is a form of VLC that offers high-speed wireless
internet access using LED lights. It can provide faster data transmission rates
than conventional Wi-Fi, making it ideal for environments with high bandwidth
demands, such as offices and schools.
5. Defence & Security:
o VLC can be employed in military applications to create secure communication
channels. The inability of light to penetrate physical barriers ensures that
sensitive data remains protected from interception. VLC can enhance the
capabilities of security camera systems by providing a secure method for
transmitting video footage.
6. Aviation:
o VLC can be utilized in aircraft for communication between cockpit and cabin
crew, as well as with ground control, minimizing the risk of interference with radio
frequencies used for navigation and communication.
o Airlines can use VLC to provide high-speed data streaming for in-flight
entertainment systems, allowing passengers to enjoy movies, music, and other
content seamlessly.

Distributed Ledger(5 marks)

A Distributed Ledger is a database that exists across multiple locations or nodes in a network.
It enables multiple participants (nodes) to have synchronized copies of the same data (ledger),
ensuring transparency, security, and efficiency in data management.
The attached image illustrates the concept of a distributed ledger with four nodes (Node A,
Node B, Node C, and Node D), each maintaining its copy of the ledger.
− Unlike traditional systems where data is stored in a central location (e.g., a server), in a
distributed ledger, every node has its own copy of the ledger. This eliminates the need for
a central authority to manage or verify transactions.
− All nodes communicate with each other to ensure their ledgers remain consistent. If a
new transaction is added to Node A’s ledger, this change is propagated to other nodes
(B, C, and D) to update their copies.
− Each node can verify the transactions recorded in the ledger, ensuring trust among
participants. Everyone has access to the same version of the ledger.
− Once data is recorded in the ledger, it cannot be altered or deleted. This ensures data
integrity and prevents tampering.
− Nodes must agree on the validity of a transaction before it is added to the ledger. This is
achieved through consensus algorithms (e.g., Proof of Work, Proof of Stake).

Working:
1. Nodes: Nodes are participants in the network (e.g., banks, organizations, or individuals).
In the image, Nodes A, B, C, and D represent institutions or systems that manage a copy
of the ledger.
2. Ledger: The ledger is the database that stores all transactions or records. Each node has
a copy of this ledger, ensuring redundancy and resilience.
3. Communication Between Nodes: Nodes exchange data (transactions or updates) with
one another, as shown by the arrows in the image. When Node A updates its ledger, it
communicates this update to Nodes B, C, and D to keep all copies synchronized.
4. Records: The ledger can contain digital records, such as financial transactions, property
ownership, or supply chain data.

UMTS Security Process (9 marks) #imp

The UMTS Security Process ensures secure communication between a mobile subscriber (MS)
and the network. It uses a mechanism called Authentication and Key Agreement (AKA) to verify
identities and establish secure keys without exposing sensitive information like passwords.
1. The mobile subscriber (MS) and the network verify each other’s identities.
2. They prove knowledge of a shared secret key without revealing the key.
3. The required information for this process is transferred from the home network
(HLR/AuC) to the serving network (VLR).

Step 1: Request for Authentication Vectors (AVs): The visited network's VLR (Visitor Location
Register) sends a request to the home network's HLR (Home Location Register) or AuC
(Authentication Center) for a set of Authentication Vectors (AVs).
Step 2: Calculation of Authentication Vectors
• The HLR/AuC calculates the AVs using: The MS’s secret key (K).
• This key is stored:
o On the HLR/AuC in the home network.
 o On the USIM (User Identity Module) of the mobile subscriber.
Step 3: Transmission of Authentication Vectors: The HLR/AuC sends a set of AVs to the visited
network's VLR
Step 4: Challenge to the MS: The visited network's VLR selects one AV and sends a challenge to
the MS. This challenge includes RAND: A random number & AUTN: An authentication token.
Step 5: Verification of AVs and Generation of Keys: The USIM on the MS processes the AUTN
using its secret key (K) to verify the challenge:
o the USIM generates:
1. Confidentiality Key (CK) for encrypting data.
2. Integrity Key (IK) for ensuring data authenticity.
3. Response (RES) to the challenge.
Step 6: Reply by MS: The MS sends the generated RES back to the visited network's VLR
Step 7: Verification of RES
• The visited network’s VLR compares the received RES from the MS with the Expected
Response (XRES) from the AV.
o If they match: The MS is authenticated. The keys (CK and IK) are used to secure
communication.
o If they don’t match: Authentication fails, and the connection is denied.

Example for Better Understanding

1. Imagine a bank ATM transaction:
o You (MS) enter a unique PIN (secret key) to verify yourself.
o The bank server (network) verifies the entered PIN with the one stored in its
database.
o If the PIN matches, the transaction proceeds (authentication successful).
o Similar to this, the MS and network verify their identities using a shared secret key
(K) during AKA.

Bluetooth Security Architecture (9 marks) #imp

1. Security Manager (Central Component)

The Security Manager is the heart of the Bluetooth security architecture.
• Authentication: Verifies the identity of devices attempting to establish a connection.
This is achieved using methods like PIN codes or secure key exchanges during the pairing
process.
• Authorization: Determines whether a connected device has permission to access
specific services or resources. For example, a smartphone may block certain features
(like file transfer) for unknown devices but allow audio streaming.
• Encryption: Encrypts data being transmitted over the Bluetooth connection to prevent
unauthorized interception. The encryption ensures that even if data is captured by an
attacker, it cannot be read without the correct decryption key.
The Security Manager communicates with the device and service databases to make real-time
security decisions.

2. Databases
These are crucial for storing and retrieving security-related data.
a) Device Database: Stores information about all paired devices.
• This includes Device addresses, Authentication status, Encryption keys associated with
paired devices.
• During a connection request, the Security Manager queries the Device Database to
check if the requesting device is trusted.
b) Service Database: Contains details about the services provided by the device.
o A file transfer service might require both authentication and encryption.
o A simple audio streaming service might not require authentication.
• The Security Manager uses this database to decide whether a device is authorized to use
a particular service.
c) General Management Entity: Responsible for managing global settings and configurations for
Bluetooth security. It supports tasks such as configuring device visibility.

3. Communication Layers
interacts with the Security Manager to ensure secure data transfer.
a) User Interface: The part of the system that allows the user to: View connection requests,
Accept or reject pairing.
b) Applications: These are the software components that rely on Bluetooth communication,
such as: File-sharing apps, Wireless audio apps, IoT device controllers.
c) RFCOMM (Radio Frequency Communication)
• A protocol that emulates serial communication over Bluetooth.
• Often used for applications like file transfer and serial port emulation.
• Provides secure and reliable data transport between devices.
d) L2CAP (Logical Link Control and Adaptation Protocol)
• This protocol is responsible for Segmenting large data packets into smaller pieces for
transmission and reassembling them at the receiving end.

4. Host Controller Interface (HCI)

• The HCI serves as the bridge between the software layers (User Interface, Applications,
L2CAP) and the hardware layers (Link Manager, Link Controller).
• It passes commands from the Security Manager to the Bluetooth hardware to enforce
security policies.

5. Link Manager and Link Controller

These components operate at the hardware level to handle the physical aspects of the Bluetooth
connection:
• Link Manager Sets up and manages logical connections between devices and also
Implements security protocols such as pairing, authentication, and encryption.
• Link Controller: Handles the actual transmission and reception of data via Bluetooth
radio frequencies and ensures that the security policies are adhered to.

• Query: During a connection attempt, the Security Manager queries the databases to
verify if the requesting device meets the security requirements.
• Registration: When a new device or service is added, its details are registered in the
appropriate database.
Wireless Security Protocols/Tools (2 marks)
Wireless security protocols and tools are designed to safeguard data and ensure privacy during
communication over wireless networks. They protect against unauthorized access, data
breaches, and other cyber threats. These protocols and tools are essential as wireless networks
transmit data through airwaves, making them inherently more vulnerable to attacks.
WEP (Wired Equivalent Privacy) (3 marks)
WEP was one of the first wireless security protocols developed to secure Wi-Fi networks. Its goal
was to provide the same level of security as a wired network, but it had significant limitations.
How WEP Works:
• Shared Key: WEP uses a single static key (password) shared by all devices on the
network.
• RC4 Algorithm: It encrypts data using the RC4 encryption algorithm, making data
unreadable to unauthorized users.
• Initialization Vector: Adds a random value to the key to provide some variation in
encryption.
WPA2 (Wi-Fi Protected Access 2) (3 marks)
WPA2 is a much more secure protocol introduced as an improvement over WEP and WPA. It
became the standard for wireless security for many years and is still widely used today.
How WPA2 Works:
1. AES Encryption: WPA2 uses AES (Advanced Encryption Standard), a highly secure
encryption method used by governments and organizations worldwide. This makes data
transmission highly secure.
2. CCMP Protocol: WPA2 uses the CCMP to ensure data integrity. It prevents tampering
and unauthorized access.
3. Dynamic Key Management: Unlike WEP, WPA2 dynamically generates and updates
encryption keys, making it much harder for attackers to intercept data.

Kismet (4 marks) #imp

Kismet is a powerful tool used for network detection, packet sniffing, and intrusion detection in
wireless LANs (Local Area Networks) that follow the IEEE 802.11 standards (Wi-Fi). Kismet is a
free, open-source software tool for wireless network monitoring.
− Kismet acts as a packet sniffer, capturing packets of data transmitted over a wireless
network. A packet sniffer records all network traffic, allowing for detailed analysis of how
devices are communicating.
− This capability makes Kismet useful for troubleshooting network issues, detecting
intrusions, and gathering information about devices in the network.
− Kismet can detect unauthorized devices (rogue access points) or malicious activities in
a network.

Kismet Architecture
Kismet's architecture is modular, consisting of three main components: Drone, Server, and
Client.
1. Drone: a sensor that collects raw data packets from the wireless network. It forwards these
packets to the Server for processing.
2. Server: the core processing unit of Kismet. It interprets the data collected by the Drone,
organizes it, and stores useful information such as: Network names (SSID), Signal strength and
encryption type, Device details (e.g., MAC addresses of access points and clients).
3. Client: the user-facing component that communicates with the Server.it displays the analyzed
data in a user-friendly format

How Kismet Works

− Kismet monitors traffic from legitimate Access points (APs) and their connected wireless
users.
− Kismet detects rogue APs created by attackers to trick wireless users into connecting.
These rogue APs can be used to steal sensitive information.
− Kismet identifies attackers attempting to compromise the network.
− Kismet Drone sensor collects raw network data and forwards it to the Server.
 − The Server processes the data received from the Drone, interprets it, and organizes the
findings.
− The Client presents the processed data to the administrator.

Universal Radio Hacker (URH) (4 marks) #imp

Universal Radio Hacker (URH) is an advanced software tool designed to investigate and analyze
unknown wireless communication protocols. It is particularly useful in security research for
reverse-engineering protocols, identifying vulnerabilities, and understanding the logic behind
wireless data exchange.
− URH is a free, open-source software designed to analyze wireless communication
protocols. It works with Software Defined Radios (SDRs) to capture, decode, and
interpret wireless signals.
− URH supports a wide range of SDRs, making it a versatile tool for wireless signal analysis.
It works on multiple operating systems, including Linux, macOS, and Windows.

How URH Works

1. Capturing Signals: URH connects to an SDR to capture wireless signals from IoT devices,
sensors, or other wireless communication systems. The signals are recorded and stored
for further analysis.
2. Signal Demodulation: Once the signal is captured, URH demodulates it. Demodulation
is the process of extracting the original information (bits) from a modulated carrier signal.
URH simplifies this process by automatically detecting modulation parameters, such as
amplitude, frequency, or phase shifts.
3. Decoding Data: Captured signals are often encoded for transmission. URH provides
customizable decoding options to crack even the most complex encodings. It converts
the demodulated signals into binary data (bits), making them easier to interpret and
analyze.
4. Protocol Analysis: URH helps analyze and reverse-engineer wireless protocols:
Users can manually assign labels, define protocol fields, and identify message types in
the captured data or URH can automatically interpret protocol fields using a rules.
5. Finding Vulnerabilities: URH uses techniques like fuzzing to test the protocol for
security vulnerabilities. Fuzzing involves sending unexpected or random data to the
system to identify weak points or potential exploits.
6. Simulation Environment: For stateful protocols, URH provides a simulation
environment to emulate real-world communication scenarios and test various attack
strategies.

Post-Quantum Cryptography (PQC) (5 marks)

• Post-Quantum Cryptography refers to cryptographic algorithms designed to be secure
against attacks from quantum computers. Quantum computers, due to their massive
computational power, can break many of the cryptographic systems (like RSA, ECC) used
today. PQC aims to replace these with quantum-resistant algorithms.
How Does Post-Quantum Cryptography Work?
PQC relies on mathematical problems that are difficult even for quantum computers to solve,
such as:
 1. Lattice-based Cryptography: Uses problems involving points in a multidimensional grid
(lattice) that are hard to compute.
2. Hash-based Cryptography: Builds encryption systems using secure hash functions.
3. Code-based Cryptography: Uses error-correcting codes to create secure systems.
4. Multivariate Polynomial Cryptography: Uses complex systems of equations that are
difficult to solve.
Performance: Post-quantum algorithms can require more computational resources than
current cryptography.
Deployment: Replacing existing cryptographic systems with PQC can be complex and time-
consuming.

Molecular Communication (5 marks)

• Molecular Communication is a biological-inspired communication method where
messages are transmitted using molecules instead of electromagnetic waves (like in Wi-
Fi or radio). It's used in environments where traditional communication methods don’t
work, such as inside the human body or underwater.
How Does Molecular Communication Work?
1. Message Encoding: Information is encoded in the properties of molecules, such as their
type, concentration, or release time.
2. Molecule Transmission: Molecules are released into the medium (e.g., blood, water, or
air) and travel to the receiver.
3. Receiver Decoding: The receiver detects and decodes the molecular signals to retrieve
the transmitted message.

Applications of Molecular Communication

1. Medical Applications:
o Drug Delivery: Communicate with nanobots or microcarriers to deliver medicine
to a specific part of the body.
o Health Monitoring: Transmit signals from inside the body to diagnose diseases.
2. Underwater Communication:
o In underwater environments where electromagnetic signals don’t work well,
molecular communication can send information between devices.
3. Environmental Monitoring:
o Detect and transmit data about pollutants, toxins, or other substances in the air
or water.