Evaluating the Possibility to Perpetrate Tunneling Attacks Exploiting Short-Message-Service

Sara Narteni⁺, Ivan Vaccari, Maurizio Mongelli, Maurizio Aiello, and Enrico Cambiaso
 

Institute of Electronics, Information Engineering and Telecommunications,

National Research Council of Italy (CNR-IEIIT), Via De Marini 6, 16149, Genoa, Italy

Abstract

In the cyber-security context, tunneling systems are exploited to bypass network restrictions to communicate outside of the targeted perimeter, without being detected. Such attacks represent a serious threat for the victim network, as they exploit legitimate protocols, encapsulating malicious payloads. In this paper, we design a tunneling architecture based on Short-Message-Service (SMS) and evaluate the possibility to adopt such communication medium for tunneling purposes. In order to evaluate the feasibility to set up an efficient SMS tunneling system, we perform some simulations, by varying both the payload size (from 10 Bytes to 1 MegaByte) and the SMS sending rate (up to 60 SMSs per minute). Results allow us to model the performance of a tunneling system, in terms of sending time. We derive indeed the underlying reference model through a mathematical analysis on the collected data. Results show that overall performance increases for an SMS sending rate greater or equal to 10 SMSs per minute, regardless of the message size.

Keywords: cyber-security, covert channel, data exfiltration, cyber-attacks, SMS

+: Corresponding author: Sara Narteni
Institute of Electronics, Information Engineering and Telecommunications, National Research Council of Italy (CNR-IEIIT), Via De Marini 6, 16149, Genoa, Italy, sara.narteni@ieiit.cnr.it, Tel: +39 010 6475 217

Journal of Internet Services and Information Security (JISIS), 11(3): 30-46, August 2021