Corpus ID: 199010399

Experimental Study of Spoofing Alerts in 4g Lte Networks

  title={Experimental Study of Spoofing Alerts in 4g Lte Networks},
  author={Gyuhong Lee},
Modern mobile phones should receive and display alert messages, such as AMBER alerts, emergency alerts, and (unblockable) presidential alerts, under the mandate of the Warning, Alert, and Response Act of 2006. In January 2018, an alert message that a ballistic missile was heading to Hawaii had been sent out in Hawaii state. Although it turned out to be caused by human error, it showed how this alert message could affect people. In addition, in October 2018, a test to broadcast unblockable… Expand


LTE/LTE-A jamming, spoofing, and sniffing: threat assessment and mitigation
The extent to which LTE is vulnerable to RF jamming, spoofing, and sniffing is investigated, and different physical layer threats that could affect next-generation critical communication networks are assessed. Expand
SMS of Death: From Analyzing to Attacking Mobile Phones on a Large Scale
This paper built a framework to analyze the security of SMS clients of feature phones, the most common type of mobile phone in the world, based on a small GSM base station and discovered vulnerabilities in the feature phone platforms of all major manufacturers. Expand
CEIVE: Combating Caller ID Spoofing on 4G Mobile Phones Via Callee-Only Inference and Verification
CEIVE (Callee-only inference and verification), an effective and practical defense against caller ID spoofing, is proposed, a victim callee only solution without requiring additional infrastructure support or changes on telephony systems. Expand
Practical Attacks Against Privacy and Availability in 4G/LTE Mobile Communication Systems
This work constitutes the first publicly reported practical attacks against LTE access network protocols and recommends that safety margins introduced into future specifications to address such trade-offs should incorporate greater agility to accommodate subsequent changes in the trade-off equilibrium. Expand
LTEInspector: A Systematic Approach for Adversarial Testing of 4G LTE
A modelbased testing approach LTEInspector is proposed which lazily combines a symbolic model checker and a cryptographic protocol verifier in the symbolic attacker model for exposing vulnerabilities in the 4G LTE protocol. Expand
Insecurity of Voice Solution VoLTE in LTE Mobile Networks
This work conducts the first study on VoLTE security before its full rollout, discovering several vulnerabilities in both its control-plane and data-plane functions, which can be exploited to disrupt both data and voice in operational networks. Expand
Defeating IMSI Catchers
This work proposes a solution, which essentially replaces the IMSIs with changing pseudonyms that are only identifiable by the home network of the SIM's own network provider, and therefore mitigate both passive and active attacks. Expand
New Security Threats Caused by IMS-based SMS Service in 4G LTE Networks
This work uncovers its security vulnerabilities and exploits them to devise four SMS attacks: silent SMS abuse, SMS spoofing, SMS client DoS, and SMS spamming, and proposes remedies to the identified security issues. Expand
A Formal Analysis of 5G Authentication
This work provides the first comprehensive formal model of a protocol from the AKA family: 5G AKA, and finds that some critical security goals are not met, except under additional assumptions missing from the standard. Expand
Breaking and Fixing VoLTE: Exploiting Hidden Data Channels and Mis-implementations
In the process of unveiling the free data channels, this paper identifies a number of additional vulnerabilities of early VoLTE implementations, which lead to serious exploits, such as caller spoofing, over-billing, and denial-of-service attacks. Expand