TY - GEN
T1 - Exposing LTE security weaknesses at protocol inter-layer, and inter-radio interactions
AU - Raza, Muhammad Taqi
AU - Anwar, Fatima Muhammad
AU - Lu, Songwu
N1 - Publisher Copyright:
© ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2018.
PY - 2018
Y1 - 2018
N2 - Despite security shields to protect user communication with both the radio access network and the core infrastructure, 4G LTE is still susceptible to a number of security threats. The vulnerabilities mainly exist due to its protocol’s inter-layer communication, and the access technologies (2G/3G) inter-radio interaction. We categorize the uncovered vulnerabilities in three dimensions, i.e., authentication, security association and service availability, and verify these vulnerabilities in operational LTE networks. In order to assess practical impact from these security threats, we convert these threats into active attacks, where an adversary can (a) kick the victim device out of the network, (b) hijack the victim’s location, and (c) silently drain the victim’s battery power. Moreover, we have shown that the attacker does not need to communicate with the victim device or reside at the device to launch these attacks (i.e., no Trojan or malware is required). We further propose remedies for the identified attacks.
AB - Despite security shields to protect user communication with both the radio access network and the core infrastructure, 4G LTE is still susceptible to a number of security threats. The vulnerabilities mainly exist due to its protocol’s inter-layer communication, and the access technologies (2G/3G) inter-radio interaction. We categorize the uncovered vulnerabilities in three dimensions, i.e., authentication, security association and service availability, and verify these vulnerabilities in operational LTE networks. In order to assess practical impact from these security threats, we convert these threats into active attacks, where an adversary can (a) kick the victim device out of the network, (b) hijack the victim’s location, and (c) silently drain the victim’s battery power. Moreover, we have shown that the attacker does not need to communicate with the victim device or reside at the device to launch these attacks (i.e., no Trojan or malware is required). We further propose remedies for the identified attacks.
KW - LTE interaction with 2G/3G networks
KW - LTE protocol interactions
KW - LTE security
UR - http://www.scopus.com/inward/record.url?scp=85045978841&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85045978841&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-78813-5_16
DO - 10.1007/978-3-319-78813-5_16
M3 - Conference contribution
AN - SCOPUS:85045978841
SN - 9783319788128
T3 - Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST
SP - 312
EP - 338
BT - Security and Privacy in Communication Networks - 13th International Conference, SecureComm 2017, Proceedings
A2 - Ghorbani, Ali
A2 - Lin, Xiaodong
A2 - Ren, Kui
A2 - Zhu, Sencun
A2 - Zhang, Aiqing
PB - Springer-Verlag
T2 - 13th EAI International Conference on Security and Privacy in Communication Networks, SecureComm 2017
Y2 - 22 October 2017 through 25 October 2017
ER -