Research Article
Exposing LTE Security Weaknesses at Protocol Inter-layer, and Inter-radio Interactions
@INPROCEEDINGS{10.1007/978-3-319-78813-5_16, author={Muhammad Raza and Fatima Anwar and Songwu Lu}, title={Exposing LTE Security Weaknesses at Protocol Inter-layer, and Inter-radio Interactions}, proceedings={Security and Privacy in Communication Networks. 13th International Conference, SecureComm 2017, Niagara Falls, ON, Canada, October 22--25, 2017, Proceedings}, proceedings_a={SECURECOMM}, year={2018}, month={4}, keywords={LTE security LTE protocol interactions LTE interaction with 2G/3G networks}, doi={10.1007/978-3-319-78813-5_16} }- Muhammad Raza
Fatima Anwar
Songwu Lu
Year: 2018
Exposing LTE Security Weaknesses at Protocol Inter-layer, and Inter-radio Interactions
SECURECOMM
Springer
DOI: 10.1007/978-3-319-78813-5_16
Abstract
Despite security shields to protect user communication with both the radio access network and the core infrastructure, 4G LTE is still susceptible to a number of security threats. The vulnerabilities mainly exist due to its protocol’s inter-layer communication, and the access technologies (2G/3G) inter-radio interaction. We categorize the uncovered vulnerabilities in three dimensions, i.e., authentication, security association and service availability, and verify these vulnerabilities in operational LTE networks. In order to assess practical impact from these security threats, we convert these threats into active attacks, where an adversary can (a) kick the victim device out of the network, (b) hijack the victim’s location, and (c) silently drain the victim’s battery power. Moreover, we have shown that the attacker does not need to communicate with the victim device or reside at the device to launch these attacks (i.e., no Trojan or malware is required). We further propose remedies for the identified attacks.
