Unblocking Stolen Mobile Devices Using SS7-MAP Vulnerabilities: Exploiting the Relationship between IMEI and IMSI for EIR Access

Rao, Siddharth Prakash; Holtmanns, Silke; Oliver, Ian; Aura, Tuomas

doi:10.1109/trustcom.2015.500

Cited by 26 publications

(10 citation statements)

References 1 publication

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…These technologies can be classified into two groups: virtual identifiers and physical identifiers. Currently, the most popular identifiers (IMEI, MAC-address) are recorded into the memory of the device [58], which makes them vulnerable to cloning and tampering [59]- [62]. An alternative recently was proposed a concept of hybrid identifier [58], which is significantly more resilient to tampering and potentially may address the issue of reliable device identification in the network.…”

Section: B Network and Mac Levelsmentioning

confidence: 99%

IoT technologies for Augmented Human: A survey

Pirmagomedov

Koucheryavy

2021

Internet of Things

View full text Add to dashboard Cite

Internet of Things (IoT) technology has delivered new enablers for improving human abilities. These enablers promise an enhanced quality of life and professional efficiency; however, the synthesis of IoT and human augmentation technologies has also extended IoT-related challenges far beyond the current scope. These potential challenges associated with IoTempowered Augmented Human (AH) have so far not been wellinvestigated. Thus, this article attempts to introduce readers to AH concept as well as summarize notable research challenges raised by such systems, in order to facilitate readers further interest in this topic. The article considers emerging IoT applications for human augmentation, devices and design principles, connectivity demands, and security aspects.

show abstract

Section: B Network and Mac Levelsmentioning

confidence: 99%

IoT technologies for Augmented Human: A survey

Pirmagomedov

Koucheryavy

2021

Internet of Things

View full text Add to dashboard Cite

show abstract

“…[67], [68], [69] U V-A1 TMSI Deanonymization (Paging Attack) [4], [5], [86] U V-A1 Cell-Level Tracking with SS7/MAP [56] U V-D1 GPS Location with SS7/LCS [56] U V-D1 Integrity ASN.1 Heap Overflow [87] U,P VI-A1 Binary Baseband Exploit [11], [88], [89] U VI-A1 SMS Parsing [90], [91] U VI-A1 SIM Card Rooting [85] U VI-A1 Fraud Fake Base Station SMS Spam [92], [93] U V-B1 LTE IMS-based SMS Spoofing [83], [94] U VII-A1 Misbilling: TCP Retransmission or DNS Tunneling [95], [95], [96] P VII-B1 Underbilling using VoLTE Hidden Channels [97], [98] P VII-B1 Uplink IP Header Spoofing/Cloak-and-Dagger Misbilling [28], [99] U VII-A1 Unblock Stolen Devices [100] U V-D1 yes, applicable, needed for attack partially/supportive/optional no, not applicable, or does not apply ? property unknown not depend on a specification and can be implemented directly into network components.…”

Section: H Defensesmentioning

confidence: 99%

On Security Research Towards Future Mobile Network Generations

Rupprecht

Dabrowski

Holz

et al. 2018

IEEE Commun. Surv. Tutorials

View full text Add to dashboard Cite

Over the last decades, numerous security and privacy issues in all three active mobile network generations have been revealed that threaten users as well as network providers. In view of the newest generation (5G) currently under development, we now have the unique opportunity to identify research directions for the next generation based on existing security and privacy issues as well as already proposed defenses. This paper aims to unify security knowledge on mobile phone networks into a comprehensive overview and to derive pressing open research questions. To achieve this systematically, we develop a methodology that categorizes known attacks by their aim, proposed defenses, underlying causes, and root causes. Further, we assess the impact and the efficacy of each attack and defense. We then apply this methodology to existing literature on attacks and defenses in all three network generations. By doing so, we identify ten causes and four root causes for attacks.Mapping the attacks to proposed defenses and suggestions for the 5G specification enables us to uncover open research questions and challenges for the development of next-generation mobile networks. The problems of unsecured pre-authentication traffic and jamming attacks exist across all three mobile generations. They should be addressed in the future, in particular to wipe out the class of downgrade attacks and, thereby, strengthen the users' privacy. Further advances are needed in the areas of inter-operator protocols as well as secure baseband implementations. Additionally, mitigations against denial-of-service attacks by smart protocol design represent an open research question.

show abstract

“…They appear to downplay the importance of SS7 network security, despite being provided with all the relevant information. Because older technologies are still widely in use for roaming and as temporary solutions (CSFB), quite a few attack vectors take advantage of interworking between the technologies (see [3] for one example).…”

Section: Telecom Security Audits: Real-world Considerationsmentioning

confidence: 99%

“…Current research on Diameter security shows that it is possible to gather information about subscribers [1][2][3], locate and track them [1,2], and perform denial of service (DoS) attacks on them [1,2].…”

Section: Introductionmentioning

confidence: 99%