Skip to main content
SpringerLink
Log in

Femtocell Security in Theory and Practice

  • Conference paper
Secure IT Systems (NordSec 2013)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8208))

Included in the following conference series:

Abstract

Femtocells are low-powered cellular base stations for mobile telephone networks, meant for home use, but still operator managed. They are an increasingly popular solution, with the number of femtocells expected to outnumber the normal cell towers by Q1 of 2013 [1].

However, femtocells also introduce a number of security concerns. Several earlier femtocells have been hacked to varying degree and analyzed. Naturally, the industry has responded and tries to create more secure femtocells.

We provide a first comprehensive analysis of the risks of attacks, given a general femtocell model. This analysis results in two new attacks. We then illustrate some of the dangers by successfully compromising a specific femtocell: the SignaalPlus Plug & Play, sold in the Netherlands by Vodafone.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Small Cell Forum. Homepage of the Small Cell Forum, http://www.smallcellforum.org/ (visited in February 2013)

  2. European Telecommunications Standards Institute, France. Universal Mobile Telecommunications System (UMTS); UTRAN architecture for 3G Home Node B (HNB); Stage 2, 3GPP TS 25.467 version 11.0.0 Release 11 (2012)

    Google Scholar 

  3. European Telecommunications Standards Institute, France. Universal Mobile Telecommunications System (UMTS); LTE; Security of Home Node B (HNB) / Home evolved Node B (HeNB) 3GPP TS 33.320 version 10.5.0 Release 10 (2012)

    Google Scholar 

  4. Chambers, D.: Femtocell Primer, 2nd edn. Lulu Enterprises Inc. (2010)

    Google Scholar 

  5. Zhang, J., de la Roche, G. (eds.): Femtocells: Technologies and Deployment. John Wiley & Sons, Ltd. (2009)

    Google Scholar 

  6. Ruggiero, M., Boccuzzi, J.: Femtocells: Design & Application. McGraw Hill Professional (2010)

    Google Scholar 

  7. Rajavelsamy, R., Lee, J., Choi, S.: Towards security architecture for home (evolved) nodeb: challenges, requirements and solutions. Security and Communication Networks 4(4), 471–481 (2011)

    Article  Google Scholar 

  8. Han, C.-K., Choi, H.-K., Kim, I.-H.: Building femtocell more secure with improved proxy signature. In: GLOBECOM IEEE (December 2009)

    Google Scholar 

  9. Segura, V., Lahuerta, J.: Modeling the economic incentives of ddos attacks: Femtocell case study. In: EISP 2010. Springer US (2010)

    Google Scholar 

  10. THC. THC website detailing an attack against a Vodafone SureSignal femtocell, http://wiki.thc.org/vodafone (visited in February 2013)

  11. Trustwave. Announcement of the samsung femtocell, https://www.trustwave.com/pressReleases.php?n=012810 (visited in March 2013)

  12. Fasel, Z., Jakubowski, M.: Website detailing how to root the samsung femtocell, http://rsaxvc.net/blog/2011/7/17/Gaining%20root%20on%20Samsung%20FemtoCells.html (visited in March 2013)

  13. Borgaonkar, R., Redon, K., Seifert, J.-P.: Security analysis of a femtocell device. In: SIN 2011. ACM, New York (2011)

    Google Scholar 

  14. Golde, N., Redon, K., Borgaonkar, R.: Weaponizing femtocells: the effect of roque devices on mobile telecommunication. In: NDSS 2012. The Internet Society (2012)

    Google Scholar 

  15. Arapinis, M., Mancini, L., Ritter, E., Ryan, M., Golde, N., Redon, K., Borgaonkar, R.: New privacy issues in mobile telephony: fix and verification. In: CCS 2012. ACM, New York (2012)

    Google Scholar 

  16. European Telecommunications Standards Institute, France. Universal Mobile Telecommunications System (UMTS); 3G Security; Security Principles and Objectives, 3GPP TS 33.120 version 4.0.0 Release 4 (2001)

    Google Scholar 

  17. European Telecommunications Standards Institute, France. Universal Mobile Telecommunications System (UMTS); Formal Analysis of the 3G Authentication Protocol, 3GPP TR 33.902 version 4.0.0, Release 4 (2001)

    Google Scholar 

  18. European Telecommunications Standards Institute, France. Digital cellular telecommunications system (Phase 2+);UMTS;LTE;3G security;Security architecture, 3GPP TS 33.102 version 11.5.0 Release 11 (2013)

    Google Scholar 

  19. European Telecommunications Standards Institute, France. Digital cellular telecommunications system (Phase 2+); Security aspects, EN 300 920 / GSM 02.09 (1998)

    Google Scholar 

  20. Tsay, J.-K., Mjølsnes, S.F.: A vulnerability in the UMTS and LTE authentication and key agreement protocols. In: Kotenko, I., Skormin, V. (eds.) MMM-ACNS 2012. LNCS, vol. 7531, pp. 65–76. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  21. GSMA. Mobile network pws and the rise of cell-broadcast, www.gsma.com/mobilefordevelopment/wp-content/uploads/2013/01/Mobile-Network-Public-Warning-Systems-and-the-Rise-of-Cell-Broadcast.pdf

  22. European Telecommunications Standards Institute, France. Universal Mobile Telecommunications System (UMTS); 3G Security; Security Threats and Requirements. 3GPP TS 21.133 version 4.1.0 Release 4 (2001)

    Google Scholar 

  23. Mulliner, C., Golde, N., Seifert, J.-P.: Sms of death: From analyzing to attacking mobile phones on a large scale. In: USENIX Security Symposium (2011)

    Google Scholar 

  24. Munaut, S.: IMSI detach DoS (April 2001), http://www.blackhat.com/presentations/bh-asia-01/gadiax.ppt

  25. P1Security. website detailing a fuzzing product for telco core-networks, http://www.p1sec.com/corp/products/p1-telecom-fuzzer-ptf/ (visited in March 2013)

Download references

Author information

Authors and Affiliations

  1. Digital Security, Radboud University Nijmegen, The Netherlands

    Fabian van den Broek & Ronny Wichers Schreur

Authors
  1. Fabian van den Broek
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ronny Wichers Schreur
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Applied Mathematics and Computer Science, DTU Compute, Technical University of Denmark, Richard Petersens Plades, Building 322, 2800, Lyngby, Denmark

    Hanne Riis Nielson

  2. Institut für Sicherheit in verteilten Anwendungen, Technische Universität Hamburg-Harburg, E-15, Harburger Schloßstraße 20, 21079, Hamburg, Germany

    Dieter Gollmann

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

van den Broek, F., Wichers Schreur, R. (2013). Femtocell Security in Theory and Practice. In: Riis Nielson, H., Gollmann, D. (eds) Secure IT Systems. NordSec 2013. Lecture Notes in Computer Science, vol 8208. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-41488-6_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-41488-6_13

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-41487-9

  • Online ISBN: 978-3-642-41488-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation