Abstract
Mobile Networks are rapidly moving from architectures based on GSM and 3 G to LTE. Security measures added to LTE includes stronger cryptographic primitives for authentication and encryption to plug the security holes of earlier generations. But the introduction of IP-based full inter-networking in LTE has increased the attack-surface. Despite strong authentication and encryption, there are still some messages being exchanged over the air, between an User Equipment (UE) and the eNodeB without integrity protection. This vulnerability opens the door to a severe threat landscape in the LTE network. LTE networks broadly compromises of Core Network and Radio access network. This paper presents a study on the attacks that inflict damage to the availability and privacy of the Radio access network. The paper also explores various vulnerabilities affecting the availability of Core network. Finally, a comparison of all the presented attacks based on the platform required by an attacker, affected range of the attack and impact of the attack is done.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Astély, D., Dahlman, E., Furuskär, A., Jading, Y., Lindström, M., Parkvall, S.: LTE: the evolution of mobile broadband. IEEE Commun. Mag. 47(4) (2009)
Bassil, R., Elhajj, I.H., Chehab, A., Kayssi, A.: Effects of signaling attacks on LTE networks. In: 2013 27th International Conference on Advanced Information Networking and Applications Workshops (WAINA), pp. 499–504. IEEE (2013)
Bikos, A.N., Sklavos, N.: LTE/SAE security issues on 4 G wireless networks. IEEE Secur. Priv. 11(2), 55–62 (2013)
Cao, J., Ma, M., Li, H., Zhang, Y., Luo, Z.: A survey on security aspects for lte and LTE-A networks. IEEE Commun. Surv. Tutorials 16(1), 283–302 (2014)
Dubey, A., Vohra, D., Vachhani, K., Rao, A.: Demonstration of vulnerabilities in GSM security with USRP B200 and open-source penetration tools. In: 2016 22nd Asia-Pacific Conference on Communications (APCC), pp. 496–501. IEEE (2016)
Golde, N., Redon, K., Borgaonkar, R.: Weaponizing femtocells: the effect of rogue devices on mobile telecommunications. In: NDSS (2012)
Hasan, K., Shetty, S., Oyedare, T.: Cross layer attacks on GSM mobile networks using software defined radios. In: 2017 14th IEEE Annual Consumer Communications & Networking Conference (CCNC), pp. 357–360. IEEE (2017)
He, L., Yan, Z., Atiquzzaman, M.: LTE/LTE-A network security data collection and analysis for security measurement: a survey. IEEE Access (2018)
Heuveldop, N., et al.: Ericsson mobility report. Ericsson AB, Technology Emerging Business, Stockholm, Sweden, Technical report EAB-17 5964 (2017)
Holtmanns, S., Rao, S.P., Oliver, I.: User location tracking attacks for LTE networks using the interworking functionality. In: IFIP Networking Conference (IFIP Networking) and Workshops, pp. 315–322. IEEE (2016)
Jover, R.P., Giura, P.: How vulnerabilities in wireless networks can enable advanced persistent threats. Int. J. Inf. Technol. (IREIT) (1), 2 (2013)
Jover, R.P.: Security attacks against the availability of lte mobility networks: overview and research directions. In: 2013 16th International Symposium on Wireless Personal Multimedia Communications (WPMC), pp. 1–9. IEEE (2013)
Jover, R.P.: LTE security, protocol exploits and location tracking experimentation with low-cost software radio. arXiv preprint arXiv:1607.05171 (2016)
Khosroshahy, M., Qiu, D., Ali, M.K.M.: Botnets in 4 G cellular networks: platforms to launch DDoS attacks against the air interface. In: 2013 International Conference on Selected Topics in Mobile and Wireless Networking (MoWNeT), pp. 30–35. IEEE (2013)
Mjølsnes, S.F., Olimid, R.F.: Easy 4G/LTE IMSI catchers for non-programmers. In: Rak, J., Bay, J., Kotenko, I., Popyack, L., Skormin, V., Szczypiorski, K. (eds.) MMM-ACNS 2017. LNCS, vol. 10446, pp. 235–246. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-65127-9_19
Park, S., Shaik, A., Borgaonkar, R., Martin, A., Seifert, J.P.: Whitestingray: evaluating IMSI catchers detection applications. In: USENIX Workshop on Offensive Technologies (WOOT). USENIX Association (2017)
Qiang, L., Zhou, W., Cui, B., Na, L.: Security analysis of TAU procedure in LTE network. In: 2014 Ninth International Conference on P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC), pp. 372–376. IEEE (2014)
Shaik, A., Borgaonkar, R., Asokan, N., Niemi, V., Seifert, J.P.: Practical attacks against privacy and availability in 4G/LTE mobile communication systems. arXiv preprint arXiv:1510.07563 (2015)
Spaar, D.: A practical DoS attack to the GSM network. In: DeepSec (2009)
Vohra, D., Dubey, A., Vachhhani, K.: Investigating GSM control channels with RTL-SDR and GNU radio. In: International Conference on Wireless Communications, Signal Processing and Networking (WiSPNET), pp. 1008–1012. IEEE (2016)
Yadav, T., Rao, A.M.: Technical aspects of cyber kill chain. In: Abawajy, J.H., Mukherjea, S., Thampi, S.M., Ruiz-Martínez, A. (eds.) SSCC 2015. CCIS, vol. 536, pp. 438–452. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-22915-7_40
Zugenmaier, A., Aono, H.: Security technology for SAE/LTE. NTT DOCOMO Tech. J. 11(3), 27–30 (2009)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Vachhani, K. (2019). Security Threats Against LTE Networks: A Survey. In: Thampi, S., Madria, S., Wang, G., Rawat, D., Alcaraz Calero, J. (eds) Security in Computing and Communications. SSCC 2018. Communications in Computer and Information Science, vol 969. Springer, Singapore. https://doi.org/10.1007/978-981-13-5826-5_18
Download citation
DOI: https://doi.org/10.1007/978-981-13-5826-5_18
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-13-5825-8
Online ISBN: 978-981-13-5826-5
eBook Packages: Computer ScienceComputer Science (R0)