Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Touching the Untouchables - Dynamic Security Analysis of the LTE Control Plane

IEEE via YouTube

Overview

Explore a comprehensive analysis of LTE control plane security in this IEEE conference talk. Delve into the dynamic testing of control components in operational Long Term Evolution networks using LTEFuzz, a semi-automated testing tool. Learn about the systematic generation of test cases based on three fundamental security properties derived from LTE standards. Discover 36 previously undisclosed vulnerabilities categorized into five types: improper handling of unprotected initial procedures, crafted plain requests, messages with invalid integrity protection, replayed messages, and security procedure bypass. Examine proof-of-concept attacks demonstrating the impact of these vulnerabilities, including denial of LTE services, SMS spoofing, and eavesdropping on user data traffic. Gain insights into root cause analysis and potential countermeasures for addressing these security issues. Understand the ethical considerations and involvement of cellular carriers in verifying findings within commercial LTE networks.

Syllabus

Intro
LTE communication is everywhere
LTE network architecture
Previous studies and its limitations
Challenges in active network testing
Overview of LTEFuzz
Generating test cases
Executing test cases
Operational networks are complicated
Classifying the problematic behavior
LTEFuzz test environment
Implementation
Findings
Remote de-register attack
Responsible disclosure
Conclusion

Taught by

IEEE Symposium on Security and Privacy

Reviews

Start your review of Touching the Untouchables - Dynamic Security Analysis of the LTE Control Plane

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.