How voice call technology poses security threats in 4G LTE networks

Guan Hua Tu, Chi-Yu Li, Chunyi Peng, Songwu Lu

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

23 Scopus citations

Abstract

To support voice calls vital to mobile users and carriers, 4G LTE cellular networks adopt two solutions: VoLTE (Voice Over LTE) and CSFB (Circuit-Switched FallBack). In this paper, we disclose that both schemes are harmful to mobile users from a security perspective. The adoption of the latest VoLTE allows an attacker to manipulate the radio resource states of the victim's device in a silent call attack, thereby draining the victim's battery 5-8 times faster. CSFB exhibits two vulnerabilities of exposing 4G↔3G network switch to adversaries. This can be further exploited to launch ping-pong attacks where mobile users may suffer from up to 91.5% performance downgrade, or 4G denial-of-service (DoS) attacks where mobile users are deprived of 4G LTE connectivity without their consent. We devise two proof-of-concept attacks as showcases, and demonstrate their viability over operational LTE networks. We analyze their root causes and uncover that the problems lie in seemingly sound design decisions for functional correctness but such choices bear unexpected and intriguing implications for security design. We finally propose remedies to mitigate the attack damage.

Original languageEnglish
Title of host publication2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages442-450
Number of pages9
ISBN (Electronic)9781467378765
DOIs
StatePublished - 3 Dec 2015
Event3rd IEEE International Conference on Communications and Network Security, CNS 2015 - Florence, Italy
Duration: 28 Sep 201530 Sep 2015

Publication series

Name2015 IEEE Conference on Communications and NetworkSecurity, CNS 2015

Conference

Conference3rd IEEE International Conference on Communications and Network Security, CNS 2015
Country/TerritoryItaly
CityFlorence
Period28/09/1530/09/15

Fingerprint

Dive into the research topics of 'How voice call technology poses security threats in 4G LTE networks'. Together they form a unique fingerprint.

Cite this