@inproceedings{e3c88cc3e6ab4b73a3314d81670a0e7d,
title = "Insecurity of voice solution VoLTE in LTE mobile networks",
abstract = "VoLTE (Voice-over-LTE) is the designated voice solution to the LTE mobile network, and its worldwide deployment is underway. It reshapes call services from the traditional circuit-switched telecom telephony to the packet-switched Internet VoIP. In this work, we conduct the first study on VoLTE security before its full rollout. We discover several vulnerabilities in both its control-plane and dataplane functions, which can be exploited to disrupt both data and voice in operational networks. In particular, we find that the adversary can easily gain free data access, shut down continuing data access, or subdue an ongoing call, etc. We validate these proof-of-concept attacks using commodity smartphones (rooted and unrooted) in two Tier-1 US mobile carriers. Our analysis reveals that, the problems stem from both the device and the network. The device OS and chipset fail to prohibit non-VoLTE apps from accessing and injecting packets into VoLTE control and data planes. The network infrastructure also lacks proper access control and runtime check.",
keywords = "Attack, Cellular networks, Defense, LTE, VoLTE",
author = "Chi-Yu Li and Tu, {Guan Hua} and Chunyi Peng and Zengwen Yuan and Yuanjie Li and Songwu Lu and Xinbing Wang",
year = "2015",
month = oct,
day = "12",
doi = "10.1145/2810103.2813618",
language = "English",
series = "Proceedings of the ACM Conference on Computer and Communications Security",
publisher = "Association for Computing Machinery",
pages = "316--327",
booktitle = "CCS 2015 - Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security",
note = "22nd ACM SIGSAC Conference on Computer and Communications Security, CCS 2015 ; Conference date: 12-10-2015 Through 16-10-2015",
}