Ghost calls from operational 4G call systems: IMS vulnerability, call DoS attack, and countermeasure

Yu Han Lu, Chi-Yu Li, Yao Yu Li, Sandy Hsin Yu Hsiao, Tian Xie, Guan Hua Tu, Wei Xun Chen

研究成果: Conference contribution同行評審

8 引文 斯高帕斯(Scopus)

摘要

IMS (IP Multimedia Subsystem) is an essential framework for providing 4G/5G multimedia services. It has been deployed worldwide to support two call services: VoLTE (Voice over LTE) and VoWi-Fi (Voice over Wi-Fi). VoWi-Fi enables telephony calls over the Wi-Fi network to complement VoLTE. In this work, we uncover that the VoWi-Fi signaling session can be hijacked to maliciously manipulate the IMS call operation. An adversary can easily make ghost calls to launch a stealthy call DoS (Denial of Service) attack against specific cellular users. Only phone numbers, but not any malware or network information, are required from the victims. This sophisticated attack harnesses a design defect of the IMS call state machine, but not simply flooding or a crash trigger. To stealthily detect attackable phones at run time, we exploit a vulnerability of the 4G network infrastructure, call information leakage, which we explore using machine learning. We validate these vulnerabilities in operational 4G networks of 4 top-tier carriers across Asia and North America countries with 7 phone brands. Our result shows that the call DoS attack can prevent the victims from receiving incoming calls up to 99.0% time without user awareness. We finally propose and evaluate recommended solutions.

原文English
主出版物標題Proceedings of the 26th Annual International Conference on Mobile Computing and Networking, MobiCom 2020
發行者Association for Computing Machinery
頁面96-109
頁數14
ISBN(電子)9781450370851
DOIs
出版狀態Published - 16 4月 2020
事件26th Annual International Conference on Mobile Computing and Networking, MobiCom 2020 - London, 英國
持續時間: 21 9月 202025 9月 2020

出版系列

名字Proceedings of the Annual International Conference on Mobile Computing and Networking, MOBICOM

Conference

Conference26th Annual International Conference on Mobile Computing and Networking, MobiCom 2020
國家/地區英國
城市London
期間21/09/2025/09/20

指紋

深入研究「Ghost calls from operational 4G call systems: IMS vulnerability, call DoS attack, and countermeasure」主題。共同形成了獨特的指紋。

引用此