New Adventures in Spying 3G and 4G Users: Locate, Track & Monitor

Presented at Black Hat USA 2017, July 26, 2017, 11:15 a.m. (50 minutes).

The 3G and 4G devices deployed worldwide are vulnerable to IMSI catcher aka Stingray devices. The next generation 5G network may address user's privacy issues related to these IMSI catcher attack techniques. However in this talk, we introduce new attack vectors that enable tracking and activity monitoring of mobile users. In particular, we uncover a new flaw in the widely deployed cryptographic protocol in 3G and 4G cellular networks. We discuss different methods to exploit this flaw using low-cost setup. Further, we present several attacks to demonstrate their impact on end-users carrying 3G and 4G devices. Lastly, we discuss countermeasures to address these privacy issues.

Presenters:

  • Shinjo Park - Researcher, TU Berlin
    Shinjo Park is a PhD student in Security in Telecommunications, TU Berlin. He is interested in breaking and fixing cellular network entities, mobile applications in the world.
  • Ravishankar Borgaonkar - Oxford Research Fellow, University of Oxford
    Ravishankar Borgaonkar works as a research fellow at University of Oxford and undertakes research in securing next (5th) generation mobile networks. His primary research themes are related to mobile telecommunication and involved security threats. This ranges from 2G/3G/4G network security to end-user device security.
  • Altaf Shaik - Researcher, TU Berlin
    Altaf Shaik works as a PhD researcher at security in the telecommunication's department at TU Berlin and he primarily works on LTE security aspects.
  • Lucca Hirschi - Researcher, ETH Zürich
    Lucca Hirschi is a post-doc researcher at ETH Zürich in the Information Security Group, hosted by David Basin. His research interests mainly focus on formal methods for security and privacy and their applications (establish formal guarantees and discoveries of attacks). He completed his Ph.D at École Normale Supérieure Paris-Saclay under the supervision of David Baelde and Stéphanie Delaune.
  • Jean-Pierre Seifert - Professor, TU Berlin
    Jean-Pierre Seifert is a Professor at TU Berlin. In parallel he leads the security research at T-Labs, the R&D Labs of Deutsche Telekom AG. His research interest lies in the area of Computer & Communication Security with an emphasis on Hardware and Telecommunication Security.
  • Andrew Martin - Professor, University of Oxford
    Prof. Andrew Martin undertakes research and teaching in the area of Systems Security, in the University of Oxford. He was instrumental in setting up the University's Cyber Security Network and helps to lead it, heading Oxford's EPSRC/GCHQ-recognised Academic Centre of Excellence in Cyber Security Research. He directs the Centre for Doctoral Training in Cyber Security, which admits 16 students each year for inter-disciplinary education and research. His recent research focus has been on the technologies of Trusted Computing, exploring how they can be applied in large-scale distributed systems, particularly cloud computing, mobile devices, and the internet of things. He has published extensively in this area, hosting several related international events in Oxford and speaking on the subject all over the world. Andrew wrote a doctoral thesis on the subject 'Machine-Assisted Theorem Proving for Software Engineering', in the early 1990s. He then worked as a Research Fellow in the Software Verification Research Centre at the University of Queensland, Australia. Returning to the UK, he was briefly a lecturer at the University of Southampton, before returning to Oxford to take up his present post in 1999. Dr Martin is a fellow of Kellogg College, Oxford, and a Trustee of Bletchley Park.

Links:

Similar Presentations: