Leveraging private APNs for mobile network traffic analysis

Presented at DEF CON 32 (2024), Aug. 9, 2024, 4:30 p.m. (45 minutes).

Knowing where and how your mobile and IoT devices communicate on the Internet is essential for ensuring privacy and security. In the past, it has been easy to follow their communication through a WIFI connection that you control. However, your devices are becoming more locked down and utilize mobile networks such as 4G and 5G for communication. As the devices communicate directly through mobile network base stations operated by Internet Service Providers (ISPs), tampering with or even monitoring their communication is outside your reach. While it is possible to set up a private base station, it requires expensive components and is hard to operate. However, many ISPs have begun offering private Access Point Names (APNs) to allow you to have a private network inside the ISP infrastructure. This talk will show how you can affordably leverage ISP-operated mobile networks and their private APN services to control your mobile devices' network traffic. This technique lets you inspect, filter, and tamper with your mobile devices' IP traffic for offensive and defensive cyber security needs, such as penetration testing IoT devices or monitoring mobile device endpoints for malicious traffic. - [link](https://librecellular.org/) - Janne Taponen - Economizing Mobile Network Warfare: Budget-Friendly Baseband Fuzzing - T2 2024 Conference - XiaoHuiHui - All the 4G Modules Could Be Hacked - DEF CON 27 Conference [link](https://www.youtube.com/watch?v=OORUkEsannA)

Presenters:

• Aapo Oksman - Founder at Juurin Oy
  Aapo Oksman is an entrepreneur and the Founder of Juurin Oy, a boutique company focusing on technical IoT cybersecurity. His background is in electrical engineering, embedded devices, and test automation. Combining his background with a hacking hobby led to a cybersecurity career focusing on industrial IoT. Bug Bounties and security research keep Aapo motivated and learning. His work in PKI and TLS has resulted in multiple CVEs from vendors like Microsoft, Google, Apple, and Samsung. At DEF CON 31, Aapo released a TLS hacking tool, certmitm, that has proven its worth in finding insecure TLS implementations with new vulnerabilities found constantly. Outside work and research, Aapo's passion is in the community. He organizes local security meetups and coaches the Finnish national youth CTF team in the yearly European Cybersecurity Challenge competition.

Similar Presentations:

• DEF CON 17 (2009) / Is your Iphone Pwned? Auditing, Attacking and Defending Mobile Devices
• AppSec USA 2014 / Mobile Security Attacks: A Glimpse from the Trenches
• AppSec USA 2013 / 2 Day Pre-Conference Training: Securing Mobile Devices & Applications Training