CISPA
Browse

MobileAtlas: Geographically Decoupled Measurements in Cellular Networks for Security and Privacy Research

Download (845.81 kB)
conference contribution
posted on 2023-11-29, 18:25 authored by Gabriel Karl Gegenhuber, Wilfried Mayer, Edgar Weippl, Adrian Dabrowski
Cellular networks are not merely data access networks to the Internet. Their distinct services and ability to form large complex compounds for roaming purposes make them an attractive research target in their own right. Their promise of providing a consistent service with comparable privacy and security across roaming partners falls apart at close inspection. Thus, there is a need for controlled testbeds and measurement tools for cellular access networks doing justice to the technology’s unique structure and global scope. Particularly, such measurements suffer from a combinatorial explosion of operators, mobile plans, and services. To cope with these challenges, we built a framework that geographically decouples the SIM from the cellular modem by selectively connecting both remotely. This allows testing any subscriber with any operator at any modem location within minutes without moving parts. The resulting GSM/UMTS/LTE measurement and testbed platform offers a controlled experimentation environment, which is scalable and cost-effective. The platform is extensible and fully open-sourced, allowing other researchers to contribute locations, SIM cards, and measurement scripts. Using the above framework, our international experiments in commercial networks revealed exploitable inconsistencies in traffic metering, leading to multiple phreaking opportunities, i.e., fare-dodging. We also expose problematic IPv6 firewall configurations, hidden SIM card communication to the home network, and fingerprint dial progress tones to track victims across different roaming networks and countries with voice calls.

History

Preferred Citation

Gabriel Gegenhuber, Wilfried Mayer, Edgar Weippl and Adrian Dabrowski. MobileAtlas: Geographically Decoupled Measurements in Cellular Networks for Security and Privacy Research. In: Usenix Security Symposium (USENIX-Security). 2023.

Primary Research Area

  • Secure Connected and Mobile Systems

Name of Conference

Usenix Security Symposium (USENIX-Security)

Legacy Posted Date

2023-05-09

Open Access Type

  • Green

BibTeX

@inproceedings{cispa_all_3942, title = "MobileAtlas: Geographically Decoupled Measurements in Cellular Networks for Security and Privacy Research", author = "Gegenhuber, Gabriel Karl and Mayer, Wilfried and Weippl, Edgar and Dabrowski, Adrian", booktitle="{Usenix Security Symposium (USENIX-Security)}", year="2023", }

Usage metrics

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC