Influenza A virus subtype H5N1 novel interrogation newspaper [PDF] of late published yesteryear researchers at Purdue University as well as the University of Iowa details 10 novel cyber attacks against the 4G LTE wireless information communications technology for mobile devices as well as information terminals.
The attacks exploit pattern weaknesses inwards 3 fundamental protocol procedures of the 4G LTE network known equally attach, detach, as well as paging.
Unlike many previous research, these aren't only theoretical attacks. The researchers employed a systematic model-based adversarial testing approach, which they called LTEInspector, as well as were able to exam 8 of the 10 attacks inwards a existent testbed using SIM cards from 4 large USA carriers.
- Authentication Synchronization Failure Attack
- Traceability Attack
- Numb Attack
- Authentication Relay Attack
- Detach/Downgrade Attack
- Paging Channel Hijacking Attack
- Stealthy Kicking-off Attack
- Panic Attack
- Energy Depletion Attack
- Linkability Attack
Among the above-listed attacks, researchers reckon an authentication relay laid on is peculiarly worrying, equally it lets an assailant connect to a 4G LTE network yesteryear impersonating a victim's telephone issue without whatever legitimate credentials.
"Through this laid on the adversary tin poisonous substance the place of the victim device inwards the amount networks, hence allowing setting upward a mistaken alibi or planting imitation testify during a criminal investigation," the written report said.
Other notable attacks reported yesteryear the researchers could allow attackers to obtain victim’s coarse-grained place information (linkability attack) as well as launch denial of service (DoS) laid on against the device as well as direct maintain it offline (detach attack).
"Using LTEInspector, nosotros obtained the intuition of an laid on which enables an adversary to perchance hijack a cellular device’s paging channel alongside which it tin non only halt notifications (e.g., call, SMS) to accomplish the device but too tin inject fabricated messages resulting inwards multiple implications including liberate energy depletion as well as activeness profiling," the newspaper reads.
Using panic attack, attackers tin do artificial chaos yesteryear broadcasting imitation emergency messages close life-threatening attacks or riots to a large issue of users inwards an area.
What's interesting close these attacks is that many of these tin move carried out for $1,300 to $3,900 using relatively low-cost USRP devices available inwards the market.
Researchers direct maintain no plans to release the proof-of-concept code for these attacks until the flaws are fixed.
Although at that spot are approximately possible defenses against these observed attacks, the researchers refrained from discussing one.
The newspaper reads: "retrospectively adding safety into an existing protocol without breaking backward compatibility ofttimes yields band-aid-like-solutions which do non jibe upward nether extreme scrutiny."
"It is too non clear, especially, for the authentication relay laid on whether a defence exists that does non take away major infrastructural or protocol overhaul," it adds. "A possibility is to employ a distance-bounding protocol; realization of such protocol is, however, rare inwards practice."The vulnerabilities are most worrying that in i lawsuit once to a greater extent than enhance concerns close the safety of the prison theatre cellular telephone standards inwards the existent world, potentially having an industry-wide impact.
